Prevention Policies for Platforms

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 00:48, 17 March 2023 by Azoundria (talk | contribs)
Jump to navigation Jump to search

Below is a list of prevention policies for platforms such as wallet providers, cryptocurrency exchanges, or other financial services. Each of these policies is a standard template which can be included in the applicable case studies.

To add a template to an article's Prevention section, select Insert > Template and Type "Prevention:Platforms:" followed by the title below.

Implement Multi-Signature

All wallets, minting functions, and critical infrastructure should be implemented with a multi-signature requirement, with a recommended minimum of 3 signatures required. This means that making important changes or approving spending will require the keys held by at least 3 separate individuals within the organization to approve. The multi-signature should be implemented at the lowest layer possible, all key holders should have security training, and all key holders should be empowered and encouraged to exercise diligence.

Seed Phrase Education

Never take for granted the limited knowledge of users of your service and their tendency to skip past provided information. It is recommended to design a simple tutorial and quiz for new users which explains the basics of seed phrases, strong password generation, secure two-factor authentication, common fraud schemes, how ponzi schemes work, as well as other risks which are unique to the cryptocurrency space. This tutorial and quiz should ensure their understanding and be a standard part of the sign-up or download process which is difficult or impossible to skip.