In the decentralized world, you are the sole guardian of your assets. Securing your wallet is the first and most critical step in protecting your funds.
For Traditional Wallets (Using Mnemonics / Private Keys):
-
Your Private Key Is Your Asset Your private key or mnemonic phrase is the only credential to access your wallet. Anyone who gains access to it can take full control of your assets.
-
Never Share It Never reveal your private key or mnemonic under any circumstances — not even to BenFen team members. Official members will never ask for this information.
-
Use Physical Offline Backups Write your mnemonic phrase on physical media (e.g., paper or metal plates) and store it in multiple secure, offline locations. Avoid screenshots or saving them on internet-connected devices.
-
Beware of Malware Ensure your device is free from malware or clipboard sniffers that may capture sensitive information.
For zkLogin Wallets (Using Google/Apple Account Login): zkLogin links your Web2 account (e.g., Google, Apple) to an on-chain wallet, offering convenience with strong two-factor security.
-
Secure Your Social Account Your Google or Apple account is the first line of defense. Enable two-factor authentication (2FA) and use a strong, unique password.
-
Understand the Security Model zkLogin security is based on your social account + a randomly generated salt. Even if someone gains access to your Google account, they cannot control your wallet without salt.
-
Always Review Signing Prompts All transactions must be confirmed through final signature approval within the BenPay app. Always review transaction details carefully before signing.