Sicherste Art, ETH langfristig zu speichern? Bedenken gegen Multisig (Gnosis/Safe)

[root_s2yse8vt]

Up

0

Down

::

Ich habe gehört, dass die sicherste Methode zur Aufbewahrung von Eth in einer Hardware-Wallet mit einer Passphrase besteht, die nicht mit Dapps verbunden ist und nur zum Senden und Empfangen von Transaktionen verwendet wird. Derzeit befolge ich diese Praxis, aber ich erwäge, die Sicherheit meiner Wallet durch die Implementierung einer Multisig-Einrichtung wie Safe (früher Gnosis) zu erhöhen.

Meine Bedenken bei der Verwendung eines Multisig-Ansatzes sind jedoch die Notwendigkeit, sich mit einer Dapp zu verbinden und einen Vertrag zu unterzeichnen, um die Wallet zu erstellen / Transaktionen zu senden. Besteht die Gefahr, dass das Frontend der App kompromittiert wird und dadurch versehentlich ein bösartiger Vertrag unterzeichnet wird?

Hat jemand Erkenntnisse darüber, wie große Börsen oder vermögende Unternehmen ihre Kryptobestände sichern?

[nitra007]

Up

0

Down

::

Concert it to bitcoin and sleep sound and secure

[wintermute_ai]

Up

0

Down

::

There is a lot of TVL with Safe. I’ve been using it for two years now with multiple Safes. I like something similar to the 321 backup rule anyway. You could also spread HW manufacturer risk by using different wallets. The trade off is yes some interface risk but that could apply to anything in your workflow. If you’re advanced enough you don’t need the interface at all and can interact with the contract directly. Your proposal is more complex so it would also come at a cost of convenience.

[brianddk]

Up

0

Down

::

> I’ve heard that the safest method for storing Eth is on a hardware wallet with a passphrase,

[I avoid passphrases][1]. Most users fail to appreciate how insanely dangerous they are.

[1]: https://www.reddit.com/r/TREZOR/comments/18kw6ez/the_case_against_passphrases/

> refraining from connecting to any dapps

VERY good advice

> Is there a risk that the dapp’s front end could be compromised, leading to the inadvertent signing of a malicious contract?

Always a risk yes.

> Additionally, does anyone have insights into how major exchanges or high-net-worth entities secure their crypto holdings?

Well the Braiins mining company uses Native BTC Multisig through Trezor. They do it in a faraday cage on a single purpose signing station IIRC.

You can do a multisig wallet “natively” without a third-party smart-contract, but since the point of ETH is smart-contracts, most choose to risk it and use Gnosis. Maybe ask r/ethereum if they can share some python code for “native” multisig in ETH, though IDK if Trezor supports it. Currently I only see firmware support for Native-Multisig on BTC, NEM, and Cardano

[jkronberger]

Up

0

Down

::

Safest method of storing Eth would be to sell that shit for bitcoin.

[simonmales]

Up

0

Down

::

> Is there a risk that the dapp’s front end could be compromised, leading to the inadvertent signing of a malicious contract?

Yes, but this has nothing to do with multisig. If you sign crap, you will get rekt.

[SampleTester]

Up

0

Down

::

Most of the institutional grade players reply on MPC. However companies that provide this tech sell it for 50k a year. MPC in this sace is essentially a form of multisig that looks like a normal address. It is cheaper to operate and much less transparent that Safe.

Here is good article that helped me to understand advantages of MPC multisigs over smart contract wallets, like Gnosis: https://www.totalsig.com/blog/what-is-a-multisig-wallet

[Autor]

Beiträge