Topic: I was robbed, and the severe setback made me rethink a problem (Read 241 times)

There are no longer profit in NFTs no more, I don't think someone is gaining a lot from NFTs, it's just a jpeg files that's worthless in future, the hype had even decrease over time, just letting you know.

No it will not give you a bright future. You are thinking of the fact that NFT's will change your life like what happened in 2021 where some people who flipped their money buying NFT's became rich. That's now the case in 2023. NFT's will not give you a bright future.

Also, this is not the first time that you got robbed meaning you must know what is the reason why you got robbed the first time, but you didn't adjust to it, didn't learn the lesson, and that's the consequence. Now I hope that you really learned a lesson from it. There's no need to complicate things like what they're saying. What you need is knowledge to learn how to secure your assets. I'm not using a hardware wallet ever since I got myself involved into crypto, but because I know how the scammers scam people, I already know how to avoid them.

I hope that this incident that happened to you will make you realize that security must be your number one priority.

Hacking of wallets is not a newbies job when it comes to scams, we have graduated fraudsters that are desperate to get their victims provide basic important regarding their accounts. It's advisable to keep everything activity anticipated discreet because the world today is a wicked one. Investment in the market is risky, we have to be extremely careful when dealing these projects and the people around us. There are scammers waiting patiently for our errors to occurred with interns they used it against us. Keeping our private key is important and it ought to be one of the core duty we should be held to.

Full ownership of a wallet is sometimes not realized so easily people enter and leave so easily, what web3 services do you use? wallets connected to dapps or non-custodial wallets integrated with exchangers? I heard a lot of similar incidents and the wallet providers must have written it in their TOS that all forms of loss, data leakage and transfer of property rights are entirely the responsibility of the user, because they have no control (his word) This is not funny, claiming user ownership, transactions by users and responsibility by users. But they are free to control and may know the statistics of the assets they hold in each person's wallet and we don't know.

When it's like that, you should just throw away the old wallet and make a new one because for me there is no accountability and have another wallet with a good reputation, for a moment, is the wallet binance's web3? There is something wrong with the mechanism where transactions are only backed up with email and free to move funds even if withdrawing opens the wallet and crypto assets from the wallet, this is so vulnerable.
===========================
Nft is a unique asset because any project so treats nft hodler by pampering it is also an asset that may be easily taken over, the rampant crime is also because the quantity is only a matter of fingers but high value, it is better to store nft in cex if it is released, in my opinion it is better because nft control in non-custodial wallets or web3 is sometimes caught off guard by activities in the internet world, or you can try to connect with a hardwhare wallet for protection.

This is what always happens when people look down on security aspect of cryptocurrency,  keep the wallet and it private key well is just as important like the asset in your wallet because if anyone have access to your wallet everything in it will be gone.  The private key should not be what people will handle anyhow but with care. Keep your private key safe in a place where nobody can have access of it, this is the most important thing if you want to be profitable in your investment.

Private keys are the ultimate access tool, because crypto assets are stored in the blockchain not in your wallet so anything that you do add like fingerprint, password lock and whatever is encryption for your wallet but if someone has access to your private keys then they can simply download a wallet and import the crypto assets.

If you can't sure about private keys security no matter what you do then you have to use a custodial service to store the assets but you never hold the access to those funds.

Nothing but your private key unlocks the "lock". Why would you need a lock that locks another lock?
Keep your private key safe, and there is nothing else to it.

And if you need a more secure lock, because you dont know how to keep your private keys safe, get yourself a hardware wallet. So your private keys will never be exposed.

There is no better guide well suited for users that is secure and simple like the one @mk4 mentioned. There is no need to over-complicate things.



There is no such feature. Even if there was, it needs to be implemented at the protocol level and not even via the wallet. And also, I'm not sure there is a cryptographic algorithm that supports such. But if you're a dev and want to take it up a notch, you can create a smart contract wallet that not only takes a valid signature and incorporate some kind of luck into it.

In practice, I haven't seen this being used but it might be a solution for you because multisig wallets are smart contracts themselves.

The best wallet security right now is still to get a hardware wallet and make sure the hardware wallet is never used as a hot wallet (ie connecting the hardware wallet directly to dapps).

Btw, Sorry about the loss of your assets.

Sorry for the lost. I believed you cost everything because probably you used a wrong wallet to store your coins and it was compromised. And your used a well secured wallet to store your coins, you wouldn't lost them. And another thing that can make one to lost coins is when the owner of the coins login in to another person device and didn't logout from the device again then the device owner would use that to compromise the wallet.

