back to lessons
$ ~/learn/security-101 cat
5 min read
// 09 · security

Security 101

The chain is secure. You are not. Almost every crypto loss comes from human-layer mistakes, not broken cryptography.

> Phishing is the #1 threat

Fake wallet popups, cloned exchange sites, malicious airdrops, DMs from 'support' — all designed to trick you into signing a transaction that drains your wallet. Never sign a transaction you don't understand. Bookmark real URLs.

> Approvals are dangerous

When you 'approve' a token to be used by a smart contract, you're often granting unlimited spend. Review approvals regularly and revoke any you no longer use (tools like revoke.cash help). One old, forgotten approval is enough to drain a wallet.

> Hardware wallet + fresh wallet for signing

Store long-term holdings on a hardware wallet. Interact with unfamiliar dApps from a separate 'burner' wallet holding only what you're willing to lose. The extra friction is the point.