Skip to main content

Hardware Wallet: Complete Setup & Safety Playbook

· 9 min read

In this lesson I’ll review the Tangem hardware wallet, version 2, which consists of three cards. This is the second version — I also have the first one, but it’s not exactly outdated; the second is simply more functional. Today I’ll show the full setup process from start to finish: how to configure the wallet, start using it, how I integrate it into my own schemes, how reliable it is, why it’s needed at all, how it differs from other hardware wallets, and how it ensures the security of your private keys.

In short, this will be a detailed, step-by-step review of the Tangem hardware wallet.

Why Hardware Wallets Matter

The first and most important thing that distinguishes hardware wallets from non-hardware wallets is the isolation of private keys. Remember: private keys literally control the ability to spend funds from your addresses. If you have the private key, you can sign any outgoing transaction from that address.

If an attacker gains access to your private keys, they gain full access to your funds. That’s obvious.

The key advantage of hardware wallets is that they isolate your private keys on a separate device.

  • In Tangem’s case, these are cards.
  • In Ledger’s case, a dedicated USB-like device.
  • In Trezor’s case, a similar standalone unit.

In all cases, the private keys are stored in an isolated environment, separate from potentially dangerous devices.

Potentially dangerous environment? It’s your computer, phone, or any device connected to the internet — where the risk of malware infection is far higher than on an isolated card that simply cannot be infected. That’s why hardware wallets are so important: their main advantage is securely keeping private keys isolated from the network.

⚠️ Important: No hardware wallet — Tangem, Ledger, Trezor, even the most advanced certified one — can protect you from human error. If you sign a fraudulent transaction or confirm something on a phishing site, your funds will still be stolen. A hardware wallet protects private keys from theft, not from voluntarily signing a malicious transaction.

Another point: different hardware wallets have different security levels. Manufacturers often emphasize “secure chips” with certified elements. That’s useful, but these certifications don’t replace common sense and basic security hygiene.

In practice, all those technical details matter little if an attacker gains physical access to your hardware device. A knowledgeable person may be able to extract private keys from some devices — such cases have been publicly demonstrated (e.g., certain Ledger scenarios). The main protection you get is that malware on your computer/phone cannot read your keys, because they are not there.

Physical theft risk: someone would need to steal the card/device. How reliable is Tangem under physical access? Exact stats aren’t public; the chance of successful key extraction is extremely small and would require significant skill/equipment. Cards are also protected by PIN/ex-code, so extraction isn’t trivial.

Tangem Wallet Overview

What is Tangem and how does it differ?

  • It’s a set of cards (my kit has three).
  • Private keys are generated on the card and never leave it (secure chip).
  • No mnemonic phrase by default (optional; you can add/import one later in the app).

Why “no phrase by default” helps beginners

Scams often try to convince users to enter their seed phrase into fake sites. With Tangem, there is no phrase by default — your cards are the backup. That adds a layer of protection against phishing. If you want, you can later create/import a mnemonic (I’ll show how in the app).

Kit size: two vs three cards — they’re just extra physical copies of your private keys.

Full Setup: Step by Step

Links to the official Tangem app and wallet are provided in the lesson description (with a 10% discount promo code). Always use official sources.

I’ll show the mobile app flow (screen recording from my phone):

  1. Open Tangem App

    • If you’re new, you’ll see “Get started” / “Create”.
    • Options: Create new wallet (device generates keys) or Import phrase (paste an existing mnemonic from e.g., MetaMask).
    • Practical note: Creating directly on Tangem is best — the card itself is your backup.

  2. Tap Card via NFC

    • Hold your card to the phone to initialize it.
    • The first card now has keys for multiple supported blockchains.

  3. Add Backup Cards

    • Add the second and third card the same way.
    • These are physical backups of your keys.
    • Press Finalize the backup when done.

  4. Set Access Code (Ex-code)

    • This is crucial: if someone finds your card, they still cannot use it without the ex-code.
    • Choose a strong password you can remember.
    • If you forget it, you can reset it using any two cards together.

  5. Scan Each Card to Apply Ex-code

    • You’ll scan each card (~15 seconds per card).
    • After all three are bound to your ex-code, your wallet is ready.

Now the app shows your wallet interface, default BTC and ETH, and your three cards. To sign a transaction, you tap a card to your phone and enter the ex-code. Without the card + code, funds cannot move.

Adding Networks & Assets

By default you’ll see BTC and ETH. To add more:

  • Open Networks/Assets.
  • Toggle EVM chains (Arbitrum, Polygon, etc.), Solana, and more.
  • If a token isn’t shown, add by contract address (just like MetaMask).

You can also group/filter assets by network for a clean layout.

Funding the Wallet (Example on Arbitrum)

  1. Tap Receive on Arbitrum → copy address.
  2. From your other wallet, send 10 tokens (example).
  3. Also send a small amount of native ETH for gas on Arbitrum.
  4. After confirmation, you’ll see balances in Tangem.

Using Tangem with DeFi (Mobile Connect)

Because Tangem doesn’t have a desktop extension, you connect via mobile:

  1. On your desktop DEX aggregator, click Connect Wallet → select option compatible with Tangem.
  2. A QR code appears.
  3. In Tangem app: menu (⋯) → +Scan QR.
  4. Your wallet connects.

Swap example on Arbitrum:

  • Choose token pair (e.g., USDT → ETH), Review Swap, then Swap.
  • The app will request signing → tap your Tangem card and enter ex-code.
  • If the rate updates, you may sign a second time.
  • Done — USDT swapped to ETH.

Open Tangem → refresh → funds now in ETH (Arbitrum).

Note: Always double-check you’re on the correct network; otherwise, the transaction won’t appear.

Should You Use Tangem for Daily DeFi?

My take:

  • Security: Excellent.
  • Convenience: Not ideal for active DeFi.
    • Connection is mobile-only and via QR.
    • Most major protocols work (≈95–98%), but some do not.
    • The app may not support every network yet; manual network add wasn’t available at recording time.

Implication: If you bridge to an unsupported network, your assets exist on-chain but won’t show in Tangem until the app adds support. That’s an interface limitation, not a loss of funds — but it’s inconvenient.

Workaround:
If you created Tangem with a mnemonic, you can import that phrase into MetaMask, add the missing network, and move funds. This is an emergency-only option since it exposes your seed to a hot wallet. Afterward, consider regenerating keys in a secure environment.

Storage Scheme Recommendation with Tangem

Tangem is excellent for storage (BTC, ETH, stablecoins you don’t touch frequently).

Three-card kit strategy:

  • Treat the set as three backups.
  • Keep one card for daily spending.
  • Store two backup cards with trusted people (family/friends).
  • If you forget your ex-code, recover using two cards to reset it.
  • No paper seed needed (unless you optionally enabled one).

This approach is reliable and simple, removing the paper backup risk while keeping recovery straightforward.

How I Personally Use Tangem

I use Tangem as one signer in a multisignature (multisig) wallet:

  • Example: Safe (Gnosis Safe) with 2-of-3 scheme.
    • Two Tangem cards (each a unique key).
    • One key on my computer (via MetaMask or another wallet).
  • Any transaction requires two signatures.
  • Even if one device is compromised, assets remain protected.
  • The cards do not “hold” funds; they act as signing factors.