The lock is not difficult to carry out all what you have to do is that, you just keep the seed phrase in a save place and go the setting of the app and lock it.

The issue here is not with your wallet or gadgets you are using, But it’s with the way you are using them and giving access and authority for hackers to access your private keys. You can use a simple wallet such as Trustwallet or Metamask extension for Ethereum web3 API injection. All you need to do instead of searching for a very secure wallet is learning about crypto and especially web3 securities.
When you mentioned NFTs, I understand that you are giving access to some websites to drain your wallet without even having your private keys, instead you are the one who is giving them access when you allow the infected smart contracts to steal your NFTs.

My only advice for you is to know and learn how you got hacked all these previous times, you can still use your old wallets if your private keys are not leaked. Just disconnect all the Dapps which are infected and make sure when you give access to any Dapp verify if the smart contracts are audited.

I think you need to reconsider the way you are taking internet casually because as far as I have knowledge no one can view your private key unless you share if somewhere, sorry for your loss but that's not the end of the world mate. Just ensure you don't click on any malicious links like some random airdrops or the links from telegram group which says you have won like $500 or such and asks you to link your wallet by sharing the private key.

I am sure you will be able to earn what you have lost but be more cautious and don't click any link which you don't have any affiliation and moreover check the URLs carefully as a friend of mine was looted via fake Binance URL.

You should not call it robbed; its more like a online scam. There are multiple ways to overcome an incident like this, and you were too lazy to explore any of it. If your entire portfolio was in that NFT then why were you using that same wallet to interact with other smart contracts? You should have used a new wallet that you will use only to hold your funds and will not connect with any smart contract and use another wallet that you will use to use any crypto services or app.

There are several ways the private keys can be leaked so the best thing to do is to use mnemonic and stop using copy paste. I have switched to writing down mnemonics in paper. If my value are great enough, I might make a copy of my mnemonic notebook to cope with risk of disaster. Probably placing it on a bank locker far from where I live.
Defi are the present and future of crypto and it's where money is being made but it's also risky and insecure depending on how you use it and one mistake might make you lose it all.

This is just a lesson that you have to learn maybe in the hard way because it has happened to you twice now, don't allow the third to happen because that will mean you are not serious with your assets. The bull run is approaching and scammers likewise hodlers are preparing for it. Therefore, don't lose your coins carelessly by allowing your private key to be exposed. If you see a link, be careful not to click and imput your keys there. It is unfortunate that you lost that coin and hopefully you will learn alot from that experience.

That was exactly what I was thinking. Whenever we neglect safety the price is lossing something precious to us. And private key is one of them. Inasmuch as we preach about Bitcoin investment, I think we should also bear it mind that it also important to protect our key otherwise we would always complain about one thing or the other. Which would have been resolved earlier. The issues of privacy has always been the talk of the day and anyone who chose not to hacken to the advice will always be a victim.

If you think that you need multisig why didn't you do it earlier? You said that you're into NFTs and this isn't the first time that happened so basically, you have some things that you've done that made you leak your private key. I guess that you're into airdrops as well or those projects that requires you sign up and you neglect the importance of keeping your private key. When it's come to those, you don't have to sign up using your private keys. Sorry with your loss, that's saddens me but you should have learned with your first lesson.

This lock already exists and comes under the name Passphrase, and it is sometimes called hidden wallets, 13/25 word, or second password.

If you lose your seeds or someone knows them, you will be able to access your main account, which may contain zero dollars, but still needs a Passphrase to access your other account, which contains your main balance. You can create more than one Passphrase, and therefore for the same seed you can have more than one account, each account containing a different balance.
It is useful as a second layer of protection, but you need to keep it in a separate place, but it will not be useful if hackers gain access to admin privileges in your account, where they can record the screen or access the clipboard and copy Passphrase.

Whatever "lock" you want to implement to your wallet is only difficult to the extent you actually want it to be. After all, it isn't a lie that crypto encourages you to be your own bank, and that includes the security part. So implementing security measures naturally comes as a part of it and it only ever becomes difficult if you don't even start taking note of it in the first place. In the first place it's not THAT hard to keep your keys safe, keep it away from being stored in any devices you use to access the internet such as having it writtin in a book in your place. Or hardware wallets.

Other ideas outside of those would be biometrics, 2FA and the like which requires creating a new structure around the wallets themselves, which isn't really needed with the methods we already have.

