#加密安全须知

1. 【Basic Cognitive Security】

1. Importance of Private Keys and Mnemonic Phrases

Private Key = The only password that controls your assets

Mnemonic Phrase = The only certificate to reset/recover your wallet (whoever holds it is the owner)

Never take screenshots or store it in the cloud; it is recommended to back up offline on paper and store it in multiple locations.

2. Do not click on links indiscriminately

Do not click on DM or websites from unknown sources (especially fake project airdrops)

Beware of phishing websites impersonating real projects (such as "unlswap.org")

3. Regularly update wallets and devices

Download wallets or applications from official websites (such as MetaMask, Keystone)

Regularly update mobile devices and avoid jailbreaking/rooting.

2. 【Risk Identification Before Investment】

1. Transparency of Project Information

Is the team member, advisor, and development progress publicly disclosed?

Is there a white paper or audit report?

2. Security of Contract Code

Is it open-source?

Has it been audited by trusted organizations (such as CertiK, SlowMist)?

Are there risks such as "infinite issuance," "excessive transaction tax," or "transfer restrictions"?

3. Liquidity Security

Is there locked liquidity?

Does the team retain an excessively high proportion of tokens?

Is there a risk of a rug pull?

3. 【Platform and Tool Selection】

1. Centralized Exchanges (CEX)

It is recommended to use large platforms with insurance funds.

Enable two-factor authentication (2FA) and do not log in on public Wi-Fi environments.

2. Decentralized Wallets (Non-Custodial Wallets)

It is recommended to use hardware wallets (such as Ledger, Trezor) for storing large amounts of assets.

Confirm that the address has not been modified by malware before transferring.

3. Use risk tools before trading

TokenSniffer / GoPlus / DEXTools (detect malicious tokens)

Etherscan / BscScan to view contract details and large holder behavior.

4. 【Common Scams and Types of Risks】

Scam Type Description

Fake Airdrop/Phishing Website Tricks you into clicking, authorizing access to your wallet, leading to asset theft.

Impersonating Customer Service/Official Accounts Pretends to help you solve problems, actually extracting your mnemonic phrase.

Rug Pull Project team withdraws liquidity and runs away.

Infinite Issuance Trap Mint permissions hidden in the contract, causing token collapse.

High-Yield Ponzi Projects Promises high interest, but is actually a scam where new money pays off old investors.