This setup is powerful for defense-in-depth and larger balances.

Pros & Cons of Tangem

Pros

  • No mnemonic by default (optional later) — fewer phishing risks for newcomers.
  • Three-card backup model is simple and robust.
  • Easy to distribute cards among trusted contacts.
  • Recovery is straightforward if one card is lost.
  • Great multisig component as an extra signer.
  • Clean app, many networks supported; ideal for long-term storage.

Cons

  • Not ideal for active DeFi usage due to connection UX and occasional protocol incompatibilities.
  • Manual network add was not available at recording time.
  • Bridging to unsupported networks makes assets invisible until support is added.

App Interface Highlights (Arbitrum Example)

  • Receive: your address + QR — simple and clear.
  • Swap: available, but includes an internal fee (like MetaMask Portfolio).
    • Recommendation: use an external DEX aggregator (better rates, no hidden fees).
  • Send: standard transfer flow; sign by tapping the card.
  • Buy: available in supported regions; requires KYC (passport).
  • History: complete list of incoming/outgoing/internal transactions; tap any to view in an explorer.
  • Share TX: send the explorer link to recipients.

You can also paste your address into DeBank to track your multi-chain portfolio.

Example: Sending ETH Back to Main Wallet

  1. Copy the recipient address from your main wallet.
  2. In Tangem, open Send, paste the address.
  3. Tap the card to sign the transaction.
  4. Done. Share the explorer link if needed.

Final Notes

  • Tangem is an excellent, secure storage solution — especially with the three-card backup model.
  • For daily DeFi, assess your target protocols first; test with small amounts.
  • For multisig setups, Tangem shines as a reliable signer.
  • Always order from the official website to ensure the device is authentic and secure.
  • Promo code: VEDMI for a 10% discount (as noted in the lesson description).

These materials are created for educational purposes only and do not constitute financial advice.

My Wallet Setup: How I Organize Devices, Mnemonics, and Security Layers

· 6 min read

In this lesson, I’ll explain my personal crypto wallet setup — the system I use to manage devices, mnemonic phrases, and security layers.
It’s not a universal formula — adapt it to your situation — but this structure can help you build a practical and secure workflow for managing your funds.

Overview: Three Devices, Three Roles

I use three devices, each serving a distinct purpose:

  1. MacBook (Work Machine) — for daily operations, DApps, and extensions.
  2. Dedicated Mobile Phone — for quick on-the-go interactions.
  3. Hardware Wallet — for long-term, cold storage of large sums.

Each device has its own mnemonic phrase — written down on paper and stored offline.

Device 1 — Work Machine (MacBook)

My MacBook serves as my main workstation.
It holds several wallets, all based on a single mnemonic phrase written on paper and kept offline.

I use:

  • MetaMask for EVM-compatible networks (Ethereum, Polygon, Arbitrum, Avalanche, etc.)
  • Network-specific wallets like Brave Wallet (for Starknet), Solana wallets, and other L2 tools
  • Bridges and DeFi apps for interaction with multi-chain protocols

MetaMask is my main wallet because it has the widest ecosystem integration.

This device is for active work, so I keep it clean:

  • No games, torrents, or entertainment apps
  • Only crypto-related software and secure browser extensions

Device 2 — Dedicated Mobile Phone

The second device is a dedicated smartphone used exclusively for crypto operations.
It has:

  • One main wallet app (for small transactions and quick DApp use)
  • Occasionally a test wallet for experiments or airdrops
  • No unrelated apps — no social media, no messengers, no distractions

I use this device for operational tasks like connecting to DApps, signing small transfers, or testing new platforms.

Because phones can be lost or stolen, I never store large sums on this wallet.
It’s designed for mobility and convenience, not long-term holding.

Device 3 — Hardware Wallet (Cold Storage)

My hardware wallet is where I keep larger amounts — primarily native Bitcoin (BTC) and long-term holdings.

Why it matters:

  • Private keys are stored inside the device and never exposed to the internet.
  • Transactions are signed physically by pressing a button on the device.
  • Even if my computer is infected, the attacker cannot access the hardware keys.

Popular brands like Ledger or Trezor are suitable for most users — as long as the mnemonic phrase is stored securely on paper.

Mnemonic Phrase Strategy: One per Device

My rule is simple:

One mnemonic phrase per physical device.

  • MacBook → Phrase #1
  • Phone → Phrase #2
  • Hardware Wallet → Phrase #3

They are never mixed.
I don’t import one device’s phrase into another.
Each phrase is generated and stored separately.

Why not multiple phrases on one device?

Because if your device is compromised, it doesn’t matter how many phrases you have — all are exposed.
The attack surface is the device itself, not the number of phrases.

When multiple phrases make sense:

  • For beginners, to limit potential loss if one wallet is compromised.
  • For airdrop hunters and testers, who separate work/test accounts from main wallets.

My Workflow Example

  1. MacBook — active work: MetaMask, DApps, DeFi, small holdings.
  2. Mobile — quick operations and on-the-go approvals.
  3. Hardware Wallet — long-term BTC and cold storage.

If I lose my phone or laptop, my main holdings remain safe in cold storage.
If I somehow lose access to the hardware wallet, I can recover it from the paper mnemonic stored securely offline.

Why I Avoid Reusing Mnemonics

Importing a hardware wallet’s phrase into a computer or phone destroys its isolation.
The moment the phrase is typed into an internet-connected device, it loses its core protection purpose.
That’s why my hardware wallet’s phrase stays offline forever.

Similarly, I don’t mix mobile and desktop mnemonics — they serve different functions and risk levels.

Multisignature (Multisig) Setup

For an extra layer of protection, I also use a multisignature wallet:

  • One key (mnemonic) stored on the computer
  • Another key stored on the phone

Transactions require both signatures, meaning an attacker would need access to both devices at the same time — highly unlikely.

This setup is optional but ideal for large or shared accounts.

Why I Don’t Use Many Mnemonics on the Same Device

If one device is hacked, it doesn’t matter if you had 3, 10, or 50 mnemonic phrases — they all can be stolen.
The risk is tied to the device, not the number of wallets.
That’s why separating wallets across physical devices is far more effective.

For Beginners

If you’re new to crypto, don’t overcomplicate things.
Start simple:

  1. Use one device (preferably dedicated).
  2. Install one reputable wallet (like MetaMask or Core).
  3. Write your mnemonic phrase on paper.
  4. Test recovery: delete and re-import your wallet.

As you gain experience, you can expand into multi-device setups, hardware wallets, or multisig structures.

Optional: Multi-Currency Wallets

If you prefer simplicity, a multi-currency wallet can manage all your assets under one mnemonic.
It’s convenient, but make sure to use:

  • A dedicated, clean device
  • Offline backup of the mnemonic
  • No unnecessary apps or browser extensions

My Principles Summarized

DevicePurposeMnemonicRisk Level
MacBookMain working environment (MetaMask, bridges, DApps)#1Medium
Mobile PhoneOperational tasks, testing, quick signatures#2Medium–High
Hardware WalletCold storage, Bitcoin, long-term funds#3Very Low

Core Rules:

  • Never import hardware mnemonics to hot wallets.
  • Never reuse one phrase across devices.
  • Keep devices clean and purpose-specific.
  • Store all mnemonics on paper, offline.

