Gate Your Web3 Community with Ancla (powered by Smithii)
Gate Your Web3 Community with Ancla (powered by Smithii)

Copy article link

secure practices for solana portrait - Smithii

Solana security best practices: stay safe with these tips

Imagine that one day you check your wallet, the place where you have different digital assets, and it turns out that they are no longer there. It's not a connection or display error, in reality, someone has breached your passwords and taken everything.

It's a situation that terrifies us all. Nobody wants to go through that, because Web3 gives us freedoms and infinite benefits, but it also exposes us. That's why you need to know security practices in Solana to keep yourself safe (and this situation remains a simple hypothesis).

Throughout this article we will review the tips that you must follow to keep your Solana portfolio safe.

Example with a real security case

At Smithii, we will always be committed to the security of our users, but that doesn't stop malicious people from trying to take advantage. Recently, one of our users was tricked out of his SOL .

It turns out that we stumbled upon a forum on Reddit where the case of a person who was drained of $2.SOL for using our launchpad is exposed. Following the line of events, this user:

  1. You successfully created a token our Solana tool.
  2. Some questions arose and he joined the official Discord to seek answers.
  3. He loaded his wallet with 2.8 SOL and, 10 minutes later, they were gone.
  4. He contacted "our technology leader" to state his case and recommended that he charge the same amount to his wallet to fix it.
  5. He exposed the case on Reddit.

We immediately recommended him to create a ticket on our only official Discord server to discuss his case. He did, and it turns out that a person pretended to be part of our team. The user received guidance from " Smithiis technology leader" and asked him to verify his wallet on a different site.

What happened? He gave him access to the wallet and drained the assets he had. In addition, he recommended her to load more SOL to keep them as well.

Our support team banned the scammer and explained the security situation to them, and also provided them with PRO access for one day so they could regenerate their token paying our dApp’s fees. The user themselves shared this information in a Reddit update about their scam case.

This situation, even if it seems obvious the scam attempt when analyzing it this way, is more frequent than it seems. That's why you need to follow security practices in Solana and any other blockchain and Web3 ecosystem. Yes, there are more opportunities and freedoms, but it also exposes us to certain risks.

Safety practices in Solana: What can be done to avoid bad experiences?

To stay safe in the Solana ecosystem (and in web3 in general), we recommend you to follow these tips. In fact, you should make it your regular practice.

Best secure practices on Solana: Keep your seed phrase safe by writing it on paper and keep it in a safe place, don't share it with nobody. Use multiple wallets, one for daily use, another one for tests and another one as main wallet with your holds (cold wallet is best option for this). Make a research before connect your waller on dApps.

Write your Seed Phrase on paper and do not share it.

The Seed Phrase is a unique key of 12-24 random words that is generated when you create your wallet. To have access to this key is to control your entire wallet, so it is best to keep it on paper and keep it hidden. Do not carry it with you and do not expose it to the naked eye, you should keep it in a totally safe place.

Saving your Seed Phrase digitally is a bad idea, as operating systems and storage services can be breached in multiple ways.

And remember, only you need to have the Seed Phrase and no one else. Neither publishers, promotions, airdrops or other platforms need to know this information to guarantee a result.

Use more than one wallet

The best Solana wallets allow you to create several and manage them with the same account. We recommend you to have one wallet to store your assets (if it is a cold wallet, all the better), another one for daily and small transactions, and one more to connect to platforms or to test.

If you only use one wallet for everything, logging into a fake site or falling for a phishing practice will expose you completely and you could lose everything. Instead, connect an empty wallet on dApps of dubious credibility and test with a minuscule amount of your assets.

In case that wallet is compromised, just delete it and create a new one, without exposing the others and being drained of all your tokens.

Want to take this to another level? Use two different browsers and in each one create a wallet with Seed Phrase each. However, connecting a wallet to a dApp does not provide access to the other connected wallets, but this is a foolproof way to split your accounts.

Cold Wallet, the ultimate security barrier

A cold wallet is a type of wallet that keeps private keys disconnected from the internet. It is a hardware or device that will contain the assets you have and you can only transfer them when you use it. This means that there is no way for someone else to access your wallet remotely.

