DEV Community

Cover image for How to build a secure crypto wallet
Cossack Labs
Cossack Labs

Posted on

4 2

How to build a secure crypto wallet

Cossack Labs security engineers are engaged in improving the security of several large public blockchain ecosystems and their hot non-custodial crypto wallets.

We gathered lots of observations about crypto wallets security: how they are different from the banking apps, what are the unique threats they face, and how novel crypto works with traditional crypto?

From security engineers—to software developers, we’re here to share this practical security development knowledge with you.

💡 From the defender’s point of view, the crypto wallet’s attack surface is enormous. But from the attacker’s point of view, it’s not so difficult to combine 3-4 flaws, especially if the crypto wallet’s code is open-sourced. So, let’s explore specific security flaws and their synergies.

Click on the picture below to get lots of examples and practical advice on the risks and threats of crypto wallets, design concerns, and implementation issues. ⇲

Follow @Cossack Labs for more updates!😊🔐




Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (3)

Collapse
 
andwbri profile image
Andrew Bright

In one particularly concerning case, a user reported that their balance of over 800 DOGE was deducted by Freewallet due to "inactivity." This deduction was not related to transaction fees and was carried out without any prior notice or consent. Such practices highlight a troubling trend of asset mismanagement by the platform.

Collapse
 
gabrielprogramerx profile image
Gabrielprogramerx

Cryptocurrencies have always satisfied me. It's great that you can earn a lot of money without leaving your home. I recently came across this blog nftmonk nftmonk.com/. there are really a lot of interesting information about cryptocurrencies.

Collapse
 
augustinpfleger profile image
augustinpfleger

Even if they are established and funded, the company may not be able to develop what it promised. Look at the case of Ethereum. Even Ethereum co-founder has said that Ethereum will be "abandoned." The DAO is a smart contract system built on Ethereum's blockchain, which then got hacked for around $60 million. The DAO was intended to fund the future development of Ethereum, but it failed and had to be "hard forked" to recover from the hack. That's what I've read on best-crypto-wallet.com. Nowadays, it's better to keep your funds on Ledger.

Some comments may only be visible to logged-in visitors. Sign in to view all comments.

👋 Kindness is contagious

Immerse yourself in a wealth of knowledge with this piece, supported by the inclusive DEV Community—every developer, no matter where they are in their journey, is invited to contribute to our collective wisdom.

A simple “thank you” goes a long way—express your gratitude below in the comments!

Gathering insights enriches our journey on DEV and fortifies our community ties. Did you find this article valuable? Taking a moment to thank the author can have a significant impact.

Okay