Additional Tips

  • Keep test wallets for experiments with small amounts.
  • Don’t download unnecessary software on work devices.
  • Prefer macOS or Linux over Windows for higher security.
  • If using Android, be cautious — iOS is generally safer.
  • Always verify domains before connecting or signing.

Simplified Setup for Most Users

If managing multiple wallets feels complex, you can safely start with:

  • One device (desktop or phone)
  • One wallet app
  • One paper mnemonic backup

Then, as your funds or experience grow, upgrade:

  • Add a hardware wallet for savings.
  • Add a dedicated phone for Web3 activity.
  • Introduce multisig for large balances or team accounts.

Final Thoughts

99% of wallet security depends on user behavior, not technology.
You can have the best hardware wallet in the world — it won’t help if you:

  • Enter your phrase on a fake site, or
  • Sign a malicious transaction without reading it.

Discipline, awareness, and good habits are your ultimate security tools.

These materials are created for educational purposes only and do not constitute financial advice.

How to Use Browser Extensions to Detect Scam Transactions and Protect Your Crypto

· 5 min read

In this lesson, we’ll look at three browser extensions that can protect your assets by showing exactly what a transaction will do before you sign it.
These tools act as a visual firewall between you and scammers — clearly displaying whether a transaction will spend your tokens, drain your wallet, or execute a legitimate action.

Recap: The Typical Scam Setup

In the previous lesson, I showed how a phishing site requested permission to withdraw assets under the pretext of a “free airdrop.”
When I connected my wallet, the site pushed a transaction asking to increase the allowance for my tokens — effectively granting the attacker permission to spend everything.

MetaMask displayed a standard confirmation dialog, which looks harmless to newcomers.
If I had signed it, I would have lost all tokens within seconds.

So, I disconnected from the site — and now I’ll show how the same transaction looks with protective extensions enabled.

Why Extensions Matter

Connecting a wallet to a website is usually safe.
The real danger begins when you sign a transaction.

These browser extensions analyze the transaction in real time and display:

  • What assets are being approved or spent.
  • Whether you’re granting unlimited spending rights.
  • If the contract or website looks suspicious.

Each extension works similarly, differing mostly by interface and design. You can install whichever suits you best.

Extension #1 — Standalone Browser Protection

I install the first extension and pin it to my browser toolbar.
The setup is simple — no extra configuration required.

Then I return to the same phishing site that previously pushed the fake airdrop transaction.
I click “Get Rewards,” connect MetaMask, and wait.

Immediately, the extension detects the malicious operation:

Warning: This transaction will spend all your tokens.

This is exactly what we need — a clear alert that the site is attempting to withdraw everything.

I cancel the transaction.
The site tries to push it again — I disconnect (Disconnect).

Result: Scam avoided before signature.

Extension #2 — Legacy Extension with Scanner

The next extension I test is a popular tool I mentioned earlier.
While it’s no longer actively maintained (support ends after June), it still works for now.

It installs directly into Chrome and supports major networks like:

  • Ethereum
  • Polygon
  • Arbitrum
    (more are being added)

It includes a scanner that checks your wallet for existing risky approvals.
I click “Scan,” connect my wallet, and it confirms:

“No dangerous approvals found.”

However, when I revisit the phishing site, the warning doesn’t appear — likely because this Chrome profile doesn’t have my active MetaMask connection.
If installed in the same browser profile as MetaMask, it works as intended.

Result: Useful scanner + partial integration, but limited support and maintenance.

Extension #3 — Direct MetaMask Integration

This option is installed inside MetaMask itself as an add-on.
It integrates directly into the transaction confirmation flow.

I add the plugin, enable it, and refresh the page.
Once connected, I initiate the same fake airdrop transaction.

The plugin shows:

  • A clear breakdown of the requested token approvals.
  • Which assets are at risk.
  • Domain analysis, including the site’s creation date (e.g., “domain registered 3 days ago”).
  • A risk indicator warning that the transaction allows spending of all wallet assets.

I click Reject.

Result: Seamless integration and detailed insights directly in MetaMask.
⚠️ Limitation: Works only with MetaMask and selected networks.

Testing with a Legitimate Transaction

Now, let’s compare the extensions’ behavior with a normal swap on a decentralized exchange aggregator.

Example:

  • I swap 5 tokens for 5 others.
  • MetaMask asks for permission to use 5 tokens.
  • I approve the transaction.

The extension doesn’t trigger a warning because:

  • It’s a standard swap.
  • Inputs and outputs are balanced.
  • No suspicious unlimited approvals appear.

Result: Everything looks fine. The extension correctly detects this as a legitimate transaction.

Alternative: Wallets with Built-In Transaction Inspection

If you prefer not to use browser extensions, some wallets (like Rabby Wallet) already have this functionality built in.

They show:

  • Which assets are sent or received.
  • What approvals are being granted.
  • Whether the transaction affects your current balance.

I cover Rabby Wallet in detail in the “Crypto Wallets” module — it’s an excellent option for users who want integrated protection.

Key Takeaways

FeatureBrowser ExtensionsBuilt-In Wallets
InstallationSeparate browser add-onAlready included
Risk WarningsYes, visual alertsYes, integrated
Network SupportVaries per extensionVaries per wallet
Ease of UseSimple setupEven simpler
Ideal ForMetaMask usersRabby or advanced wallets

Security Rules Recap

  1. Never sign transactions on unknown sites.
  2. Always disconnect from suspicious websites.
  3. Use extensions that display what a transaction actually does.
  4. Check allowances regularly and revoke excessive approvals.
  5. Avoid installing unsupported or outdated plugins.
  6. Keep MetaMask and browser updated.
  7. Bookmark official sites and ignore links from emails or ads.

What’s Next

In the next lesson, I’ll show my personal wallet setup — how I use multiple wallets, manage mnemonic phrases, and separate operational funds from long-term storage.
You’ll see how professional-level wallet management looks in practice.

These materials are created for educational purposes only and do not constitute financial advice.

Most Common Crypto Attack Vectors and How to Protect Your Funds

· 5 min read

In this lesson, we’ll examine the most common attack vectors that target users’ crypto assets — in other words, your money.
As mentioned in previous lessons, 99% of all losses occur due to user mistakes, not due to wallet vulnerabilities.
Only about 1% of incidents are caused by technical bugs, and even that is usually preventable by choosing well-audited wallets from trusted developers (like MetaMask).

The good news?
You have full control over the remaining 99% — your own security behavior.

Main Attack Target: Your Mnemonic Phrase and Private Keys

Attackers almost always focus on one goal — obtaining your mnemonic phrase or private key (which are essentially the same thing).

The two most common paths they use:

  1. Phishing websites that ask you to enter your phrase to claim fake rewards or fix fake issues.
  2. Fake transaction signatures, where you’re tricked into approving a malicious transaction directly from your wallet.

Example #1 — Fake Site Transaction Signing

Here’s a real-world scenario I encountered.

