Why I still use a hardware wallet for airdrops (even if it’s a waste of time)
Would you rather waste 10 seconds per transaction or lose your entire wallet?
Hot wallets are so convenient, but they come at a huge cost:
Seed phrases can be compromised at any time
Increased risk of signing the wrong transactions
I’ve been ridiculed for using a hardware wallet for airdrops, but I still believe that it’s an important part of your security setup:
Especially if your portfolio is > $1k.
So here’s why I believe everyone (even airdrop hunters) should get a hardware wallet:
Your footprint is more valuable than the assets
Even if your wallet gets drained by a token approval exploit:
The consequences aren’t that bad.
You can revoke the token approval and continue using the wallet.
Funds are lost, but you still have full control over your wallet.
But if your seed phrase gets exposed:
Your entire wallet is under the control of hackers.
They have full access to your assets and footprint.
Revoking approvals won’t do anything as the hacker can transfer funds out of your wallet at any time.
Most hackers would use scripts to drain every asset from your wallet, just like in this example:
And what’s worse is how they have access to your footprint and SBTs that are not transferable:
One of my followers had staked funds and LXP (SBTs) in his hacked wallet.
The hacker can now claim future airdrops while you did all the hard work for them (thanks to your footprint).
This is the reason why securing your seed phrase is critical, and why I choose to use a hardware wallet:
Hardware wallets protect against malware hacks
It’s too risky to leave significant funds in a hot wallet.
Here’s my stance on this:
A wallet is compromised once there’s a digital copy of its seed phrase.
There are countless incidents where hackers use malware to obtain users’ seed phrases and drain their funds:
These malware usually extract seed phrases that are stored digitally in any form:
Text on your notes app
Password managers
Local browser extensions (e.g. Katz Stealer)
Screen-recording or keylogging tools
Screenshots (through Optical Character Recognition)
These hacks are getting more and more sophisticated too.
Impersonation scams with deepfakes use social engineering tricks to make you believe that the scammers are legitimate.
But once the hackers know your seed phrase, they essentially control your entire wallet.
And there’s no way of getting that control back.
The longer we use our wallet, the higher the likelihood that we make a mistake that could expose our seed phrase to hackers.
So to avoid this completely:
Use a hardware wallet instead ,as it stores your seed phrase completely offline.
The seed phrase is generated within the device itself and there’s no digital trace of it.
But this only works if you keep your seed phrase copy offline too:
If you store it digitally, then it defeats the purpose of using a hardware wallet.
Still not convinced? There’s a risk that your hot wallet can be hacked too:
Hardware wallets protect against hot wallet hacks
Hot wallets claim that they generate and store your seed phrase securely, but that’s not always the case:
In 2022, 9,231 Phantom wallets were drained, and no one could understand what happened.
Turns out, these wallets were first generated on Slope Wallet and hackers accessed them because of this mistake:
The seed phrases were not properly encrypted on Slope’s server and were stored as plaintext.
So the hackers breached the server and stole the exposed seed phrases to drain funds.
This is not just a standalone incident. Other wallets experienced similar hacks too:
Atomic Wallet (up to $100 million): Seed phrases could have been transmitted to a central server
MyAlgo Wallet ($9.2 million stolen): Hackers injected malicious code in the MyAlgo website to steal users’ seed phrases
Edge Wallet: A vulnerability led to unencrypted private keys being uploaded to servers
It is likely that MetaMask and Rabby should be safe, but why risk your entire portfolio (and onchain footprint) when you don’t have to?
Hardware wallets store your seed phrase offline so this risk is avoided completely.
And while hardware wallets are troublesome to sign transactions, I find this to be a handy security feature:
Hardware wallets protect against careless signing
I see hardware wallets as a 2FA:
After signing on desktop/mobile, I have to physically sign it on the hardware wallet too.
Here's how it works when sending ETH to someone:
The transaction is set up on the online interface (app or wallet)
The transaction is physically confirmed on the hardware wallet (like a 2FA)
The hardware wallet signs the transaction with your private key
The signed transaction is sent back to the internet-connected device via Bluetooth or USB-C and then broadcast on the blockchain
While hot wallets are more convenient, they carry an added risk:
There’s no way of reversing a transaction after we press ‘Confirm’.
While for hardware wallets, there’s still time for us to stop and think before signing the transaction physically.
There were times when I rushed into a transaction, but something felt off.
Having to physically sign it with my hardware wallet gives me the time to pause and check that everything looks fine first before confirming.
I’m also protecting myself against another form of carelessness too:
Hardware wallets protect against careless exposure
We’ve seen how dangerous livestreams can be:
Accidentally exposing your seed phrase during a stream will 99.99% result in your wallet getting drained.
Which is why I’m wary of any digital copies of my seed phrase as anyone could eventually access it.
All it takes is one mistake to lose your entire wallet.
And that’s why hardware wallets hedge against this risk.
Seed phrases are stored completely offline so there’s nothing to worry about when sharing your screen publicly.
You may want to use a hardware wallet, but this misconception may be stopping you:
Hardware wallets can be used for airdrops
I’ve been using a hardware wallet since I started my airdrop journey in 2023, and I’m still using the same one.
Many believe that a hardware wallet (or cold wallet) is only good for cold storage.
But we can sign transactions with our hardware wallets too.
While the hardware wallet is not connected to the internet:
It’s still possible for the hardware wallet to interact with the blockchain through a companion app or supported wallet.
