Mandera Crypto Center Logo

Module 3: Your Crypto Fortress

Mastering Security, Wallets & Private Keys

Security Fundamentals

4 Essential Topics 60-80 Minutes Critical Level

Your crypto security knowledge is your first line of defense. Learn how to protect your digital wealth like a pro.

1

Private Keys: Your Digital Signature

The Digital Signature Story

Imagine your private key is like a magical pen that only you possess. When you sign a document with this pen:

  1. The signature is mathematically unique to you
  2. Anyone can verify it's your signature without seeing your pen
  3. No one can forge your signature without your pen
  4. If you lose the pen, you can never sign again

This is exactly how private keys work in cryptocurrency!

Public Key vs Private Key

Public Key
  • Your account number
  • Share it with everyone
  • Used to receive crypto
  • Like your email address
  • Derived from private key
Private Key
  • Your password
  • NEVER share it
  • Used to send crypto
  • Like your email password
  • Generates your public key

The House Analogy

Public Key = Your house address (everyone can see it, send you mail)

Private Key = Your house key (only you have it, needed to enter or send things out)

Wallet = Your keychain holding your keys

Blockchain = The neighborhood where your house exists

Quick Quiz

What happens if you lose your private key?

Answer: If you lose your private key, you permanently lose access to all cryptocurrency stored in that wallet. There's no "forgot password" option. The crypto remains on the blockchain but becomes inaccessible forever. This is why backing up your seed phrase is CRITICAL.

2

Wallets: Hot vs Cold Storage

The Wallet Spectrum

Think of crypto wallets on a security-convenience spectrum:

Cold Wallet
Most Secure
Warm Wallet
Balanced
Hot Wallet
Most Convenient

Cold Storage (Hardware Wallets)

Hardware wallets like Ledger or Trezor:

  • Security: ★★★★★ (5/5) - Private keys never touch internet
  • Convenience: ★★☆☆☆ (2/5) - Need physical device
  • Cost: $50-$200 one-time purchase
  • Best for: Long-term savings (HODLing)
  • Analogy: Bank vault at home

Hot Wallets (Software Wallets)

Software wallets like MetaMask, Trust Wallet:

  • Security: ★★☆☆☆ (2/5) - Connected to internet
  • Convenience: ★★★★★ (5/5) - Always available
  • Cost: Free to download
  • Best for: Daily transactions, DeFi, trading
  • Analogy: Wallet in your pocket

Custodial vs Non-Custodial

Custodial Wallet

Exchange holds your keys (Coinbase, Binance)

  • Like a bank account
  • Recover password if lost
  • Exchange can freeze funds
  • Not your keys, not your crypto!
Non-Custodial Wallet

You hold your keys (MetaMask, Ledger)

  • Like cash in your hand
  • No password recovery
  • Full control of funds
  • Your keys, your crypto!
3

Seed Phrases: Your Master Backup

The 12-Word Master Key Story

Imagine you could recreate your entire house (with all its contents) just by remembering 12 specific words in a specific order. That's your seed phrase!

A seed phrase is typically 12, 18, or 24 random words that can regenerate ALL your private keys and addresses.

Critical Rules for Seed Phrases

  1. NEVER digitalize it (no photos, cloud, email)
  2. ALWAYS write on physical paper/metal
  3. NEVER share with anyone, ever
  4. ALWAYS store in multiple secure locations
  5. NEVER type it on suspicious websites
  6. ALWAYS verify wallet shows same addresses

How Seed Phrases Work

word1
abandon
word2
ability
word3
able
...
word12
zoo

These 12 words from a standardized list of 2048 words can generate:

  • All your private keys
  • All your public addresses
  • Your entire wallet structure

The DNA Analogy

Your seed phrase is like your wallet's DNA. From those 12 words, the entire wallet can be recreated anywhere in the world.

Example: Lose your phone with MetaMask? Install MetaMask on a new phone, enter your 12-word seed phrase, and ALL your crypto reappears!

4

Security Best Practices & Common Scams

The Security Checklist Story

Meet Alex, who lost $50,000 in crypto. Let's learn from his mistakes:

Alex's Mistakes
  • Used same password everywhere
  • Clicked "free crypto" ads
  • Stored seed phrase in email
  • Connected wallet to unknown sites
  • No 2FA on exchange
What He Should Have Done
  • Use password manager
  • Verify all links carefully
  • Metal seed backup at home
  • Revoke unused wallet connections
  • Hardware wallet for savings

Common Crypto Scams

Phishing Scams

Fake websites/emails pretending to be legitimate services.

Example: Email claiming "Your Coinbase account will be suspended! Click here to verify." Links to fake Coinbase site that steals your login.
Giveaway Scams

"Send 1 ETH, get 2 ETH back!" - Elon Musk impersonators.

Example: Fake Elon Musk Twitter account: "Celebrating Dogecoin! Send 1 DOGE, get 2 DOGE back!" Millions lost to this scam.
Romance Scams

Fake online relationships ending with "investment opportunities."

Example: After months of chatting, "I know a guaranteed crypto trading strategy. Send me your crypto and I'll 10x it for you!"

Security Checklist

✅ Hardware Wallet
For long-term holdings
✅ Metal Seed Backup
Fire/water proof
✅ 2FA Enabled
Auth app, not SMS
✅ Revoke Permissions
Revoke.cash tool

Module 3 Quiz

What is the most secure way to store a seed phrase?

Answer: The most secure way is to write it on a fire/water-resistant metal plate (like Cryptosteel or Billfodl) and store it in multiple secure physical locations (safe, safety deposit box, trusted family member). NEVER store digitally (no photos, cloud, email) and NEVER share it with anyone.

Home Module 1 Module 2 Module 3 Module 4 Module 5 Module 6 Module 7 Module 8