Vaulta Guides
  • User Guides
    • Getting Started on Vaulta
      • Wallet and Account Setup
      • Get Vaulta Token
      • Staking
      • Unstaking and Claiming Rewards
      • Manage Resources (CPU/ NET)
      • Buy/ Sell RAM
      • Manage Account Permissions
    • Vaulta EVM
      • Connecting to Vaulta EVM
      • Bridge to Vaulta EVM
    • Support
      • FAQs
        • Staking FAQ
      • Archive
        • Accessing ERC-20 EOS
  • Vaulta Token
    • Token Overview
    • Tokenomics
    • Staking
  • About the Network
    • Vaulta Documentation
    • Vaulta Native
    • Vaulta EVM
    • Savanna Consensus
    • Network Resources
    • Vaulta RAM
      • Wrapped RAM
      • RAMS DAO
    • Network Stewards
  • Vaulta Accounts
    • Vaulta Account Model
    • Account Permissions
    • Smart Contracts
    • System Accounts
  • Node Operators
    • Block Producers
    • DPoS Consensus
    • Want to Become a Node Operator? Get Started Here.
  • Resources
    • Directory
    • Definitions
    • Vaulta Brand Guidelines
    • Vaulta Portal
    • Vaulta Community (Telegram)
    • Vaulta (X)
    • Antelope IBC
  • Security & Staying Safe
    • Staying Safe
    • Common Scams to Avoid
    • Account Security Best Practices
    • Disclaimer
Powered by GitBook
On this page
  1. Security & Staying Safe

Account Security Best Practices

PreviousCommon Scams to AvoidNextDisclaimer

Last updated 4 days ago

Keep owner Key Offline

  • Generate and store your owner key cold (offline)—preferably on a hardware wallet or air-gapped device

  • Only use it to:

    • Rotate keys

    • Recover access if your active key is compromised

Use Custom Permissions for dApps

  • Avoid giving dApps your full active permission

  • Use custom named permissions tied only to specific contracts and actions

  • This limits the damage if a contract is compromised

Use Multi-Signature (Multisig) for High-Value Accounts

  • For organizations or treasuries, require 2 or more keys to approve actions

  • Use the eosio.msig contract for multi-sig governance

Audit Contract Authorizations

  • Use block explorers like to view:

    • Which contracts have eosio.code permission

    • Which keys or contracts can act on your behalf

Use Trusted Wallets

  • Use wallets like Anchor, TokenPocket or Vaulta Wallet

  • Always review transaction permissions before approving

Unicove