Securing your Vault

Always test services on devnet or with small amounts before risking your funds.

Securing your Vault is critical, and it is important to follow best practices to ensure that your funds are safe and secure.

Key management: Proper key management is essential to ensure the security of your funds. It is recommended to use hardware wallets, keep backups of your private keys in multiple locations, and follow security best practices for storing private keys. When a Board member's key is lost or compromised, he should be removed from the Board and generate a new set of keys before getting added again.
Quorum choice: The quorum is the number of Board members that must sign a proposal for it to be executed. It is important to choose a quorum that is less than the total number of Board members (to avoid losing access to all funds if a Board member loses his key), but not so low that it poses a risk to your funds (a small number of Board members could act together maliciously).
Members management: Especially when removing a member of the Board, pay close attention the the value of the Quorum, and lower it temporarily if needed. If you end up with a Quorum higher than the number of members with access to their keys, you will lose all your funds!
Regular review: Regularly review the members of your Board and their permissions, as well as the quorum setting, to ensure that your Vault remains secure.
Educate Board members: Educate your Board members on their responsibilities and how to properly sign proposals, to avoid errors or misunderstandings that could compromise the security of your funds.
Privacy: In some cases (such as the use of a Vault as a Social Recovery mechanism), the identity of Board members should be kept private to ensure the security of the funds. In such a case, it is recommended that Board members generate a new set of keys for that purpose only, so that their identity can less likely be determined by their on-chain activity.

These are some of the best practices to follow when securing your funds in a Vault. It is important to be diligent and proactive in ensuring the security of your funds.

PreviousManaging funds and tokens NextEmergency script

Last updated 2 years ago

Securing your Vault

Always test services on devnet or with small amounts before risking your funds.

Securing your Vault is critical, and it is important to follow best practices to ensure that your funds are safe and secure.

Key management: Proper key management is essential to ensure the security of your funds. It is recommended to use hardware wallets, keep backups of your private keys in multiple locations, and follow security best practices for storing private keys. When a Board member's key is lost or compromised, he should be removed from the Board and generate a new set of keys before getting added again.
Quorum choice: The quorum is the number of Board members that must sign a proposal for it to be executed. It is important to choose a quorum that is less than the total number of Board members (to avoid losing access to all funds if a Board member loses his key), but not so low that it poses a risk to your funds (a small number of Board members could act together maliciously).
Members management: Especially when removing a member of the Board, pay close attention the the value of the Quorum, and lower it temporarily if needed. If you end up with a Quorum higher than the number of members with access to their keys, you will lose all your funds!
Regular review: Regularly review the members of your Board and their permissions, as well as the quorum setting, to ensure that your Vault remains secure.
Educate Board members: Educate your Board members on their responsibilities and how to properly sign proposals, to avoid errors or misunderstandings that could compromise the security of your funds.
Privacy: In some cases (such as the use of a Vault as a Social Recovery mechanism), the identity of Board members should be kept private to ensure the security of the funds. In such a case, it is recommended that Board members generate a new set of keys for that purpose only, so that their identity can less likely be determined by their on-chain activity.

These are some of the best practices to follow when securing your funds in a Vault. It is important to be diligent and proactive in ensuring the security of your funds.

PreviousManaging funds and tokens NextEmergency script

Last updated 2 years ago