Buy Solana NFTs - Best practice, safety first - security checklist 🔐 📄

As someone who is rather fresh into the Solana NFT space, I was not up to speed with the best practice of minting new NFTs. Been aping into some mints and secondary markets, including SolWabbits, a non-derivative with a strong community and solid roadmap. Notfinancialadvise.

Anyway, I did some research on what to do, when to do it, and how to do it. Even if you are not a newbie in the Solana NFT space, this short post might be worth a read. The point of the write-up is to increase the security of your minting process and to help you protect your wallet/s and hodlings.

Here it goes.

Use a burner wallet when you mint Solana NFTs

The reasons for using a burner wallet when minting NFTs, it is partly due to privacy and largely due to security. You should avoid connecting your main wallet (or ledger) to minting platforms. Use a one-time wallet (burner) that you create for connecting and minting, then transfer your newly minted NFTs to your main wallet.

  • Do not connect your main wallet to the minting platform;
  • Create a burner wallet;
  • Transfer funds from your main wallet to your burner wallet;
  • Connect to the minting platform using your new burner wallet;
  • Mint the NFTs;
  • Transfer the newly minted NFTs from your burner wallet to your main wallet (or ledger).

Why you should use a burner wallet when minting Solana NFTs

Because of the added security to your NFTs and crypto assets. Using your main wallet right, left and center makes you more vulnerable to hackers.

There have been several incidents where wallets were connected to malicious contracts and drained of funds. The most famous example was when Aurory NFT finished their minting back in August 2021. Alongside the official mint, sophisticated hackers created a phising site that mirrored the official Aurory minting site. Unknowing users would then proceed to connect to the phising site. When they did, a malicious contract was executed and drained the user's wallet of all their funds.

Using a burner wallet when minting, in that example, would have minimized the damage from the "sweep attack".

This is an extreme example. These attacks are rarer now than they were a couple of months ago. What made hackers so successful during the minting of Aurory NFT and the weeks leading up to it, was a new feature in the Phantom wallet. The feature enabled users to auto-approve transactions by default. Something that is great for experienced and diligent users as it saves time in time-sensitive situations, for example, when minting an NFT in the Solana ecosystem. However, it was less great for inexperienced and stressed users trying to cope a new NFT. As soon as a user entered the phising site and pressed "Connect", the malicious contract would execute and proceed to sweep the account - all transactions approved by default.

After the incidents, Phantom wallet made changes, other wallets introduced the same feature. But only as an optional feature, where an advanced user can go to settings and manually opt-in to having auto-approve enabled. If you are a new however, best is to not use auto-approve. In both cases, a burner wallet is recommended. Mistakes can be made, best is to limit the costs stemming from such mistakes. If someone cleans your wallet, let it be a burner wallet with a limited amount of assets.

SolWabbits NFT - future Solana NFT blue chip?

Everything that shines ain't always gonna be gold.

Avoid NFT airdrop scams

Another sophisticated way of exploiting unwitting users looking to build their Solana NFT collection is to airdrop NFTs to a users' wallet. The NFT would come with an instruction to connect your wallet to a dApp to claim more rewards or be eligible for further airdrops, and what not. This sounds great. So does the "Nigerian Letter", the longest running internet scam, that til today manage to scam people out of hundreds of thousands of euro/dollar every year. In the case of NFT scams, a user would then proceed to connect their wallet to the dApp per instructions, and in the worse case scenario get their wallet cleaned out. In these cases, 99% of the time it is a scam. In the 1% of cases when it is not a scam, use a burner wallet to connect.

The reason why these scams work is because they play on people's greed. In both an NFT scam and the Nigerian Letter, victims are promised that they will make a financial profit without much effort.

A thing scams have in common s that they are unexpected, and the source is unknown. A random NFT being airdropped into your wallet, promising riches, is too good of a story to be true. Be smart and vigilant. And if, for some reason, you just have to connect your wallet, because it seems legit or whatnot - use a burner wallet.

Random airdrops with no strings attached is another thing. It happens often that assets pop up in your main wallet. Yesterday, for example, I received a 1,000 Solana Inu airdrop because I classify as one of the X top hodlers of $SAMO. In this case, I can let the airdrop sit in my wallet in all eternity, or wait for a DEX to allow trading, or simply send them to a new or old burner wallet address - then forget about it. The same goes for NFT. You need to be vigilant and smart when strings are attached to it, and you are asked to do something. Like the wise man Kid Cudi once sang, "Everything that shines ain't always gonna be gold."

There are other types of scams and phising attempts running around out there. Just be vigilant and never leave out any password or seed phrases. Sticking to this security check list will go a long way.

Rad Rugs NFT featuring another NFT Best Practice buy solana NFTs
Rad Rugs NFT, hot and upcoming Solana NFT.

Buy Solana NFT security checklist

  • Use a burner wallet with only the minimum amount required needed for NFT minting;
  • Keep your hodlings (investment portfolio) in a dedicated wallet that you only use to connect to trusted dApps;
  • Be extremely careful when using auto-approve feature;
  • Consider using auto-lock timers when available;
  • Consider using a hardware key (safest);
  • Always use official NFT drop links;
  • Only use links and dApps from verified accounts or websites associated to the NFT drop;
  • Never google search NFT drop links;
  • Never click any links from Discord DM's, or links floating around the internet that claims affiliation with the NFT drop or the team;
  • Never interact with someone claiming to be customer support, or a moderator, on any chat or social media app;
  • Never show or share your seed phrase or any passwords.

There are probably more things to add to this list. But this security checklist will cover your ass in most cases. Stay smart. DM me on Twitter if you have any suggestions to add to this list.

To top things off, here is a list of potentially undervalued Solana NFT projects.

Potentially undervalued Solana NFT projects in 2021

  • SolWabbits NFT - 2,222 unique wabbit NFTs (non-derivative), stealth mint, close to 1,000 unique hodlers after less than a week, strong and growing community, floor holding up nicely at . Cartoons featuring part of %supply incoming in the form of airdrops to hodlers of SolWabbits.
  • RadRugs NFT - 5,555 unique rugs (non-derivative), minting TBA, cool concept and project aiming to alleviate damage from rug pulls in the Solana ecosystem.
  • Galactic Gecko Space Garage NFT -
  • SolanaMonkeyBusiness NFT - Yes, even at $170 SOL plus they are undervalued because Crypto Punkgs of Solana ecosystem.

Any other projects that recently launched or is about to launch that you believe is a potential gem? DM me on Twitter, no derivatives, please.

Binance Crypto Exchange

More exchange deals:

Proceeds go to coffee, crypto, and NFTs - which then turns into content magically.