Security Best Practices

Your wallet's security is our top priority. By using a passkey-based system powered by Turnkey, we eliminate the single biggest point of failure for traditional wallets: the seed phrase. However, it's still important to follow best practices to keep your assets safe.

Understanding Passkey Security

Your passkey is not a password. It's a unique cryptographic key stored securely on your device (e.g., in your iPhone's Secure Enclave or Android's Titan M chip).

• Phishing Resistant: Because the key never leaves your device, you cannot be tricked into typing it into a malicious website.
• No Central Server Breach: Turnkey doesn't store your private key, so there's no central database for hackers to target.
• Biometric Protection: Your passkey is protected by your device's biometrics (Face ID, fingerprint) or PIN.

What If I Lose My Device?

Losing a device is a risk, but passkeys are recoverable if you have a backup strategy.

1. Cloud Backups: Most operating systems (like Apple's iCloud Keychain and Google Password Manager) securely back up your passkeys. When you sign into your Apple or Google account on a new device, your passkeys can be restored.
2. Add a Second Device: We highly recommend adding a second device (like an iPad or a laptop) as a passkey authenticator. This gives you a backup method to access your wallet if your primary device is lost or broken.

Best Practices for Wallet Safety

• Verify Transactions: Always double-check the recipient address and amount before approving any transaction.
• Be Wary of dApps: Only connect your wallet to dApps you know and trust. Malicious dApps can trick you into signing transactions that drain your funds.
• Keep Your Devices Secure: Use a strong passcode or biometric lock on all devices where you use your wallet.
• Never Share Your Screen: Do not share your screen with anyone while your wallet is unlocked, especially during a signing or authentication process.