Ethereum co-founder Vitalik Buterin has emphasized the importance of having a varied set of “guardians” to maximize the safety of crypto asset self-custody via multisig and social recovery wallets.
Given the ever-growing rate of crypto scams and hacks over the past few years, and several major crypto firms going bust in 2022, self-custody and maintaining sufficient wallet safety procedures have never been more critical.
In a March 16 Reddit post on the r/ethereum community titled “How I think about choosing guardians for multisig and social recovery wallets,” Buterin gave a detailed run down of how he approaches wallet security.
Self-custody is important. And social recovery and multisig is a great way to do it.— vitalik.eth (@VitalikButerin) March 17, 2023
A quick reddit post on how I think about choosing guardians for social recovery and multisig wallets:https://t.co/FY1iyJ6BFC
While their structures differ, multisig and social recovery wallets rely on guardians, which serve as external sources to recover funds or approve transactions. Generally, guardians can be sets of external wallets belonging to the same individual or addresses controlled by other people or entities.
According to Buterin, it’s important to decentralize wallet guardians, as owning more than one of your guardians provides a “tricky tradeoff: you get to trust other people less, but you’re also concentrating more power into yourself, which can create a risk if you get hacked, coerced, or incapacitated or die.”
“My rule of thumb is that enough guardians should be controlled by other people that if you disappear there are enough other guardians left to recover your funds.”
Buterin went on to advise that someone’s set of guardians should not know of each other, as this “greatly reduces the risk that they collude” to attack their wallets and assets. However, they should still be able to find each other in case something happens to the wallet owner.
“If something happens to you, they will still be able to find each other, because there are obvious standard protocols that naturally come to people’s minds in such a situation (e.g. contact your family),” he wrote.
Additionally, the Ethereum co-founder suggested that people should “instruct guardians to ask a security question” that only they and the guardian will know when confirming an operation — and only confirmed when the correct answer is given.
Related: DeFi sees its biggest hack in 2023 as Euler loses $197M: Finance Redefined
For degen traders or those not making long-term hodl plays, the Ethereum co-founder also stressed that they should use guardians that can respond quickly to suit their fast-moving needs.
“If you’re doing degen stuff with on-chain contracts, you may need to act quickly: pull money out if a contract gets a vulnerability, move money around if you are close to being liquidated, etc. If your needs include this, then you want to find guardians who can act quickly on short notice.”
Finally, Buterin recommended testing each guardian at least once a year, as this will confirm that they “haven’t forgotten or lost their accounts.”
Given the ever-growing rate of crypto scams and hacks over the past few years, and several crypto firms going bust last year, maintaining sufficient wallet safety procedures has never been more important.