Protect your assets by yourself. Three rules for safely managing your private keys by CEO of KEKKAI, To Ma

Recently, 48.2 billion yen worth of bitcoins were leaked from DMM Bitcoin, a Japanese cryptocurrency exchange (CEX), which became a hot topic. At this time, the company has not made any detailed mention of the cause of the unauthorized leak. However, the most likely theory is that there was a gap in the management of private keys, which was the cause. In addition, since last year, the number of hacking incidents due to private key leaks has increased significantly.

In Q1 of this year (January to April), there were 13 private key leak incidents, with a total damage of 460 million dollars (approximately 73.8 billion yen). In addition, of the losses due to Web3.0 hacking in this quarter and throughout last year, the attack method of illegally obtaining private keys accounted for about 60% of the total, making it the largest proportion (※1).

※1: See 2024Q1 Global Web3 Security Report, AML Analysis & Crypto Regulatory Landscape

Three points for managing private keys safely

1. Safely store your seed phrase

Private keys are generated from seed phrases. Therefore, management of seed phrases is also very important. Although it is a basic thing, do not save your seed phrase in a photo or record it in a memo app. As a rule, you should not expose your seed phrase online, so you should avoid copying it and sending it to someone in a chat or writing it into an AI such as ChatGPT.

The general method is to write it down on paper and store it in a safe place such as a safe, but if you want to be even more particular, you should use a metal plate product to store your seed phrase.

2. Use a cold wallet

A cold wallet is a wallet that is not connected to the Internet. This increases security because the private key stored in the wallet is offline.

Commonly used wallet apps are basically always connected to the Internet, so if the device is hacked by malware, the private key will also be stolen at the same time.

When using a cold wallet, it is common to use a hardware wallet. Although it is less practical, if you use a cold wallet as your asset storage wallet, you can hold your funds with high security.

3. Use of multi-sig wallets

A multi-sig wallet is a wallet in which the private key is divided and managed by multiple people. When executing a transaction, all or a certain percentage of the key holders must sign, and security can be increased by decentralization. It has the advantage of reducing the risk of losing the private key and the risk of sending the wrong message because it is confirmed by multiple people. It is often introduced by companies for asset management, and is also used in exchanges.

https://kekkai.io

Profile

◉ To Ma

CEO of KEKKAI Co., Ltd.

After graduating from high school, he came to Japan from China and started a business while in college. In January 2023, he established KEKKAI Co., Ltd., which provides blockchain security solutions. Currently, he has released the Web3.0 security product "KEKKAI Plugin", which can detect risks through transaction simulation analysis, an API/SDK service that can detect NFT fraud and simulate transactions, and a Web3 code audit business for corporations. In the future, he will improve the current service and release products to improve user security from various angles, contributing to improving the environment of the entire industry.

Related articles

Beware of Web 3.0 phishing scams! A look at the methods and damage this year | KEKKAI CEO To Ma

Web 3.0 security company "KEKKAI" Young CEO Danny reveals his business vision