Step-by-Step of the Scam:

  1. A suspicious token appeared in my wallet — called something like “Free Token”.
  2. It came with a message and a link claiming I “won a reward.”
  3. The site asked me to connect my wallet (which is harmless).
  4. Then it prompted me to sign a transaction to “receive the reward.”

That signature was actually a permission for the attacker to withdraw my tokens.
If I had signed, they would have emptied my wallet in seconds.

How It Works

  • The site automatically scans your balances once connected.
  • It builds a malicious “approval” transaction giving itself spending rights.
  • Once signed, your tokens are gone.

Protection:

  • Never sign transactions on unknown sites.
  • Always verify domains before connecting your wallet.
  • If in doubt, open MetaMask → Settings → ConnectionsRevoke access for suspicious sites.

Example #2 — Fake Token Airdrops and “Support” Messages

Attackers send you fake tokens or contact you pretending to be support staff.
They’ll claim you must visit a site or “verify” your wallet to receive help.

You’re then asked to:

  • Enter your mnemonic phrase, or
  • Sign a fake transaction “for confirmation.”

Rule:
Legitimate support teams never ask for your mnemonic phrase or signatures.

Advanced Scam Variants

1. Fake “Claim” or “Bonus” Pages

You click a fake notification like “You won 5,000 tokens!”, connect your wallet, and are asked to sign a transaction — usually an unlimited spending approval.
Once signed, the attacker drains your balance.

2. Phishing via Search Engines

Fake ads often appear above real search results for wallets or exchanges (e.g., “MetaMask official site”).
Once you enter your mnemonic phrase, all funds are stolen.

3. Social Engineering

Attackers approach you on Discord, Telegram, or Twitter pretending to:

  • Offer help.
  • Be an official support account.
  • Or even show personal interest.

Eventually, they’ll ask you to sign something or share your phrase.

Rule:
If anyone — anywhere — asks for your mnemonic phrase, it’s a scam.

Browser Extensions for Extra Protection

Certain browser extensions (anti-phishing or transaction preview tools) can visualize what will happen to your funds before you sign.

They:

  • Show exactly which tokens you’re granting access to.
  • Highlight risky transactions.
  • Warn if you’re interacting with a known scam contract.

MetaMask already includes partial protection, but you can enhance it with external tools that display balance changes pre-signature.

Address Replacement Attacks

If your device is infected with malware, it can replace copied wallet addresses in your clipboard.
You think you pasted your friend’s address, but the scammer’s address is substituted.

How to avoid it:

  • Always double-check the first and last 5 characters of every address.
  • Use a dedicated crypto device that’s not used for browsing, gaming, or downloading files.
  • Keep your operating system clean — Linux or macOS are safer than Windows.

Two Main Attack Vectors — Everything Else Is Just a Variation

All scams ultimately revolve around these two mechanisms:

  1. Obtaining your mnemonic phrase.
  2. Tricking you into signing a malicious transaction.

Every attack — no matter how creative — is just a variation of these core principles.

Core Protection Rules

  1. Never enter your mnemonic phrase anywhere except in your official wallet app.
  2. Never sign transactions on suspicious or unknown websites.
  3. Avoid “easy money” traps — there are no free airdrops or giveaways requiring wallet actions.
  4. Bookmark official sites and avoid clicking links from emails or search ads.
  5. Use a separate device for crypto operations — isolated from casual browsing.
  6. Store your mnemonic phrase offline, on paper only.
  7. Revoke site access in your wallet periodically.

By following these seven rules, you eliminate nearly every practical threat.

If in Doubt — Ask

If something seems suspicious, stop and ask.
You can always check with experienced members in our Discord community before taking any action.
Nobody will judge you for asking — but everyone will regret a mistake that costs them their savings.

Summary

Attack VectorDescriptionProtection
Phishing SitesFake pages asking for your mnemonicOnly use official wallet links
Fake Tokens“Free” tokens leading to fake sitesIgnore them; never sign or claim
Fake SupportScammers posing as help agentsReal support never asks for seed phrases
Fake ApprovalsSigning unlimited spending permissionsReview transaction details carefully
Address ReplacementClipboard hijacking malwareDouble-check address characters
Social EngineeringPersonal messages with fake helpDon’t trust unsolicited contacts

In the next lesson, we’ll explore browser security extensions that display transaction effects before you sign — showing how the fake transaction I almost signed would look once these tools are installed.

These materials are created for educational purposes only and do not constitute financial advice.

Crypto Security: How to Protect Your Wallet, Assets, and Peace of Mind

· 5 min read

In this lesson, you’ll learn the core security rules that everyone in the cryptocurrency ecosystem must follow — whether you’re a beginner or an experienced user.
Understanding and applying these principles is the foundation of protecting your funds, data, and peace of mind.

Rule #1 — Write Down Your Mnemonic Phrase on Paper

Your mnemonic (seed) phrase is the master key to your entire crypto portfolio.
If someone gets it — they get all your funds.
If you lose it — no one can recover it for you.

What to do:

  • Write your phrase on paper.
  • Make multiple copies and store them in separate safe, private locations.
  • Keep them offline — never in cloud storage, screenshots, or Notes apps.

What NOT to do:

  • Don’t store your phrase on any internet-connected device.
  • Don’t encrypt it with a password (you’ll likely forget it).
  • Don’t split or rearrange the words.

    All these “DIY protection tricks” usually result in lost funds.

Rule #2 — Never Enter Your Phrase Anywhere Except in an Official Wallet

Most crypto thefts don’t happen because of “hacking.”
They happen because users voluntarily give away their mnemonic phrases to phishing websites or fake apps.

Common phishing scenario:

You receive an email saying your wallet will be “blocked unless you verify your seed phrase.”
It looks official, but the link leads to a fake site (e.g., fake Trust Wallet or MetaMask).
Once you type your phrase — your funds are gone instantly.

Golden rule:
Only enter your mnemonic phrase inside official wallet apps you personally installed.

Rule #3 — Double-Check Every Address Before Sending

There are malware programs that replace recipient addresses in your clipboard.
You think you’re pasting your friend’s address — but it’s a scammer’s.

Always:

  • Compare the first and last 5–6 characters of the address before confirming.
  • Verify transactions visually before clicking “Send.”
  • Bookmark verified addresses for repeated transfers.

Remember: Blockchain transactions are irreversible.
Once confirmed, there’s no way to cancel or refund a transfer.

Rule #4 — Secure Your Devices and Operating Systems

Your crypto wallet is only as secure as the device it runs on.

Most vulnerable OS: Windows
It’s the main target for malware designed to steal crypto.

Best options:

  • Use Linux or macOS — both are significantly safer.
  • If you can’t switch OS, consider a hardware wallet.
    These devices isolate your private keys and make theft from your computer or phone practically impossible.

Rule #5 — Always Verify Domains

Domain spoofing is one of the most common attack vectors in crypto.

Scammers create sites that look identical to official ones:

Example: metamask.io → fake site metamask.l0 (with zero instead of “o”).

How to stay safe:

  • Check domain spelling carefully before entering your wallet.
  • Bookmark official sites you use frequently.
  • Never follow links from email or social media ads.