MetaMask and Rabby both support hardware wallets like Ledger/Trezor/OneKey, but other browser wallets may have limited support.
So it’s still possible to perform DeFi transactions with a hardware wallet, but it’s not 100% safe:
Hardware wallets are not foolproof
There are 2 main categories of crypto hacks:
Seed phrase hacks
Malicious signatures
Hardware wallets only protect you against the first type: seed phrase hacks.
No matter how secure your seed phrase is:
Hardware wallets can’t stop you from signing malicious signatures.
This is what happened in the ByBit hack, where the multi-sig all signed a malicious transaction as the UI was manipulated.
While the hackers can’t control your seed phrase (which limits the damage):
They can use UI manipulation or phishing sites to trick you into signing a malicious signature.
So we need to be sure of what we’re signing before we confirm the transaction too.
Here are other cons of using a hardware wallet:
Hardware wallets have their flaws
Unable to import to certain wallets: Some wallets (BitGet, ByBit wallet etc.) only support importing a wallet via a seed phrase/private key, so I can’t use my airdrop wallet for certain wallet-specific campaigns
Unable to sign certain signatures: Some DApps are not optimised to work with a hardware wallet, and I had problems signing into them, e.g. Polyhedra and Free Tech
I faced issues when trying to bridge out solvBTC using Free Tech, and they just suggested me to send it over to a hot wallet to bridge the funds out.
Unable to sign transactions on networks: This mainly affects me on Solana and SVM rollups (like Eclipse/SOON), where I’m unable to sign any transactions with a Ledger. This made me stop using Eclipse as I couldn’t explore some DApps in the ecosystem
Poor experience with MetaMask: MM has the worst user experience with a Ledger, so I’m mainly connecting my hardware wallet with either Rabby/Zerion
Signing repeated transactions is tedious: We have to physically confirm each transaction on the hardware wallet, which takes up more time per transaction (compared to a hot wallet where all I need is to click on ‘Confirm’ once)
Missing out on NFT mints: I hate NFT mints because they’re mainly FCFS, and it makes things worse with a hardware wallet. It takes an extra few seconds when signing in to the platform and pushing any transactions, so I’m likely to miss out on popular mints.
Inconvenient when signing transactions outside: Hardware wallets may not be ideal if you’re constantly on the move. It’s hard to sign transactions with a hardware wallet outside, especially in public as I’m exposing that I own this wallet and it makes me a target for theft.
Now that we know what a hardware wallet can (and cannot) do, here are the ones I’m using:
Hardware wallets I’d recommend
Note: These are affiliate links
Ledger: Best for airdrop hunting as it’s compatible with multiple wallets, both EVM and non-EVM
Trezor: Suitable if you’re focusing on EVM-only airdrops as it’s not compatible with most wallets
Tangem: Best wallet for cold storage as it does not have a seed phrase (Code: FIPCRYPTO for a 10% discount)
OneKey: Compatible with most networks (EVM, Solana, Cosmos) within the OneKey extension. Best if you want a multi-chain experience with just one extension (Code: FIPCRYPTO for a 5% discount)
Keystone: Best wallet if you’re mainly using mobile for airdrop hunting, compatible with Rabby and OKX Wallet on mobile. Most secure given that it’s completely air-gapped
I’m mainly using my Ledger for airdrops, while Trezor is for another wallet that I’m putting stables inside.
Keystone is the most troublesome since we need to scan a QR code, though they’ve now added signing through a USB connection.
Here’s my quick-start guide to set up a Ledger wallet for airdrops.
If you decide to get a hardware wallet, I’d advise against doing this first:
Avoid directly importing your seed phrase to a hardware wallet
If you already own a hot wallet and are looking to get a hardware wallet:
The best practice is to start on a completely new seed phrase generated by the hardware wallet itself, so there are no online copies of it.
Importing the seed phrase of your hot wallet to Ledger defeats the purpose as your seed phrase has already been exposed online.
One mistake could still allow hackers to access your seed phrase if there’s a digital copy.
Which is why I don’t understand why MetaMask doesn’t allow us to connect a hardware wallet directly when installing the extension for the first time.
This could have exposed multiple seed phrases from hardware wallets as they used the wrong import feature.
But here’s the problem:
We would need to transfer all of our assets from our existing MetaMask/Rabby wallet over to this brand new wallet.
Which can be troublesome if your funds are across multiple L2s.
But I’d rather spend more time to ensure my funds are well protected instead of having the risk of losing everything in one shot.
Hardware wallets are troublesome but necessary
Hardware wallets are not 100% foolproof, but they protect against seed phrase exploits.
These are more severe than signing a malicious signature, because you give full control of your wallet to the hackers.
What’s even worse is losing your wallet’s footprint that could qualify you for future airdrops.
Assets can be recovered, but that footprint is gone once you give it up to hackers.
It is possible to be extremely careful and apply good OPSEC when using a hot wallet.
But one mistake is all it takes to lose everything I’ve built. And I’m not willing to take that risk.
So that’s why I prefer to spend that extra 10 seconds per transaction for a peace of mind.
Don’t let hackers reap all of your rewards and start securing your wallets today.
Whenever you’re ready, there are 2 ways I can help you:
Audience to Airdrop: Steal my playbook to build trust fast and earn social airdrops
Secure Airdrop Hunter: My flagship Web3 security course, learn how to protect your assets and onchain footprint while stopping hackers from draining your funds