The Wallet Hygiene Checklist for 2025

Why this matters

Most preventable crypto loss is the result of poor wallet hygiene built up over years of casual use. Seed phrases stored on a Notes app 'just for now', approvals never revoked, every protocol interacted with from the same primary wallet — these aren't single bad decisions, they're the slow accumulation of unmanaged risk.

This checklist is meant to be worked through once per year. It will take 60-120 minutes the first time, and much less in subsequent years.

Seed phrase storage

• [ ] Every seed phrase is written on paper or steel — never digital, never photographed, never typed into a password manager or cloud note.
• [ ] Each seed phrase exists in at least two physically separated locations (home + safety deposit box; home + trusted family member).
• [ ] Steel storage is used for any seed protecting more than $5,000 of long-term holdings. Paper alone is fragile to fire, water, and time.
• [ ] You have personally verified that the written seed is correct by restoring to a fresh device at least once.
• [ ] No one besides you knows where the backups are, including spouses or executors — but a sealed-letter-on-death instruction exists if relevant.

Wallet compartmentalization

• [ ] You operate at least two separate wallets: a cold-storage wallet for long-term holdings and an interaction wallet for DeFi/dApp use.
• [ ] The cold wallet has never signed a transaction on an unknown dApp.
• [ ] The cold wallet is on a hardware device (Ledger, Trezor, Coldcard, GridPlus).
• [ ] The interaction wallet contains only what you'd be willing to lose to a single drainer event.
• [ ] You don't reuse addresses across these wallets.

Multisig setup (for holdings above $100k)

• [ ] A 2-of-3 multisig (Safe, or chain equivalent) is in place for the bulk of long-term holdings.
• [ ] The three signers are on different hardware vendors (e.g. Ledger + Trezor + GridPlus).
• [ ] Signer locations are physically separated.
• [ ] Recovery procedure is documented and tested at least once.

Active hygiene

• [ ] Quarterly approval audit: revoke.cash or Etherscan Token Approvals, on every chain you've used.
• [ ] Browser profile dedicated to crypto activity; extensions limited to wallets and absolute essentials.
• [ ] Wallet extension auto-update enabled (your wallet vendor patches drainer-tactic detections continually).
• [ ] Hardware wallet firmware on the latest stable release.
• [ ] Blind signing disabled by default; enabled only for specific transactions that require it.

Signing discipline

• [ ] You read every signature request before approving — at minimum, the action type and the spending limit.
• [ ] You use a wallet that displays signature consequences in human-readable form (Rabby, Frame are good options for Ethereum).
• [ ] You never sign signatures on cold-storage devices unless the destination address and amount are verified on the device screen.
• [ ] You use a separate test transaction (small amount) when sending to a new address for the first time.
• [ ] You maintain an address book for repeated counterparties so you're not copying from chat history or transaction lists.

Account security

• [ ] Every exchange account uses a unique, password-manager-generated password.
• [ ] Two-factor authentication is enabled and uses an authenticator app, not SMS (SIM-swap vulnerable).
• [ ] Withdrawal addresses are whitelisted where the exchange supports it.
• [ ] Email addresses used for exchanges are not the same as your primary personal email.
• [ ] Phone numbers attached to exchange accounts use a SIM-swap-resistant carrier setup (e.g. Google Voice, separate carrier with port-out PIN, or an eSIM only used for exchange 2FA).

Identity and information discipline

• [ ] Your real name + wallet addresses are not publicly linkable. Doxxing wealth invites targeted attacks.
• [ ] You don't discuss specific holdings on public forums or social media.
• [ ] If you participate in crypto Discord or Telegram communities, you use a handle that isn't tied to your real identity.
• [ ] You assume any community DM is hostile until verified through a second channel.

After any incident or near-miss

• [ ] Affected wallet is immediately decommissioned. Funds moved to a brand-new wallet on a clean device. Approvals revoked.
• [ ] Drain transaction hash is documented and reported to wallet vendor phishing list, chain explorer, and any forensics provider.
• [ ] Affected device is treated as compromised — full reinstall before any further wallet use.
• [ ] You ignore every DM that arrives offering 'help' or 'recovery' for the next 90 days.

What this checklist won't do

No checklist defends against the social-engineering and emotional-manipulation playbooks behind pig butchering or romance scams. Those require different defenses — primarily, knowing the patterns and refusing to make financial decisions in the heat of an online relationship.

What this checklist does

It dramatically reduces the chance that a single mistake — a moment of inattention, a compromised dApp, a stolen device, a SIM swap — translates into a total loss. Most catastrophic loss events happen because the victim was running a single wallet for everything, with stale approvals, on a shared device, with weak operational hygiene. Walking through this list once a year cuts that risk by an order of magnitude.

Block off two hours, work through it section by section, and consider it your annual crypto MOT.