Metamask : Security and Risks!

in hive-175254 •  2 months ago 

a1.jpeg
Source
Today's topic is based on the security risks of meta masks. A small intro for those of you who don't know much about this topic, there are 2 types of wallets - hot Wallets and cold wallets. A hot wallet is a wallet that stores your assets on the internet and cold wallet stores the assets on a hardware device. We will be discussing meta mask in this blog, it is a hot wallet based on eth network.

Hot wallet's In comparison with cold wallets fall short of a point because since it's online it "could" be hacked into and you are still not 100% control of your assets. But again hot wallets provide a lot more speed and efficiency in comparison with "hardware" wallets.

a2.webp
Source
What is metamask?
Meta mask is a wallet used to store various cryptocurrencies, its available as an extension on chrome, Firefox and Brave browser. I would recommend using the Brave browser for its amazing security and adding free benefits (BAT token rewards). Getting back to the main topic -> Meta mask gives u the ability to store ERC20 tokens and make transactions by acting as a bridge between the Blockchain and you.

Security on meta mask:
Meta mask is an open-source wallet. This means that is free to use and has a group of really good developers behind it. The keys are stored in an encrypted format within the browser and the company doesn't have any access to our data or keys on any of their servers. This means only you have control over your assets.
Benefits :
✓ In-app purchase from coinbase or opensea: since it is linked to exchanges.
✓local key storage (encrypted format in the browser)

Risks:
✓ The biggest risk of any online wallet is phishing. I made a whole blog on How I became a victim of phishing? What it is? and How you can avoid phishing? Click Here to view my blog on "phishing" To summarize it, it when red hats /hackers create an identical website and ask you to login/ enter your details. In doing so your password directly goes to the host of the page and now they have access to all of your data. This is possible with metamask where there is a lot of fake identical applications and you may enter your phrase into the wrong website and lose control of all your assets.

✓ Recovery Phrase :
On creating an account we are given a 12-word recovery phrase, if we lose that recovery phrase or if it falls onto the wrong hands the assets are equivalent to 0$. The recovery phrase needs to be stored securely and made sure it does not fall into the wrong hands. Make sure you don't lose this phrase too because your assets are encrypted and your phrase is the only one that can let you gain access to them.

✓ The website knows if you have a meta mask:
Though no website can hack into your meta mask they do know that if your meta mask extension is on, you are a meta mask user.

timing-side-channel-attack.jpeg

Source
✓Timing attack :
This is when you are about to unlock your meta mask and a malicious website on another tab waits for the time your meta mask is unlocked. You unlocked it since you wanted to make a transaction on another website but since the meta mask doesn't " clearly" specify which website is making the transaction. The website open on another tab may request for a transaction once it revives an alert that your meta mask is unlocked now.

Conclusion:
I would conclude by saying that meta mask is secure to an extent but since it is a hot wallet that stores your assets online you should be aware that it has the sole chance of losing your asset's. If you have a lot of asset's which you plan on holding for the long term I would recommend you to use a cold wallet which would give 100% of the control to you ^^.

Thank you for reading the entire blog. Let me know your thoughts on this topic in the comments!

7kq2TLHKEHhBfZRYbJvEXxXoqL3FWypb9y9syj5ndRnDJM2cbxNNcVTP2f2WrjjfqNAiddR5DTcteNmsc1bXajW9XbTnnXKqjhXWhahe2mAkwe51gZQ9ZdHdBKtqk7EgPLQEZKzm89eogmaVMQy9Wgmfyr4iuAweTyBMuyYFzV6son6B18PQHfRjbZYqHhvZGZAJm6r2cykQGzpu7YNyx73JA9VogZv1XqGydK7HMLFeE8i8.png

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Hello friend, excellent information, it is a very popular wallet nowadays, I use it a lot actually. But in the same way we must be careful and educate ourselves about it so as not to fall into scams. Greetings.

Hii @franyeligonzalez,
Glad you found the blog informative :-)
Since meta mask is being used so excessively we need to be aware of the risks so we don't fall into the traps that can be avoidable!

Yes it is definitely safe as long as we are very cautious, you are right in saying that a cold wallet is best for storing large amounts of our cryptocurrencies.

Hiii @lanzjoseg,
Definitely cold wallets are the best option if we want to store large amount of crypto , because that way we have 100% control over our assets. There are problems here too incase we forget the password for the hard disk the tokens are gone forever >.< Thank you for reading till the end and sharing your thoughts on this topic !