Rule #6 — Test Everything with Small Amounts

Before sending large sums:

  1. Test wallets, exchanges, and protocols with small transactions ($1–$5).
  2. Send funds, confirm receipt, and only then proceed with larger amounts.
  3. Try restoring your wallet using your mnemonic phrase — to make sure your backup works.

“Test first, scale later” — this rule alone can save your funds.

Rule #7 — Don’t Store All Funds on Exchanges

Exchanges are convenient for trading — but not for storage.

Reasons to withdraw your funds:

  • Exchanges are custodial, meaning they control your keys, not you.
  • Accounts can be frozen, hacked, or compromised.

Use exchanges as temporary hubs only:

  • Deposit → Trade → Withdraw to your non-custodial wallet.
  • Long-term storage should always be self-custodied.

Rule #8 — Consider Using a Multisignature Wallet

For advanced users, multisig wallets add another layer of protection:

  • Transactions require two or more signatures from separate devices.
  • Even if one device is hacked, the attacker still can’t move your funds.

Learn how to set up a multisig wallet in the “Security PRO” module.

Rule #9 — Practice Before Going All-In

If you’re new to crypto:

  1. Create a test wallet.
  2. Deposit a few dollars.
  3. Delete and restore it using your mnemonic phrase.
  4. Learn how to send and receive transactions confidently.

Practice removes anxiety and helps you avoid costly mistakes later.

Rule #10 — Never Trust “Easy Profit” Schemes

This is the oldest and still the most effective scam in crypto.

Scammers promise:

  • “Double your money in 10 minutes.”
  • “Guaranteed 100% returns.”
  • “Send 1 BTC, get 2 BTC back.”

They often use fake YouTube livestreams featuring public figures (like Elon Musk or Vitalik Buterin).
The address shown on-screen is always a scam.

Nobody will double your money.
Anyone promising easy profit is trying to steal your funds.

Rule #11 — Join Verified Communities

If you’re unsure about something, don’t guess — ask professionals.

Join our official Discord community, where you can:

  • Get quick answers to your questions.
  • Learn from experienced members.
  • Verify if a tool, site, or offer is legitimate.

Collaboration and awareness are your best defenses.

Final Thoughts

Crypto security isn’t about paranoia — it’s about discipline.
Follow these simple principles, and you’ll eliminate 99% of the risks most newcomers face.

Summary Checklist

AreaRule
Mnemonic PhraseWrite on paper, never online
PhishingOnly use official wallet interfaces
AddressesAlways double-check before sending
Device SecurityPrefer macOS/Linux or use hardware wallets
WebsitesVerify domain names, use bookmarks
TestingTry small transactions first
Exchange StorageWithdraw to non-custodial wallets
MultisigAdd multiple signatures for safety
ScamsAvoid “get rich quick” offers
CommunityAsk questions before acting

By following these practices, you ensure that you — and only you — control your assets.
In the world of decentralized finance, your security depends on your awareness.

These materials are created for educational purposes only and do not constitute financial advice.

Why You Can Trust Your Mnemonic Phrase

· 5 min read

One of the most common concerns among newcomers to crypto is how secure their mnemonic phrase really is.
Can someone else generate the same phrase? Could a hacker or a supercomputer brute-force it?
Is the phrase truly unique — or could the wallet developer have precomputed it in advance?

Let’s go through these questions step by step.

What Is a Mnemonic Phrase?

When you create a non-custodial wallet, it automatically generates a mnemonic phrase — typically 12 or 24 words.
This phrase is simply a human-readable backup for your private keys.

Under the hood, it represents a very large random number:

  • A 12-word phrase encodes 128 bits of entropy.
  • A 24-word phrase encodes 256 bits of entropy.

Your wallet converts this random number into a sequence of words using the BIP39 standard, making it easier to back up and restore.

The Scale of Possibilities

How many possible phrases can exist?

  • For 12 words, the total number of combinations is 2¹²⁸.
  • For 24 words, it’s 2²⁵⁶.

These numbers are astronomically large — beyond human imagination.

To put it into perspective:

  • The number of 12-word combinations exceeds the number of grains of sand on Earth.
  • The number of 24-word combinations is roughly comparable to the number of atoms in the observable universe.

Finding your specific mnemonic by chance would be like identifying one exact atom out of the entire universe.

Why Brute-Forcing Is Impossible

Even if someone built the most powerful supercomputer imaginable, it still couldn’t brute-force all possible phrases.

Here’s why:

  • Each new word exponentially increases the number of combinations.
  • Even 128 bits of entropy (12 words) provide security beyond what any machine can handle.
  • To try every possible 12-word combination would require more energy than the Sun produces in billions of years.

In other words:

The probability of anyone generating your exact mnemonic by brute force is effectively zero.

Even quantum computers, if they existed at the necessary scale, would not make brute-forcing practical in the foreseeable future.
There simply isn’t enough energy, time, or memory in the universe to check them all.

The Real Risks: Human Error

While the mathematics is unbreakable, practical security depends on you.

Even the strongest mnemonic phrase is useless if:

  • You store it online (e.g., in Google Drive or notes on your phone).
  • You type it on a phishing site pretending to be a wallet login page.
  • You send it to anyone, or take a screenshot of it.

Always remember:

The only realistic way your mnemonic phrase can be compromised is through your own actions or device vulnerability, not cryptographic weakness.

Store your phrase offline, on paper, and keep it in a secure physical location.

The “Brute-Force Software” Scam

You may come across online ads or videos claiming there are “programs” that can brute-force Bitcoin wallets or find mnemonic phrases with balances.
They often cost around $300–$500 and promise “high success rates.”

These are 100% scams.

They prey on people who don’t understand how large 2¹²⁸ or 2²⁵⁶ really is.
Even for 12-word phrases, the odds of finding a match are so low that it’s practically impossible.
For 24 words, it’s beyond physical reality.

Anyone claiming they can brute-force mnemonics is either ignorant or intentionally misleading you.

How Wallets Generate Mnemonic Phrases

When you create a wallet:

  1. The wallet generates a random 128-bit or 256-bit number using a secure random generator.
  2. This number is converted into words using the BIP39 standard wordlist.
  3. The wallet then derives private and public keys locally on your device.

No one — not even the developers — has access to these numbers or keys.
The process is completely autonomous and offline.

How to Ensure Your Phrase Is Legitimate

The only real risk would be if a wallet app didn’t generate randomness locally and instead issued precomputed phrases that developers could later exploit.
That’s why you should only use verified, reputable wallets.

Here’s what to check:

  • Open Source — code is public and verifiable.
  • Audited — independent firms confirm there are no malicious routines.
  • Established Reputation — used by millions of users and reviewed by the crypto community.

If your wallet is open source, audited, and locally generates your phrase, you can trust it completely.

Examples of trusted wallets are listed in the Tools → Wallets section of this course.

In Summary

QuestionAnswer
Can someone else generate my phrase?Practically impossible — probability ≈ 0.
Can a supercomputer brute-force all phrases?No — it would require energy greater than the Sun’s lifetime output.
How are phrases created?Randomly, locally, using BIP39 entropy.
Can developers precompute them?Not if you use open-source, reputable wallets.
Where should I store it?Offline, on paper, never online or on devices.

