Use case for using Mutiple Hidden Wallets (Protected with their own passphrase) to protect assets

I would like to clarify my understanding of using multiple Hidden Wallets to compartmentalise assets.

Assume you have multiple (x3) hidden wallets. Is this following statement correct?

Let’s say you are logged into hidden wallet 1
- If you were to engage with a malicious smart contract which allowed access to your tokens (ie you approved unlimited access to USDC or ETH etc) - Would this security breach be limited to Wallet 1 only? Meaning all other USDC or ETH stored in Hidden wallets 2 & 3 would remain protected?
Also by revoking the permission associated with this malicious smart contract would remove the threat the hidden wallet 1.

Hi @RightODave,

Yes.

Yes.

Yes, I guess so. It depends on if you can revoke the permission and if you can do it in time before your assets are emptied by the attacker.

Understood. The intent of the last comment is to confirm that the breach is limited to Wallet 1 and that any loss incurred would be contained to this wallet only.

So the lesson and my understanding is that even if you perform all the correct steps to
1) secure your Seed Phrase (ie created offline and never touched/stored/entered a computer), and
2) create a PIN (which only protects (access) to the physical device / Trezor), and
3) create a "Hidden Wallet’ (by creating a pass phrase).

Noting that even though this is the best security posture you can have…. this set up cannot protect you from yourself.

Because “You” as the user/administrator become the single point of failure… if you mistaking engage with a malicious smart contract (accept an unknown airdrop, engage with a malicious dApp or smart contract) you will circumvent all three(3) security steps above… simply inviting the scammer into your wallet.

So by separating / compartmentalise your assets across multiple Hidden wallets will limit the contagion to a single wallet. oh and review / revoke access permissions regularly.

Appreciate the response.

1 Like