Wallet Security 101

When people say "crypto wallet," they usually picture an app — MetaMask, Coinbase Wallet, Ledger Live. But the app is just the interface. What matters is what's underneath: a pair of cryptographic keys.

A hot wallet is one where the private key exists on an internet-connected device. Convenient, but permanently exposed to the attack surface of that device. A cold wallet stores the private key on isolated hardware that never touches the internet.

Custodial versus non-custodial: on a centralized exchange the exchange holds the keys and you hold an account balance — an IOU. "Not your keys, not your coins" is not a slogan, it's an operational reality.

Your seed phrase — the 12 or 24 words — is a human-readable encoding of your private key. Anyone with those words can reconstruct your key. It should exist on paper, in a safe, and nowhere else.

ERC-20 is the standard that defines fungible tokens. It includes a function called approve(spender, amount). When you call it, you authorize a smart contract to transfer up to amount of your tokens on your behalf.

Most DeFi frontends request uint256 max as the amount — effectively infinity. You approve once, forever. The approval persists on-chain long after you've stopped using the protocol.

This is not a theoretical edge case. In 2022, Wintermute lost $160M partly due to stale approval patterns. Countless individual users lose funds this way every week.

When a tool like Sentinel asks for your wallet address to run a scan, it needs nothing more than the address itself — a 42-character hex string that is entirely public. Every transaction, every approval, every token you hold: all of it is visible on-chain to anyone who knows your address.

There is a critical technical distinction between reading blockchain state and modifying it. Reading state requires no cryptographic authorization whatsoever. Modifying state requires a signed transaction, and a transaction requires your private key.

Sentinel uses read-only RPC calls to Ethereum nodes — eth_getBalance, eth_call, getLogs — the same calls block explorers use. At no point does Sentinel request a signature. If a scanner asks you to sign a transaction just to scan, close that tab.

EIP-712 is a standard for structured data signing. It becomes dangerous in phishing contexts because the signature looks benign ("Sign in with Ethereum") but encodes a permit() call that the attacker can submit on-chain. The rule: never sign an EIP-712 message you don't fully understand, even if it says "no gas required."