Key Takeaway

A mnemonic phrase is one of the most secure cryptographic mechanisms ever created.
Its protection doesn’t depend on secrecy of code or a third party — it depends only on mathematics and proper storage.

As long as your phrase was generated by a trusted wallet and you keep it offline, your funds are as safe as cryptography allows.

These materials are created for educational purposes only and do not constitute financial advice.

How to Import a Mnemonic Phrase from Core Wallet into MetaMask (Step-by-Step Guide)

· 4 min read

In this lesson, you’ll learn how to import a mnemonic phrase from Core Wallet into MetaMask and regain full access to your crypto assets — including tokens on networks like Avalanche and Polygon.

Starting Point

At the moment, my Core Wallet holds several assets:

  • MATIC on the Polygon network — ~$20
  • AVAX on Avalanche — ~$8
  • Wrapped Bitcoin (WBTC) — ~$24
  • Other tokens — ~$24
  • Plus ~$49 in native Bitcoin (BTC)

We’ll now import this wallet into MetaMask, step by step.

Step 1: Access Your Mnemonic Phrase in Core Wallet

  1. Open Core Wallet.
  2. Go to Settings → Security & Privacy.
  3. Find and click the button “Show Recovery Phrase.”
  4. Enter your wallet password and press Show.
  5. Your 24-word mnemonic phrase appears — copy it or use the one you’ve written on paper.

Never share your mnemonic phrase with anyone and never enter it on websites.
It must be stored offline and securely.

Step 2: Open MetaMask and Start Import

  1. Open MetaMask in another browser (or device).
  2. Click Get Started.
  3. Choose Import Wallet — since you already have a mnemonic phrase.
  4. Select the 24-word format (Core Wallet uses 24 words).
  5. Enter all 24 words in exact order, separated by spaces.
  6. Set a password for local access to MetaMask.

This password only protects local access to the wallet interface.
It is not related to your private keys.
If forgotten, you can reinstall MetaMask, re-import the wallet using your mnemonic phrase, and set a new one.

Click Import — and your wallet is now added to MetaMask.

Step 3: Add Networks via Chainlist

Your assets from Core Wallet are on Avalanche and Polygon, so let’s add these networks.

  1. Go to chainlist.org.
  2. Connect your MetaMask wallet.
  3. Add the following:
    • Avalanche C-Chain
    • Polygon Mainnet
  4. Approve the connection when MetaMask prompts you.

Now your MetaMask supports both networks.

Step 4: View and Add Tokens

  • MATIC appears automatically, since it’s Polygon’s native coin.
    You’ll immediately see your MATIC balance (e.g., ~$11).

Other tokens, like USDT and WBTC, need to be added manually.

Adding Tokens on Polygon

  1. Open the Polygon block explorer.
  2. Search for USDT.
  3. Copy the contract address.
  4. In MetaMask, click Import Tokens → Custom Token, paste the contract, and confirm.
  5. USDT now appears in your list.

You can also see your MATIC balance (e.g., 25.11 MATIC).

Adding Tokens on Avalanche

  1. Switch MetaMask to the Avalanche network.
  2. AVAX appears by default (the network’s main coin).
  3. To add USDT, use the regular contract (not the version starting with “e”).
  4. Copy the contract, go to Import Tokens, and paste it.
  5. Your 24 USDT will appear.
  6. Repeat for Wrapped BTC (WBTC) — copy the correct contract and import it.

Done! In just a few minutes, you’ve imported your Core Wallet into MetaMask and restored all assets across both networks.

Step 5: Bitcoin — Why It Doesn’t Appear

You may notice that your $49 in BTC doesn’t show up.
That’s because MetaMask doesn’t support Bitcoin’s native network.
It only works with EVM-based networks (Ethereum Virtual Machine).

BTC is on its own blockchain — not compatible with EVM-based wallets.

Options for Bitcoin

  1. Keep using Core Wallet, which supports native BTC.
  2. Install a Bitcoin-only wallet (e.g., Electrum or BlueWallet).
  3. Optionally, import your phrase into a Bitcoin wallet — but only if it supports the same derivation path.

Note: When importing your mnemonic phrase into another wallet that uses a different key-derivation algorithm, you may see a different address or zero balance.
This doesn’t mean your BTC is lost — just that the wallet used a different derivation standard.

If the wallet allows, adjust the derivation path setting, and your Bitcoin balance will display correctly.

For convenience and safety:

  • Use one mnemonic phrase for your EVM wallets (Core, MetaMask, etc.).
  • Use a separate phrase for Bitcoin-only wallets.
  • Keep phrases offline and written on paper.
  • Never enter them into websites or browser extensions other than your verified wallet.

Key Takeaways

ConceptExplanation
Mnemonic Phrase12 or 24 words that encode your private keys.
MetaMask CompatibilitySupports EVM blockchains (Ethereum, Polygon, Avalanche, etc.).
Native BitcoinNot supported in MetaMask; use Core or Bitcoin-only wallets.
Derivation PathAlgorithm that generates keys from your phrase — must match for correct address.
PasswordProtects local wallet access only; not related to blockchain security.

By following this guide, you can easily import your wallet into MetaMask, access your assets across multiple blockchains, and understand how different networks interact within Web3.

These materials are created for educational purposes only and do not constitute financial advice.

Mnemonic Phrase Explained: How Wallet Recovery, Private Keys, and Multisignature Security Actually Work

· 6 min read

In this lesson, you’ll learn what a mnemonic phrase is — how it works, why it’s the foundation of your wallet’s security, and how it enables full recovery of your crypto assets across any device or wallet interface.

What Is a Mnemonic Phrase?

When you create any non-custodial cryptocurrency wallet, you receive a mnemonic phrase — also known as a seed phrase or recovery phrase.

Your mnemonic phrase is your private keys, expressed as a sequence of 12 or 24 words.
It allows you to:

  • Sign transactions
  • Access your funds
  • Recover your wallet on any compatible platform

Example of a 12-word mnemonic phrase:

ocean raise sunset fabric lens chaos exotic snow hill master cloth border

Core Wallet uses 24 words, while MetaMask uses 12.
Later in this module, we’ll discuss how the number of words affects security and how astronomically unlikely it is for anyone to ever generate the same phrase as yours by chance.

Always store your mnemonic phrase offline.
Write it down on paper and never expose it to devices connected to the internet.

One Phrase — Many Blockchains

You might wonder: how can one phrase give access to multiple blockchains — like Bitcoin, Ethereum, and Avalanche?

That’s because a mnemonic phrase can generate multiple pairs of public and private keys — one set for each supported blockchain.

A single phrase can derive keys for:

  • Bitcoin
  • Ethereum and EVM-compatible networks
  • Avalanche
  • Polygon, Arbitrum, Optimism, and many others

So, with one phrase, your wallet can manage multiple addresses across different blockchains.

Bitcoin vs. Ethereum Key Derivation

  • Bitcoin uses a transaction model (UTXO) that benefits from generating multiple addresses.
    A single phrase can create dozens or hundreds of Bitcoin addresses.
  • Ethereum uses an account model — typically, there’s one main address per wallet.
    You can derive more addresses, but it’s usually unnecessary.

