Flare is the blockchain for data and has been designed to give developers secure access to all of the decentralized data they need – but how do you keep your data and your funds just as secure when interacting with dapps on the network?
Like any new adventure, exploring web3 comes with some risks that need to be considered and carefully managed. This guide will equip you with the knowledge to confidently navigate the Flare ecosystem and beyond.
The web3 security landscape
Flare, like other blockchains, is inherently secured thanks to its decentralized network of nodes safeguarding the network. However, user custody and interaction with crypto and dapps can introduce new considerations. Common security threats are:
- Phishing Scams: Be wary of emails, messages, or websites mimicking Flare, Flare team members, or ecosystem partners to steal your private keys or login credentials. Double-check URLs and never share your private key with anyone.
- Honeypot & Rug Pull Scams: Malicious projects might lure users with promises of high returns. Some projects may claim to build on Flare or have Flare team support, but this could be deceptive. Research projects thoroughly before participating. Check the Flare blog for official partnership announcements, the Flare team page, and always look for security audits of projects if possible. Security audits are formal documents detailing security assessments of systems, networks, or organizations. They highlight security strengths, weaknesses, and vulnerabilities. View the audit reports on Flare clients and smart contracts.
- Malicious airdrops: Some unexpected airdrops that appear in your wallet might contain hidden exploits. Only interact with airdrops from trusted sources.
Best practices for secure Flare exploration
Embrace self-custody: For maximum security, consider storing your $FLR, $WFLR, and $SGB in a self-custodial wallet like a hardware wallet (Ledger Nano X/S, Trezor T) or a secure software wallet (Bifrost, MetaMask, etc.). Hardware wallets offer more robust protection by keeping your private keys offline and isolated.
Store your seed phrase securely: This is the single most important step in protecting your crypto assets. Here are some recommended methods:
- Physical backup: Write down your seed phrase on a piece of paper and store it in a safe place, ideally a fireproof safe. Consider using a metal fireproof recorder for added durability.
- Avoid digital storage: Avoid storing your seed phrase on your computer, phone, or cloud storage services like Google Drive. These platforms are vulnerable to hacking, and a compromised seed phrase could lead to a complete loss of your crypto assets.
- Password managers (Use with Caution⚠️ ): While password managers like 1Password offer strong encryption, there’s still a potential risk that their databases could be compromised. If you choose to use a password manager, ensure you have a strong master password and understand the associated risks.
Beware of centralized exchange risks: While you might have obtained your FLR through a crypto exchange, storing it there can have potential drawbacks, for example missing out on FlareDrops, FTSO delegations and staking rewards. Centralized exchanges can also pause deposits, withdrawals, and transactions if they find your account suspicious.
Additionally, some Flare community members have mistakenly sent their WFLR to exchanges without unwrapping them first. This can lead to complications in retrieving the funds. If you have any doubts about transactions, always send a test amount first.
Choose a wallet for Your FLR and WFLR: Flare is supported by a wide range of of self-custodial wallets, including Bifrost Wallet, SolidiFi, Brave, D’CENT, Enkrypt, Ledger, MetaMask, SafePal, and Trezor. Guides for using these wallets can be found here. Do your research to find the wallet that best suits your needs, considering security features, ease of use, and Flare compatibility.
Take care of your social media security: Always enable two-factor authentication (2FA) on your social media accounts to add an extra layer of security. Be wary of direct messages (DMs) from anyone offering any kind of help 🛑. They are likely imposters/scammers. Verify team members’ and moderators’ identities carefully.
Stay informed, stay safe: The Flare ecosystem is constantly evolving. Stay updated on security best practices and emerging threats by following Flare’s official channels.
Remember, you are your own guardian in Flare and crypto in general. By understanding the security landscape and adopting safe practices, you can participate in this exciting new world with confidence.