Celly's Hardware Wallet Guide

What is Cryptocurrency?  What is Ethereum?  How does it work?
Cryptocurrency is, at it's core, a decentralized ledger of transactions, utilizing Blockchain technology.  I recommend this video by 3Blue1Brown on how Blockchains such as Bitcoin function:

https://www.youtube.com/watch?v=bBC-nXj3Ng4

This is a very techical breakdown, but it is worth understanding.  Ethereum functions in a similar way, but has many more useful features than Bitcoin.  It is important to understand that, because of the nature of Cryptocurrency, transactions are irreversible, and it is extremely important to keep your private keys top secret.  You cannot chargeback fradulent transactions, and stolen assets cannot be recovered.


Hot Wallets vs Hardware Wallets
A "Hot Wallet" is a wallet that stores your private keys on a network-connected device.  Hot Wallets are vulnerable to attack - if your computer gets hacked, any hot wallets on that computer can be stolen.  MetaMask comes with a hot wallet.  Hot Wallets are fine for playing around with "small" amounts of crypto, but are insufficient for long-term storage or the storage of large amounts of crypto assets.  Think of it as carrying around a small amount of cash with you when you go out into the world.  You wouldn't carry your life savings in cash, but you'd carry around a small amount so you can buy things over the course of your day.  It is very useful to have a Hot Wallet, but it is insecure, and you should only have what you are comfortable with losing in a theft.  I recommend keeping an eye on your Hot Wallet for any fishy transactions that you didn't expect.

A hardware wallet is a security device that stores your private cryptocurrency keys on a secure chip.  The device connects to your PC, and in order to send crypto assets, you will have to confirm transactions on the physical device before the device will sign the transaction with your keys.  The device will read back to you the ammount and address so you can verify you are not being tricked.  By using a security chip isolated from the internet, your crypto assets will be Cryptographically Safe from theft, hacks, and so forth.  I personally recommend the Ledger, I own a Ledger Nano S.  I will speak of the Ledger, but much of this guide applies to other hardware wallets as well.  The Ledger can connect to MetaMask, allowing you to access your Hardware Wallet alongside your Hot Wallet.  You will still have to sign transaction on your Ledger every time to use it with MetaMask.

A hardware wallet will generate for you a "recovery phrase," typically 24 words.  NEVER GIVE THESE TO ANYONE.  The seed phrase generates your private keys, and the private keys are protected on the device against a wide array of cyber and physical attacks, but if someone accesses your keys or phrase, all your crypto can be stolen.  Upon initialization, the device will generate a new random seed phrase, and you will write this down and store it in a safe location.  NEVER TYPE YOUR RECOVERY PHRASE INTO ANY ELECTRONIC DEVICE (other than a Ledger that you intend to use).  The Ledger requires a Pin to access, and after so many failed attempts, the device will factory reset and delete your keys - you will then need to enter your seed phrase into the Ledger to restore access.  I recommend testing that you have written your phrase down correctly, BEFORE you move any crypto to it, by copying the public wallet address, intentionally failing the pin entry, and then restoring the device with your seed phrase, and making sure the public address is the same.

ONLY BUY YOUR HARDWARE WALLETS DIRECTLY FROM THE MANUFACTURER WEBSITE.  DO NOT BUY FROM AMAZON.  Supply chain attacks ARE possible, Amazon in particular is an absolute shitfest.  If your Ledger came with a card with a pre-written set of 24 words, THE DEVICE IS COMPROMISED.  Do not use those words.  A legitimate Ledger will generate it's own seed phrase on it's miniature screen for you to write down yourself.


Disaster Recovery
So, a Hardware Wallet protects you from hacking and theft.  And if the device is damaged, you can buy a new Ledger and restore your accounts with our seed phrase.  But, what if the paper on which you wrote your seed phrase gets destroyed?  That's where an engraved recovery plate comes in!  Again, I have a personal recommendation here, the Billfodl.  This is, simply, a chunk of metal, with letter tiles you can put in, to store your seed phrase in a manner that is strongly resistant to damage, for instance, in a fire.  If your house burns down, you take a metal detector to the rubble and find your Billfodl.  Then buy a new Ledger and recover your crypto assets.  These are not the cheapest things, but if you have a significant holding in crypto, it is a must-have!

Do not trust your memory with a seed phrase.  Carve it in steel.  KEEP YOUR RECOVERY SEED SAFE AND SECURE - Some people deposit it in a bank safe deposit box, but it is up to you.  Remember, if someone steals your recovery seed, they have free access to steal your crypto.

Billfodl can be purchased here (referral link)
https://shop.privacypros.io?afmc=xw&utm_campaign=xw&utm_source=leaddyno&utm_medium=affiliate


Claiming Airdrops
There's plenty of scams going around with hacked discords and everything such that it is becoming very hard to trust ANY link you click.  I propose the following security protocol to keep your assets safe:
1) Move ALL your crypto assets to a "Cold Storage" hardware wallet address.
2) Whenever there is an "airdrop" that requires you to link your wallet, and IF it already passed the smell test, you STILL need to be safe.
3) If you intend to claim an airdrop, move ONLY the required assets (any eth for minting, and ONLY the NFT(s) requred) into a seperate "Hot Wallet"
4) Interact with the "airdrop" ONLY with the hot wallet.  You still risk the assets in the hot wallet, but ONLY the hot wallet, everything in cold storage should be safe.


Common Scams
Because of the immutable nature of Crypto transactions, it is a very attractive space for scammers and thieves to flourish.  It is very important to be aware of a wide array of scams, both traditional scams and scams unique to the Crypto space, in order to protect yourself.  This list is not exhaustive by any means!

NEVER give your seed phrase or private keys to ANYONE, no matter if they claim to be tech support, band members, or President Elon Musk.  They just want to steal your stuff.

Be very cautious about fake URL scams, they will change a few letters or use look-alike characters to put up a fake website for you to send crypto to.  These will often be sent from offical-looking DMs and will be filled with FOMO messaging claiming that you're going to miss an opportunity if you don't act right now - designed to get you to click before you think!

If your hardware wallet comes with a card with a recovery phrase already written on it, this is a SUPPLY CHAIN ATTACK and if you use that seed phrase, your money will be stolen!  The device may also be a fake!  Never buy hardware wallets from third party sites like Amazon or eBay, only buy direct from the manufacturer's website!

ALWAYS verify transaction addresses on your hardware wallet - some hacks display the correct address on your PC and send a fake address to your Ledger, hoping you won't pay attention.  The Ledger doesn't lie, so verify carefully!

Fake versions of MetaMask and other crypto applications also exist.  Make sure you are using a legitimate version!  Fake versions exist solely to collect your recovery phrase for hackers!

Elon Musk is not going to double your ethereum if you send it to an address.  This one is simple folks, don't be a sucker.

People will post FAKE NFT listings on OpenSea to try to steal your Ethereum.  If it looks too good to be true, it probably is!

Stay safe out there and always ask the community for help if you have even the slightest concern about anything that doesn't seem quite right!

	- Celly#5234