OtterFodder on Warpcast

Content pfp

0 reply

20 recasts

20 reactions

OtterFodder pfp

@otterfodder.eth

So many wallets to choose from! What would y'all recommend for each use? 1) Connecting to web3 apps for community purposes 2) DAO voting like Nouns (need NFT to vote) 3) Trading / DeFi 4) Large Holdings/savings

2 replies

0 recast

3 reactions

Sam pfp

Easily @rainbow https://www.rainbow.me/points?ref=STBGKT

1 reply

0 recast

2 reactions

OtterFodder pfp

@otterfodder.eth

For all 4? Figured there'd be a cold wallet recommendation for at least one.

1 reply

0 recast

1 reaction

Sam pfp

You could if you want but I personally am willing to take that risk (I know how to read transaction signatures so I I’d know if I was about to get scammed which might not be the case for everyone) Honestly if you are worried about holding a large amount of assets in a single hot wallet then you could do some combo of hot wallet and exchange like Coinbase or Robinhood

1 reply

0 recast

1 reaction

OtterFodder pfp

@otterfodder.eth

Gotcha, I'm already on the Rainbow train so I was curious if people felt strongly about other options. Any good references you'd recommend for transaction signatures?

1 reply

0 recast

1 reaction

Sam pfp

Rainbow gets you most of the way there because it simulates what's going to happen (there could be edge cases) Sometimes when you sign into some kind of site with your wallet you have to prove that you own it via a signature (ex: nouns gg). This is an attack vector because that signature, although gas free, can be taken and executed onchain if its malicious. My recent prop for swapping my Noun required me to sign a message that allowed the DAO to withdraw 0.05 WETH from my wallet on prop execution. This is ok because I specifically wanted it but you could imagine a scenario where you sign some message on seemingly legit site that gives them permission to take all your assets but you don't actually execute anything onchain yourself. More practically, if you sign a message that says "x wants you to sign in with your Ethereum account" its probably safe. If you are trying to sign something that looks like a giant hexadecimal or json string then that could be bad. https://eips.ethereum.org/EIPS/eip-4361

1 reply

0 recast

2 reactions