How To

Best practices for securing Somnium Space tokens, ETH and WETH using a Ledger hardware wallet and Metamask

Let’s start with a disclaimer to get that out of the way. This article is meant purely as an educational guide and shows how I secure Somnium Space ERC-20 & ERC-721 tokens. Following this guide and the information here-in is your own responsibility. Neither the author nor Somnium Times – nor Somnium Space for that matter – can be held liable for your security practices.

Okay now that we’ve got that settled let’s dive right into it.

This guide was made using a Ledger Nano X with Ledger Live 1.12.0 on a Windows 10 Pro 64-bit machine with current updates, Brave 64-bit v1.3.115 and ESET NOD32 12.0.24.0 Antivirus.

The principles I employ below are only a portion of the layered approach I use to ensure the highest levels of security and are still far from fool proof. They are simply some of my best practices and I am sharing them so others may learn better ways to protect their data. If you choose to skip steps, please do so at your own peril. This is for educational purposes only.

I will take you step by step in how I create a clean Windows user account, configure a new Ledger Nano X hardware device, configure Ledger Live, and configure a new Metamask in Brave web browser.

Windows

Create new local user account on your PC.

  1. Hit “WIN+S” (Windows Button). In the search field type “CONTROL PANEL <ENTER>
  1. Click on “USER ACCOUNTS
  1. Click “MANAGE ANOTHER ACCOUNT
  1. Click “ADD A USER ACCOUNT” (You may be asked to enter an Administrator password)
  1. Click “SIGN IN WITHOUT A MICROSOFT ACCOUNT”, click “NEXT
  1. Click “LOCAL ACCOUNT
  1. Enter the “NAME, PASSWORD, & HINT”, then click “NEXT

Now the new user account has been created. Log off your current account and into the new account you just created. The reason for creating a new account is so that any malware that may infect the current user that is not in a root or admin account, will not affect the newly created user.  This may not be helpful if a user always is logged in with administrator level privileges. I recommend that on first startup you enable the privacy settings as shown below:

LEDGER NANO

Setting up Ledger Nano (Nano S & Nano X have been tested). For this article I will detail the Ledger Nano X.

  1. Plug in your Ledger device and follow the hardware on screen instructions to setup a new device from the hardware screen. You will first have to set a pin. Use the left and right buttons to change the numbers and then press both buttons on the hardware to select.
  1. Then the Ledger will ask you to write down the 24 phrase seed and then verify it on the hardware.

Verifying the seed on the Ledger device is more of a pain than doing it in the Ledgerlive application, but it prevents any malware from reading the seed. I highly recommend you take the time to do this the right way and write down the seed with a pen and the cards included in the box using the hardware to verify. I typically make two sets of cards and hide them in different physical, yet secure locations.

The card should look like the one above (now I suggest you copy it by hand and put them in two different physical locations that are secure like a safe at home and a safe at work).

DO NOT TAKE A PHOTO OF THE CARD OR COPY THE SEED ONTO A FILE ON YOUR COMPUTER!

Your seed is the key to the kingdom and should only be used to restore to a new Ledger if your current hardware dies.

This will complete the initialization of the Ledger device so now we are ready to setup the software applications.

Ledger Live

  1. Open a browser of choice and go to: https://www.ledger.com/ledger-live and click the link “DOWNLOAD

ONLY DOWNLOAD THIS SOFTWARE FROM THE MANUFACTURER

  1. Click “DOWNLOAD LEDGER LIVE APP” (For Desktop)
  1. Click “WINDOWS APP
  1. Run the install file to begin installation. Choose the path and click “INSTALL” and follow the onscreen instructions. (The default path should be fine for most users).
  1. Run the program after installation. And click “USE AN INITIALIZED DEVICE”.

THIS IS VERY IMPORTANT – YOU DO NOT WANT TO INITIALIZE AS A NEW DEVICE!

  1. Choose your hardware device:
  1. Click “YES, YES, CHECK NOW

Make sure the Ledger is still connected to the PC with the USB cable and if it is locked, put in your pin again to unlock it to allow the ledger to do the genuine check.