💿 A Universal Standard

A mnemonic phrase follows an open standard (BIP39 / BIP44).
It works across nearly all non-custodial wallets.

Think of it like a CD format — a universal standard used by all CD players, regardless of manufacturer.

If your Core Wallet gave you a 24-word phrase, you can import it into MetaMask, Trust Wallet, or any other compatible wallet — and instantly regain access to your assets.

Why does this work?
Because wallets are interfaces for your keys, not vaults holding your coins.
The blockchain stores your balance — your wallet just gives you access.

How Wallet Recovery Works

When you create a wallet:

  1. A random mnemonic phrase is generated.
  2. The wallet uses algorithms (BIP39 / BIP44) to derive private and public keys from it.
  3. Those keys are saved locally in a key file on your device.
  4. The mnemonic phrase serves only as a backup, not for daily transactions.

If you lose your device or delete your wallet:

  • Reinstall the wallet on any device.
  • Enter your original mnemonic phrase.
  • The wallet regenerates the same private keys, restoring your access instantly.

That’s why mnemonic phrases are universal recovery tools.

Hot Wallets vs. Cold Wallets

Wallets differ not only by custody model (custodial / non-custodial) but also by their connection to the internet.

Hot Wallets

  • Always online (desktop, browser, or mobile).
  • Convenient for active use but exposed to online risks.
  • Examples: MetaMask, Core Wallet, 1inch Wallet.

Cold Wallets

  • Offline storage — no internet access.
  • Private keys are isolated inside a hardware device.
  • Transactions are signed within the device, not on your computer.
  • Examples: Ledger, Trezor, SafePal.

Even if your computer is hacked, the private keys remain protected — they never leave the hardware device.

Common Causes of Fund Loss

About 99% of all crypto losses happen due to:

  1. Compromised mnemonic phrase — shared on phishing sites or lost.
  2. Compromised device — malware stealing the local key file.

Most negative wallet reviews come from misunderstanding.
People mistakenly enter their mnemonic phrase on fake websites pretending to be “support verification” pages — handing full control of their assets to scammers.

Never enter your mnemonic phrase anywhere except inside your own wallet.
Doing so is equivalent to giving away your private keys.

Real-World Attack Vectors

Attack TypeDescriptionPrevention
PhishingFake emails or websites ask for your seed phrase.Never share or type your phrase online.
Device malwareHackers steal your key file.Use antivirus, hardware wallets, and secure OS.
Physical theftSomeone accesses your written phrase.Store offline in a hidden, fireproof location.

A hardware wallet protects against digital attacks, while secure physical storage protects against theft or loss.

Advanced Security Schemes

There are enhanced ways to protect your mnemonic phrase:

Phrase Splitting

Divide your 12 or 24 words into multiple parts and store them in separate locations.

Air-Gapped Signing

Keep one device permanently offline — transactions are signed on it and transferred via QR code or USB.

Multisignature (Multisig) Wallets

Require two or more signatures to send a transaction.
Each signature comes from a separate device and mnemonic phrase.

Example:

  • One key is stored on your computer.
  • Another key is stored on your phone.
  • A transaction requires both signatures to proceed.

Even if one device is compromised, an attacker cannot move funds without the second.

You can extend this concept — 3-of-5 multisig, 2-of-3, etc. — for institutional-grade protection.
These methods are covered in depth in the Security PRO module.

🧭 Summary

  • Mnemonic phrase = your private keys, expressed in 12 or 24 words.
  • It can be used across multiple wallets and blockchains.
  • The phrase allows you to recover access to your funds anywhere, anytime.
  • Hot wallets are online and convenient; cold wallets are offline and secure.
  • Protect both your mnemonic phrase and your device.
  • For maximum security, consider hardware wallets or multisig solutions.

Key Takeaways

ConceptDescription
Mnemonic PhraseBackup of all private keys (12 or 24 words).
BIP39 / BIP44Standards defining how wallets derive keys from phrases.
Public AddressUsed to receive funds; safe to share.
Private KeyUsed to sign and send transactions; must stay secret.
Hot WalletOnline and convenient; more vulnerable.
Cold WalletOffline and secure; best for long-term storage.
Multisig WalletRequires multiple keys for added protection.

Your entire crypto security depends on two elements:

  1. The privacy of your mnemonic phrase.
  2. The safety of the device storing your private keys.

As long as both remain secure, your funds are safe — anywhere in the world.

These materials are created for educational purposes only and do not constitute financial advice.

Crypto Wallet Basics: Public Keys, Transactions, and Security Foundations

· 5 min read

Welcome to the Basics of Security module — here, you’ll learn how cryptocurrency wallets work, how your funds are secured, and how to properly use reliable wallets for safe, long-term storage and interaction with the crypto ecosystem.

How Blockchain Works

Let’s start with how a blockchain functions — for example, Bitcoin or Avalanche.

A blockchain is a distributed global database stored across thousands of computers worldwide.
Anyone — even you — can become a participant in the network by running a node (e.g., a Bitcoin node) on your computer.

When you send a transaction from your wallet:

  1. It’s broadcast to all nodes in the network.
  2. It’s verified and added to the blockchain.
  3. It becomes a permanent, immutable record visible to everyone.

A transaction is simply a database record showing that a certain amount of funds was transferred from one address to another.
That’s the fundamental idea: blockchain is just a ledger — but a public, decentralized, and tamper-proof one.

What Is a Crypto Wallet?

There are many types of wallets — each differing in functionality, security, and supported currencies.
All wallets fall into two main categories:

  • Custodial wallets
  • Non-custodial wallets

We’ll start with non-custodial wallets — like the one you installed earlier (e.g., MetaMask).

Every wallet has a unique identifier — your address, where funds are received.
When someone wants to send you tokens, they need your public address.

Public and Private Keys

Your wallet contains two key elements:

Public Key (Address)

  • A unique identifier for your wallet.
  • Safe to share — it allows others to send you funds.
  • Works just like a bank account number or card number.

Private Key

  • The critical component that allows you to sign transactions.
  • Proves ownership of your funds and authorizes transfers.
  • Must be kept secret — anyone who knows your private key can spend all your funds.

The private key is linked to your mnemonic phrase (also called a seed phrase).
This phrase is your backup — it restores access to your wallet and funds if your device is lost or damaged.

How Transactions Work

Let’s break down what happens when you send a transaction (like when you sent 5 USDT to your second wallet earlier):

  1. Transaction creation — You specify the recipient address and amount.
  2. Signing with private key — Your private key digitally signs the transaction, proving ownership.
  3. Broadcasting to blockchain — The signed transaction is sent to the network.
  4. Recording — It’s permanently stored in the blockchain ledger.

Funds are not physically “inside” your wallet.
Your wallet only stores keys — not coins.
The actual tokens exist on the blockchain as records linked to your address.

Where Are the Keys Stored?

Your private keys are stored locally — only on the device where the wallet was created.

For example:

  • If you create a wallet on your computer, the keys live there.
  • If you create it on your phone, they stay in the phone’s storage.

They are generated randomly inside your wallet — not provided by any external server.
No cloud storage, no central server, no backup provider.
The wallet generates a key pair (public + private) and shows you the mnemonic phrase that encodes them.

