How do I keep my wallet safe?

Do-or-die Ethereum wallet safety to protect your DeFi assets

Abishek Dharshan avatar
Written by Abishek Dharshan
Updated over a week ago

Your wallet is your gateway to DeFi and the world of web 3.0. It’s the equivalent of your personal bank account, except there is no bank. You are the bank.

It’s crucial that you know what kind of wallet you have, how to protect it, and how to use it. In this article we cover basic safety tips that every DeFi investor ought to know.

Know your wallet

The main difference between decentralized finance (DeFi) and centralized finance (CeFi) lies in who controls your wallet – in other words, custody.

Most CeFi crypto services offer custodial wallets, where a third party such as an exchange stores your private keys for you. The exchange might link your wallet to login credentials, but if the company is attacked, your assets will be at risk.

Decentralized applications (dapps), on the other hand, are non-custodial: you have full ownership, possession and responsibility over your private keys and assets.

There are roughly three different kinds of wallets:

  • Hardware wallets: A physical device stores your private keys offline. This type of wallet is thought to be the most secure. Examples include Ledger and Trezor.

  • Web wallets: A self-custody wallet lets you interact with your Ethereum account via a web browser. For example, you can download MetaMask as a browser plugin and create a wallet to store Ether and other ERC-20 tokens.

  • Smart-contract wallets: These are wallets that live as a program on the blockchain instead of providing the user with a public and private key pair, and are typically associated with a specific app. Examples include InstaDapp’s DeFi Smart Accounts, Argent, Dharma, Gnosis Safe, etc. Smart contract wallets typica

Do-or-die wallet safety

Once you’ve created your Ethereum wallet, the first thing to do is to write down your seed phrase if you have one – that’s write down, not copy-paste. Storing this kind of information on your phone or computer is not safe. Your seed phrase will look something like this (and remember that the order of the words is important):

cricket car circle plant formation coin impossible dress clear under school lamp

Finally, make sure that the place you’ve written down your seed phrase can be found should you no longer be around (for example, in the case of your death). If you’re sitting on a large sum of money, the last thing you want is for your loved ones to be unable to access it.

Using your wallet

Now let’s talk about transactions. Whenever you make a transaction on a dapp for the first time, you’ll see a step that says something like “Approve”, “Enable”, or “Authorize”. The message might look like this:

What does "approve" mean when transacting with your Ethereum wallet?

This extra step exists for first-time users because any interaction with your wallet requires two transactions to go through:

  1. Allowing the dapp to spend the asset

  2. Confirming the transaction

When granting this permission in your wallet, you give a third party like Zerion the right to facilitate a transaction with your chosen token. Most apps have an “infinite approve” system so you won’t see this step again, but some apps will give you the option of restricting the approval to a limited number of tokens.

For the extra-cautious

When making a transaction, there’s no such thing as “too safe”. While dapps like Zerion and Uniswap have measures like Token Lists to help users verify the authenticity of assets, most decentralized exchanges automatically list all tokens – including scams that duplicate the names of other projects. The surest way to protect yourself is to always check the contract address before confirming a transaction in your wallet. You can cross-check the token's contract address on with the address that's listed on the token or protocol's official website.


We can’t stress enough how important it is to maintain these basic wallet safety precautions. DeFi opens up a world of permissionless access, but with this comes added responsibility to the user. Stay vigilant.

🔖 Learn more:

Did this answer your question?