Tutorials:Web3 Introduction: Difference between revisions
No edit summary |
|||
| (5 intermediate revisions by the same user not shown) | |||
| Line 16: | Line 16: | ||
Only the network nodes interact directly with the blockchain. Most users interact via Internet using special software called a Wallet. Giving the impression that it is the place where you keep your coins, but it isn´t. | Only the network nodes interact directly with the blockchain. Most users interact via Internet using special software called a Wallet. Giving the impression that it is the place where you keep your coins, but it isn´t. | ||
In crypto, the only thing you have is a private key, used to transfer the property of the coins from | In crypto, the only thing you have is a private key, used to transfer the property of the coins from the address associated to the private key, to another address. The coins live in the blockchain, and you can loose your phone or computer, and no coins will be lost. | ||
But if you loose your private keys there is no way to recover your coins. | But if you loose your private keys there is no way to recover your coins. | ||
| Line 26: | Line 26: | ||
The Master private key is characterized by a set of twelve words, called the seed, that are enough to recreate all your private keys. If you have your 12 words you can install a wallet software anywhere and load your private keys to access your coins. | The Master private key is characterized by a set of twelve words, called the seed, that are enough to recreate all your private keys. If you have your 12 words you can install a wallet software anywhere and load your private keys to access your coins. | ||
=How Secure is the Seed?= | |||
Breaking a modern Bitcoin/Ethereum seed phrase by brute force is computationally hopeless because of the number of possible seeds is astronomically large. Even if an attacker had unrealistically massive hardware that could test trillions of seeds per second, the expected time to hit the right 12-word seed would still be around 10¹⁹ years, vastly longer than the age of the universe. | |||
In practice, successful “wallet hacks” almost never come from cracking the cryptography; they come from mistakes like weak passphrases, phishing, malware, leaked backups, or someone exposing their words. | |||
=The Most Important Safety Lesson In Crypto= | =The Most Important Safety Lesson In Crypto= | ||
All you really have is your twelve words. | All you really have is your twelve words. If you loose them, you loose everything. | ||
If you loose them, you loose everything. | |||
=Permissions= | =Permissions= | ||
| Line 43: | Line 45: | ||
A direct attack by hackers to the blockchain is nearly impossible at this stage. There are public bitcoin addresses with thousands of Bitcoins that remain untouched for years. The weak point in security is keeping the private keys safe. | A direct attack by hackers to the blockchain is nearly impossible at this stage. There are public bitcoin addresses with thousands of Bitcoins that remain untouched for years. The weak point in security is keeping the private keys safe. | ||
We will list some of the most common dangers and how to avoid them: | |||
'''Seed phrase exposure (most common)''' | |||
* Never screenshot it, store it in cloud notes, email it to yourself, or paste it into chat. | |||
* Write it on paper (or metal) and keep it private and offline. | |||
'''Phishing (fake websites + fake “support”)''' | |||
* Ignore DMs offering “help”, “airdrop claims”, or “account recovery”. | |||
* Type the site address yourself or use a trusted bookmark. | |||
'''Fake wallet apps / bad downloads''' | |||
* Only download wallets from the official website or official app store publisher. | |||
* Avoid random links from YouTube, Telegram, Discord, or ads. | |||
'''Malware on your device''' | |||
* Don’t use cracked software. | |||
* Keep your OS/browser updated and avoid suspicious extensions. | |||
'''Copy/paste address mistakes''' | |||
* Double-check the first and last characters of the address before sending. | |||
* Do a small test transaction when sending to a new address. | |||
'''Wrong network (common on Ethereum & EVM chains)''' | |||
* Make sure the network matches the receiving wallet (Ethereum vs Polygon vs BSC, etc.). | |||
* If you’re unsure, stop and verify before sending. | |||
'''Approving suspicious transactions (Ethereum / DeFi)''' | |||
* Read what you’re signing. If it looks confusing, don’t sign. | |||
* Be careful with token approvals (some approvals allow spending later). | |||
'''Exchange account security (if you use exchanges)''' | |||
* Use a unique password + an authenticator app (avoid SMS if possible). | |||
* Watch for “login alert” emails and suspicious password reset attempts. | |||
Latest revision as of 00:30, 8 January 2026
The term Web 3 refers to using the Internet to interact with cryptocurrencies.
