Web3 Domain Security Guide & Best Practices

Modified on: Fri, 19 May, 2023 at 4:39 PM

Self-custody is one of the most important features of a Web3 domain. This is what makes your domain decentralized and gives you full control! A self-custody solution is possible because your domain is an asset on the blockchain and stored like a cryptocurrency in your wallet. This custody method gives your Web3 domain “superpowers” that traditional domains do not have.

Due to the self-custody nature of Web3 domains it:

  • Cannot be seized by a 3rd-party.
  • Can enable decentralized websites.
  • Gives the owner sole control and access to domain management features
  • Can be transferred in seconds, without needing permission from any 3rd-party.

Claim Your Domains 

Claiming your domain is the process of taking your domain from our custody and transferring it to your self-custodial wallet. This is the process where you, the user, take full control and ownership of your domain. The only way to manage your domains is to access your wallet. Every time you want to access your wallet you will be asked to upload your keystore file, or enter your passphrase/password.

In the process of creating a wallet, you will generate a seed-phrase and create a password; if creating a Zilliqa it will be a keystore and passphrase. It is extremely important to store these items in a safe place. Every time you perform an action, or access your wallet/domains, you will be asked to enter your password, or passphrase and upload your keystore file. If you lose any of these you will lose access to your domains.

Here are a few security methods to store your passphase, password, and keystore file:

  • Password Manager: Store passwords in a secure password protected vault.
  • Email: Store your information and saved to an secure email address protected by 2FA.
  • USB: Store your information offline on a USB. You can also password protect your USB for an added layer of security.
  • Password-protected folder: Create a local password-protected folder in the file system on your computer. Download the keystore wallet file, and create a text file for password/passphrase and seed phrase and save it in a password-protected folder.

The next step is to create reliable backup methods to retrieve this information in case it is lost or forgotten. Write all of the corresponding information down on a piece of paper and where you stored your the item. Store this paper in a safe place that is also repeatedly accessible. Do not share this information with anyone!

The most important part is to pick a security method that works for you. If you lose your passphrase, keystore, or password you will not be able to access your domains.

Warnings: Be careful hackers using deceptive tactics like phishing and social engineering, to gather personal information. Watch out for fake emails and social media messages pretending to be Unstoppable involving wallet "updates". The Unstoppable team will never ask for your passphrase, seedphrase, password, or keystore file. Never share this information online. Double-check a website address before interacting, hackers will create cloned websites identical to originals. Do not trust services that reach out claiming to take secure custody of domains. Transferring domains are done with the public address, do not share private information.

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.

Still need help?

Submit a Support Ticket

Join us on social media

with us