Why should I care?

Unlike banks or credit cards which have recovery methods for your funds, there is no way to recover lost cryptocurrency. Your wallet is your digital identity. If compromised, you'll lose your money and the ability to use that wallet in the future.

Best practices

Your secret recovery phrase (or seed phrase) is the permanent password to all the addresses in your wallet. It's extremely important you take careful measures to make sure it doesn't end up in the wrong hands.

1) Safely store your secret recovery phrase


🛑 Don't

2) Never share your recovery phrase or private keys (even with managers, labels, or best friends)

Scammers often trick people into sharing their recovery phrase or private keys in Discord messages and Twitter DMs, commonly posing as staff or support for a web3 project. Catalog (or any trustworthy web3 application) will never ask you for this.

We strongly encourage all artists to have full control of their wallets. They represent your on-chain identity, and empower you to control the creation and distribution of your art in web3. If you insist on letting a trusted person manage your wallet for you, it’s important you know the risks.

Here’s what someone can do with wallet access:

<aside> ⚠️ Still looking to pass off admin duties? If possible, directly enter your private key into your wallet manager’s phone, tablet, or computer. If not, temporarily share your private key with them via an encrypted messaging app like Signal, then delete the message. Ask them to confirm in writing that they will (1) not make a copy of your private key (2) remove their access to your wallet if you stop working together later on. This is not legal advice. Your wallet is your own responsibility.


3) Verify URLs and email addresses

Phishing attacks will often send emails from an official-looking email address, Discord or Twitter account, etc., often telling you to visit a fake website that looks identical to the real thing. Double check that emails are coming from the right sender, and that you're visiting the correct URL. If it seems suspicious, ask someone.

4) Use a unique password

User data gets compromised all the time. If you use the same password for MetaMask as other websites, your wallet is at risk. We recommend using password managers like 1password.