On the other hand, it is such a robust method that it "hinders" the authorization of transactions, so using it as a day-to-day wallet is not a good idea. Also, there is a risk of losing the physical device or the recovery phrase with all your assets inside.

Check the platforms before connecting

That common authorization you confirm when you conduct a transaction or connect to a dApp may contain instructions or permissions to transfer funds without your consent.

Sometimes, fraudulent platforms do not activate instructions instantly, but wait until you have a certain amount of assets to make you feel more confident. To avoid falling into this type of scams, we recommend you to follow these verification tips to stay safe on Solana:

  • Check the URL of the platform, there are some mirror platforms that pretend to look like others, but their URL gives them away. They usually have "vercel" or "development", as well as very rare domains (such as .xyz or free to use domains like blogspot).
  • Do your research first before you go online. For example, we have independent audits and reviews on TrustPilot. If the site that asks you to connect your wallet directly has no reviews and does not care about verification, it is probably a scam attempt.
  • Save the official sites in favorites and avoid falling into the game of the search engine, as it can sometimes show fraudulent pages as "promotion" instead of the official website.
  • Disconnect the wallet and remove permissions after testing a dApp.

No one will offer you direct message support

As we saw in the real case, one of our users believed that someone else was part of the Smithii team and was able to drain their funds. Never accept DM support, especially when you didn't ask for it. Our team does not require you to verify your wallet elsewhere and will not ask for private keys or your seed phrase.

What to do if yourSolana wallet has been compromised?

Following these security practices in Solana will prevent another malicious person from gaining access to your assets. In case you notice strange activity in your wallet, do the following:

  1. Don't panic and act soon, it may not be too late to save your funds.
  2. Create a new wallet and move your funds there. Do not make transfers to old wallets or wallets that may also be compromised.
  3. Take screenshots and document what happened to report the site or the person who tricked you out of your assets.
  4. Delete the violated wallet , although you can cancel the permissions you have granted, the safest thing to do is to create a new one.
  5. Analyze what you did wrong and reflect on it to avoid falling into the same deception in the future.

The crypto community is constantly reporting theft and fraudulent sites. Phantom, for example, has a list of verified and safe dApps where Smithii Tools appears. It also takes care of lock pages that are reported by users. If you enter a scam page that is already flagged by Phantom, a warning message will block access, as shown below.

Phantom Warning when visiting a flaged webpage. Message: Phantom believes this website is malicious and unsafe to use. This site has been flagged as part of a community-maintained database of known scam and phishing websites.

Conclusion on security practices at Solana

Make these recommendations a habit and never forget the best security practices in Solana and Web3 in general. You are in charge of taking care of your assets and access to your accounts, so take all possible precautions to avoid draining your funds.

Don't forget to subscribe to Smithii s newsletter to stay up to date with Solana 's news and bookmark our pages to manage your web3 projects securely and efficiently.

Outperform your competitors?

Join our Newsletter and receive weekly blockchain news specialized in web3 creators.

Please tell us your main interest to give you the best news!
PODIUM PNG - Smithii

How useful did you find this content?

Click on a star to rate it!

Average score 0 / 5. Vote count: 0

So far, there are no votes! Be the first to rate this content.

Since you found this content useful...

Follow me on social media!

I'm sorry this content wasn't useful to you!

Let me improve this content!

Tell me, how can I improve this content?

Leave a comment

Smithii

The all-in-one solution for web3 Projects

Chains

Solana

Ethereum

BNB Chain

Base

Polygon

Avalanche

Arbitrum

Blast

Pump Fun

Sui

Token Creator

Create Solana Token

Create Ethereum Token

Create BNB Chain Token

Create Base Token

Create Polygon Token

Create Avalanche Token

Create Arbitrum Token

Create Blast Token

Create Sui Token

Resources

About Us

Contact Us

Tutorials

Blog

Glossary

Sitemap

FAQs

Web3 Tools

Solana Development Service

Editorial Policy

Subscribe to the Newsletter and receive a free E-Book

© 2023 - 2026 Smithii | All rights reserved

Privacy Policy

Terms of Service