Ethereum co-founder Vitalik Buterin has stressed the significance of having a diverse set of «guardians» to ensure maximum safety for crypto asset self-custody via multisig and social recovery wallets.
Given the increasing rate of crypto scams and hacks over the past few years, and the collapse of several major crypto firms in 2022, self-custody and maintaining sufficient wallet safety procedures have never been more critical.
On March 16, Buterin posted on the r/ethereum community on Reddit under the title «How I think about choosing guardians for multisig and social recovery wallets,» and provided a detailed rundown of his approach to wallet security.
Self-custody is important. And social recovery and multisig is a great way to do it.
A quick reddit post on how I think about choosing guardians for social recovery and multisig wallets:https://t.co/FY1iyJ6BFC
— vitalik.eth (@VitalikButerin) March 17, 2023
Although multisig and social recovery wallets have different structures, they both rely on guardians who serve as external sources to recover funds or approve transactions. Guardians can generally be sets of external wallets belonging to a single person or addresses controlled by other individuals or entities.
Buterin emphasizes the necessity to decentralize wallet guardians, as having several guardians owned by a single person creates a «tricky tradeoff: you get to trust other people less, but you’re also concentrating more power into yourself, which can create a risk if you get hacked, coerced, or incapacitated or die.»
«My rule of thumb is that enough guardians should be controlled by other people that if you disappear there are enough other guardians left to recover your funds.»
Buterin also advises that guardians should not be aware of each other, as this «greatly reduces the risk that they collude» to attack their wallets and assets. However, they should still be able to find each other in case something happens to the wallet owner.
«If something happens to you, they will still be able to find each other, because there are obvious standard protocols that naturally come to people’s minds in such a situation (e.g. contact your family),» he wrote.
Furthermore, the Ethereum co-founder suggests that people should «instruct guardians to ask a security question» that only they and the guardian will know when confirming an operation, and only confirmed when the correct answer is given.
Related: DeFi sees its biggest hack in 2023 as Euler loses $197M: Finance Redefined
For degen traders or those not making long-term hodl plays, Buterin also stresses that they should use guardians who can respond quickly to suit their fast-moving needs.
«If you’re doing degen stuff with on-chain contracts, you may need to act quickly: pull money out if a contract gets a vulnerability, move money around if you are close to being liquidated, etc. If your needs include this, then you want to find guardians who can act quickly on short notice.»
Finally, Buterin recommends testing each guardian at least once a year, as this will confirm that they «haven’t forgotten or lost their accounts.»
Given the increasing rate of crypto scams and hacks over the past few years, and the collapse of several crypto firms last year, maintaining sufficient wallet safety procedures has never been more crucial.