Custodial vs. Non-Custodial Wallets

TypeWho Holds the KeysControlVerificationExamples
CustodialThe platform (exchange)Platform can block/freezeRequires KYC and accountBybit, Binance, Coinbase
Non-CustodialYouFull self-controlNo KYC, no intermediariesCore Wallet, MetaMask, 1inch, Trust Wallet

In custodial wallets, you rely on the platform’s approval to withdraw or transfer funds.
In non-custodial wallets, you create, sign, and send transactions yourself, without asking permission.

That’s why non-custodial wallets are considered the most reliable and independent form of crypto storage.

How Non-Custodial Wallets Work

A non-custodial wallet (like Core Wallet or MetaMask) is simply an interface for working with your keys.

Inside the wallet, there are no coins — only:

  • Your private keys,
  • The ability to create and sign transactions, and
  • The functionality to send them to the blockchain.

Think of it as software that lets you interact with your digital assets, not store them.

Secure storage of funds = secure storage of private keys (seed phrase).
If you protect your seed phrase, your assets are safe.
If someone gains access to it, they gain full control of your funds.

Analogy: Wallets Are Like Design Tools

Imagine Photoshop, Illustrator, or Paint.
They are just interfaces for editing images — but the actual image file is stored on your computer.

  • Photoshop doesn’t “own” your images — it just lets you work with them.
  • Similarly, wallets don’t “own” your coins — they let you interact with them.
  • The data (funds) is always on the blockchain; your wallet only gives you access to it.

Key Takeaways

  • Custodial wallets are controlled by centralized entities — exchanges, platforms, or apps.
  • Non-custodial wallets give you full control through your private keys and seed phrase.
  • Public key (address) — used to receive funds.
  • Private key — used to sign and send transactions.
  • The wallet is only an interface; funds themselves are stored on the blockchain.
  • Secure your seed phrase offline — it’s the master key to your funds.
  • The security of your wallet = the security of your device.

If someone gets your private keys, they get your assets.
If you keep them safe — you’re in full control.

What’s Next

In the next post, we’ll explore:

  • What a mnemonic phrase is,
  • The different types of wallets,
  • Their security levels, and
  • Common vulnerabilities to avoid.

These materials are created for educational purposes only and do not constitute financial advice.

How to Set Up and Use a Mobile Crypto Wallet

· 5 min read

If, for some reason, it’s inconvenient for you to use a browser extension wallet like MetaMask, you can always download a mobile wallet, which has nearly the same functionality.
With it, you’ll still be able to interact with different networks, swap tokens, and work with the entire crypto ecosystem and its tools.

All wallets that I’ve personally tested and consider reliable are listed in Tools → Wallets on our platform.
There, you’ll find links to multi-currency, single-currency, and specialized wallets with unique features — all explained in detail as the training progresses.

Setting Up a Mobile Wallet

This is one of the best options for interacting with DeFi and the Web3 ecosystem.
The wallet is available for both Android and iPhone.

All you need to do is:

  1. Find it in the App Store or Google Play.
  2. Download and install it.
  3. Always use verified links from the course description — there are many scam apps pretending to be real wallets.

I already have the wallet installed. The setup process is simple — you have two options:

  • Create a new wallet
  • Import an existing one

In my case, I choose Create, accept the terms, pick an interface color (any will do), and give my wallet a name — e.g., Main. Then I press Create.

✅ That’s it — the wallet is created.

Securing Your Seed Phrase

Next, the wallet shows your seed phrase (also called a mnemonic phrase).

You must:

  • Write it down on paper and keep it in a safe place.
  • Never take screenshots or store it online.
  • Without it, you won’t be able to recover your funds if your phone is lost or the app is deleted.

Press Continue, set a password, confirm it, and enable Face ID (optional).
Now your wallet is ready to use.

Supported Networks

The mobile wallet includes major networks by default:

  • Ethereum Mainnet
  • Polygon
  • Optimism
  • Arbitrum
  • Gnosis
  • Fantom

You can switch between them instantly.
In my case, I’m interested in the Avalanche network, so I select it.

💡 Your wallet address remains the same across all EVM-compatible networks — Ethereum, Avalanche, Polygon, and others.

Why I Chose 1inch Wallet

I use the 1inch Wallet because it supports most major blockchains for Web3 and DeFi.
Its key advantage is the integrated 1inch aggregator, which allows:

  • Instant swaps between tokens
  • Minimal fees
  • Best exchange rates automatically selected across DeFi protocols

For example, if you want to exchange AVAX to USDT, the wallet will automatically find the most profitable route across DEXs.

The app has two main tabs:

  1. Home — for balance, Receive, and Send buttons.
  2. Swap — for token exchanges.

Other features are explained in later modules.

Example: Sending AVAX to Your Mobile Wallet

Now I’ll transfer some Avalanche (AVAX) tokens from my Core Wallet to the 1inch mobile wallet.

  1. Press Send in Core Wallet.
  2. Paste the 1inch wallet address.
  3. Double-check the last 3 characters of the address (e.g., …566).
  4. Enter 0.2 AVAX and confirm the transaction.

After a few minutes, the AVAX balance appears in the 1inch wallet, showing both the token amount and its USD equivalent.

Working with Multiple Wallets

With 1inch Wallet, you can do everything you would with MetaMask or Core Wallet:
buy crypto, withdraw it, and interact with DeFi tools — all from your phone.

The only limitation: it doesn’t support the native Bitcoin network.
(Core Wallet and MetaMask can, but 1inch Wallet cannot.)

You can also create additional wallets inside the app:

  • Tap the “➕” button to add a new wallet.
  • Give it a name and manage it in settings.

This helps you separate wallets by purpose — for example:

  • One for portfolio investing
  • Another for DeFi activities

To switch between wallets, simply swipe left or right.

Example: Managing and Transferring Between Wallets

Let’s say I mistakenly sent 10 USDT to my second wallet instead of the first.
To fix this, I’ll:

  1. Transfer a small amount of AVAX to the second wallet to cover gas fees.
  2. Send the USDT back to my main wallet.

In the app, I can easily switch wallets.
Once the AVAX arrives, I:

  • Copy my main wallet address.
  • Open the second wallet → press Send → paste the address.
  • Select USDT and confirm.

In 1inch Wallet, USDT appears automatically — no need to manually import token contracts.
The transaction confirms, and the funds return to my main wallet.

Swapping Tokens Inside the App

Now I’ll open the built-in Swap tab and exchange USDT for Avalanche.

Steps:

  1. The first transaction is a Permit — it authorizes the smart contract to use your tokens.
  2. Then, confirm the Swap.

✅ Done — the exchange is complete.
Now my balance shows Avalanche (AVAX) instead of USDT.

Summary

With the 1inch Wallet, you get:

  • Built-in swap aggregator (best rates, lowest fees)
  • Multi-chain support for all major EVM networks
  • Full control of your assets on mobile
  • Ability to manage multiple wallets in one app

It’s one of the most convenient and powerful wallets for working with the Web3 ecosystem and DeFi tools — directly from your smartphone.

These materials are created for educational purposes only and do not constitute financial advice.