Diversified set of guardians required for safe self-custody: Vitalik Buterin
Ethereum co-founder Vitalik Buterin has emphasized the importance of having a varied set of “guardians” to maximize the safety of crypto asset self-custody via multisig and social recovery wallets.
Given the ever-growing rate of crypto scams and hacks over the past few years, and several major crypto firms going bust in 2022, the importance of self-custody and maintaining sufficient wallet safety procedures has never been more important.
In a March 16 Reddit post on the r/ethereum community titled “How I think about choosing guardians for multsig and social recovery wallets, Buterin gave a detailed run down of how he approaches wallet security.
While their structures differ, Multisig wallets and social recovery wallets both rely on guardians, which essentially serve as external sources to recover funds or approve transactions. Generally, Guardians can be sets of external wallets belonging to the same individual, or addresses controlled by other people/entities.
According to Buterin, it’s important to decentralize wallet guardians, as owning more than one of your guardians provides a “tricky tradeoff: you get to trust other people less, but you're also concentrating more power into yourself, which can create a risk if you get hacked, coerced, or incapacitated or die.”
“My rule of thumb is that enough guardians should be controlled by other people that if you disappear there are enough other guardians left to recover your funds.”
Buterin went on to advise that someone’s set of guardians should not know of each other, as this “greatly reduces the risk that they collude” to attack their wallets and assets, however they should still be able to find each other in the case of something happening to the wallet owner.
“If something happens to you, they will still be able to find each other, because there are obvious standard protocols that naturally come to people's minds in such a situation (eg. contact your family),” he wrote.
Additionally, the Ethereum co-founder suggested that people should “instruct guardians to ask a security question” that only they and the guardian will know when confirming an operation, and only confirm when the correct answer is given.
Related: DeFi sees its biggest hack in 2023 as Euler loses $197M: Finance Redefined
For degen traders, or those not making long term HODL plays, the Ethereum co-founder also stressed that they should use guardians that can respond quickly to suit their fast moving needs.
“If you're doing degen stuff with on-chain contracts, you may need to act quickly: pull money out if a contract gets a vulnerability, move money around if you are close to being liquidated, etc. If your needs include this, then you want to find guardians who can act quickly on short notice.”
Finally, Buterin recommended testing each guardian at least once a year, as this will confirm that they “haven't forgotten or lost their accounts.”
Given the ever-growing rate of crypto scammers and hacks over the past few years, and several crypto firms going bust last year, the importance of maintaining sufficient wallet safety procedures has never been more important.