When it comes to any investment in the crypto industry, you always need to follow the instructions and some helpful tips to protect your crypto assets because this is crucial when it comes to preserving them. You need to know that there are people who are interested in stealing it from you and they are after it using the best way possible using every trick in the book to get it from you either by force or by following you with their sugar-coated words. lots of people have become victims of this kind of scenario where they don't pay much attention to knowledge rather they just want to follow any influencer's idea on what to invest and how to keep their crypto assets safe without considering other working methods to keep it safe.

sorry to hear  that you lost Your NFTs not once but twice. it is really unfortunate to see that so many people are loosing their NFTs and funds because of these security breaches and KYC leaks.
But How did your KYC got leaked this time? and what was the reason of your previous NFT theft?
I don't think Multisign is something regular/common crypto users can implement specially for daily and small transactions etc. Multisig is good for big projects and for people who deal with large sum of money.
For us the best thing is to protect our KYC and seed phrase as much as possible. don't interect with scammy apps and never trust anyone in crypto space.

Well, from the look of things it is obvious that you were being careless with you key phrase. So, don't blame anyone but yourself for this theft. This isn't a case of a wallet being hacked.
So I would suggest that you become more careful with how you handle your key phrase and be mindful of whom you reveal them to.
Anyways, sorry for your loss.

Basically only solution that comes into mind is making new kind of protocol, but that is also making the user experience even harder, it would be most likely highly centralized compared to current system, and collecting biometrics or such data would create problems with EU:s privacy rules. Because users would need to have a possibility to opt out afterwards, and with blockchain tech, it would need a whole new structure i guess.

Other one would be that the issuer who makes the contract has a possibility to freeze assets and with new kind of tech, even reverse transactions. And that's harder puzzle to solve without going full centralized systems and permissionless transactions and immutability would be thrown out of the window as well. And to be clear, those are the very things that make blockchain tech valuable in the fisrt place.

Private keys can be acquired if your device was infiltrated and you said that this was not your first being robbed it is truly unfortunate but there are not that many technologies to prevent malware from getting into your system yes it could detect some suspicious activities but at the root of it we, ourselves, have to be extra careful and cautious about the links we click, the websites we open or the ads we check out

Though multisig is great, you don't even need to go as far as using multisig.

1. Trezor/Ledger hardware wallet
2. 24-word backup only stored physically(not digitally on your computer/phone)
3. Don't get scammed or phished

That's it. No need for overcomplication.

So possibly that you click some phising links. Theres no way that he can view your private key at all. Most got scammed or hacked exposed to some malicious links. Avoid using social media or click some links underneath legit project cause chances that the second one is fake unless you check the profile first and verify that this is the real one.

so this is not the first time you have been robbed , I think this is already on you because being robbed for the first time is tolerable
but when this happened again then you should understand what is the problem with your security mate.
try not to be confident enough in everything you entered mate and specially in your crypto holdings that you must be securing and
may be taken from you if not making what you must act on.

I want to say that neglect of safety always leads to such cases, unfortunately. It seems to me that everyone stumbled on this, and many, of course, at the beginning of their journey, but even now many experienced ones are losing their money. So you should always take additional protective measures.

The problem is you, I know similar cases and it is also collected a lot in some tech sharing groups, when the market price increases, users join a large number of outright attackers. can take advantage of your ignorance of connection to take over your usage rights. I have seen them share more than 50,000 wallet addresses of the victim daily. However, some services are currently upgrading to protect users more with warnings when participating in the web3 space, be careful not to connect to services with potentially suspicious behavior, as well as the important thing is the "key" that only you know.

Yesterday, my NFT was stolen. The NFT that I spent all my money to buy, the NFT that can give me a bright future, was stolen. This isn't the first time I've been robbed.

So this made me take another look at WEB3. This time the theft was due to the leak of the private key.

Yes, in the blockchain world, private keys are everything. It is the highest authority, and the only thing that can reduce its importance is multisig.

But for ordinary users, multi-signing is a high threshold and difficult to complete. So, is there a tool that can "lock" your wallet?

This "lock" does not review incoming assets, but only reviews assets when they flow out. It can be a secondary password, or a fingerprint verification. This "lock" must follow the address, not a single wallet. As you can imagine, even if the thief logs in to the wallet with the private key from another place, the "lock" existing in the address is still in effect. It may be able to steal your private key, but it cannot steal your secondary password or physical characteristics.

Is this "lock" technically difficult to implement?