Crypto 101
A cryptocurrency involves 3 components:
- A computer network sharing a protocol for validating and updating a shared data structure called a Block-chain.
- The Block-Chain, that keeps track of all transactions of the base digital assets.
- And the digital assets themselves.Very special data structures that can be "owned" as physical objects do, often called coins, or tokens.
Although there are tens of thousands of cryptocurrencies, there are two basic design principles, exemplified by Bitcoin and Ethereum. Bitcoin was designed to be a decentralized peer to peer cash system, and Ethereum was designed as a decentralized virtual machine, expanding the idea of decentralization to computing itself.
Wallet
Only the network nodes interact directly with the blockchain. Most users interact via Internet using special software called a Wallet. Giving the impression that it is the place where you keep your coins, but it isn´t.
In crypto, the only thing you have is a private key, used to transfer the property of the coins from the address associated to the private key, to another address. The coins live in the blockchain, and you can loose your phone or computer, and no coins will be lost.
But if you loose your private keys there is no way to recover your coins.
The Wallet software does not hold or contain the coins, instead it contains a Master Private Key used to generate addresses (on Bitcoin) or accounts (on Ethereum), which are the places where you transfer the property to and from.
The Wallet Seed
The Master private key is characterized by a set of twelve words, called the seed, that are enough to recreate all your private keys. If you have your 12 words you can install a wallet software anywhere and load your private keys to access your coins.
How Secure is the Seed?
Breaking a modern Bitcoin/Ethereum seed phrase by brute force is computationally hopeless because of the number of possible seeds is astronomically large. Even if an attacker had unrealistically massive hardware that could test trillions of seeds per second, the expected time to hit the right 12-word seed would still be around 10¹⁹ years, vastly longer than the age of the universe.
In practice, successful “wallet hacks” almost never come from cracking the cryptography; they come from mistakes like weak passphrases, phishing, malware, leaked backups, or someone exposing their words.
The Most Important Safety Lesson In Crypto
All you really have is your twelve words. If you loose them, you loose everything.
Permissions
The wallet software is used to interact with websites. It handles the permissions and authorizations granted to the website over your coins.
More on Safety
A direct attack by hackers to the blockchain is nearly impossible at this stage. There are public bitcoin addresses with thousands of Bitcoins that remain untouched for years. The weak point in security is keeping the private keys safe.
We will list some of the most common dangers and how to avoid them:
Seed phrase exposure (most common)
- Never screenshot it, store it in cloud notes, email it to yourself, or paste it into chat.
- Write it on paper (or metal) and keep it private and offline.
Phishing (fake websites + fake “support”)
- Ignore DMs offering “help”, “airdrop claims”, or “account recovery”.
- Type the site address yourself or use a trusted bookmark.
Fake wallet apps / bad downloads
- Only download wallets from the official website or official app store publisher.
- Avoid random links from YouTube, Telegram, Discord, or ads.
Malware on your device
- Don’t use cracked software.
- Keep your OS/browser updated and avoid suspicious extensions.
Copy/paste address mistakes
- Double-check the first and last characters of the address before sending.
- Do a small test transaction when sending to a new address.
Wrong network (common on Ethereum & EVM chains)
- Make sure the network matches the receiving wallet (Ethereum vs Polygon vs BSC, etc.).
- If you’re unsure, stop and verify before sending.
Approving suspicious transactions (Ethereum / DeFi)
- Read what you’re signing. If it looks confusing, don’t sign.
- Be careful with token approvals (some approvals allow spending later).
Exchange account security (if you use exchanges)
- Use a unique password + an authenticator app (avoid SMS if possible).
- Watch for “login alert” emails and suspicious password reset attempts.