If you fail the genuine check then your ledger is running an altered firmware and should not be used to store any crypto. If you purchased from a source other than the manufacturer like eBay or Amazon, return it and purchase one directly from the Ledger store https://shop.ledger.com/

  1. Click “CONTINUE
  1. Enter a password (Optional), then press “CONTINUE”. If your computer is a shared workstation or you do not want others knowing your crypto assets, I definitely suggest setting up a password. Also, the password should be different from your Ledger device PIN. This Password only restricts access to the Ledger Live application, but does not allow the transfer of crypto assets out of the wallet. This is not a critical password, but it does prevent prying eyes from seeing what you have.
  1. (Optionally) Click the Buttons to the off position for Analytics and Bug Reports. I personally prefer as little chatter as possible taking up bandwidth. Then Click “CONTINUE
  1. Click “OPEN LEDGER LIVE
  1. Read the terms and if you agree, Click the “CHECKBOX” and click “CONFIRM
  1. Click “OPEN MANAGER

Under Ledger Manager it will display the hardware type and the firmware. If an update is available it will display it to the right of the NANO X/S device. I suggest you run all updates before proceeding. In this case no updates were available.

  1. It will ask you to allow Ledger Manager on the device. Allow it by clicking both buttons at the same time.
  1. Click “INSTALL” for ETHEREUM
  1. Once installed, click “ADD ETHEREUM ACCOUNT
  1. Verify it is on ETHEREUM (ETH) and click “CONTINUE
  1. You will need to press the right or left buttons on the Ledger Device until ETHEREUM is shown, then press both buttons at the same time to select it.
  1. Once both check marks appear in Ledger Live, click “CONTINUE
  1. The Ethereum blockchain will begin synchronizing. Once complete you will have the option of naming and adding the account. Naming this Ethereum / ERC-20 compatible account is up to you. You can leave it as the default ETHEREUM 1 or name it to your liking. This is used internally only in Ledger Live. In this case I chose to name it SOMNIUM SPACE. Once named click “ADD ACCOUNT

     VS      

  1. Click “CLOSE
  1. You should now revert to the Accounts Page (if not, select ACCOUNTS on the left hand bar). Click on the account you just created – in this case “SOMNIUM SPACE
  1. Click “RECEIVE
  1. Confirm you have selected the correct account name, then click “CONTINUE
  1. You should still have the ETHEREUM APP open on the Ledger device but if not you may need to enter the PIN and select the ETHEREUM APP. One both check marks appear in Ledger Live, click “CONTINUE”.
  1. Click “CONTINUE”
  1. Copy the address and save it to a text file.
  1. VERIFY THE ADDRESS VERY CAREFULLY AGAINST THE LEDGER DEVICE. If the address is exact, press the right button once on the Ledger device, then press both buttons to accept.
  1. If you didn’t verify it correctly, you can re-verify. Otherwise close the window by hitting the “X” in the upper right corner.

METAMASK

Metamask supports Chrome, Firefox, Opera or Brave (as well as IOS and Android). For this I chose Brave 64-bit v1.3.115 (https://brave.com/) due to its higher level of security and anonymity. The installation should be similar in any browser you chose, so use what you want.

  1. Open your web browser to https://metamask.io/ and click “GET CHROME EXTENSION” (Brave is built from Chrome if that is confusing)
  1. Click “ADD TO BRAVE”
  1. Click “ADD EXTENSION
  1. Click “GET STARTED
  1. Click “CREATE NEW WALLET

DO NOT IMPORT YOUR SEED PHRASE FROM YOUR HARDWARE WALLET INTO METAMASK! Your browser caches the seed in cleartext and it can be read by malware, virus, keyloggers and even drive by rogue webpages at any time, even if you aren’t currently infected!

  1. Click “NO THANKS

Choosing to agree will only consume resources but do what you like.

  1. Choose a password. Ideally every password you use should be different but there is no harm in using the same one you used for Ledger Live. Since you are using Ledger hardware send verification, this is not a critical password. Read the terms and the click the “CHECKBOX” and click “CREATE
  1. Optional. As a general rule you should always copy the seed and save it. In this case we are actually going to replace these Metamask addresses with the hardware addresses from the Ledger device. With that said, I recommend you take a moment and save the Metamask seed just in case you accidentally send something to the original address and not the Ledger address by mistake and need to recover it later. Then click “NEXT
  1. Welcome to Metamask!
  1. Click on the circle on the upper right corner of Metamask (your circle may be different colors)
  1. Click on “CONNECT HARDWARE WALLET

Make sure your Ledger Device is connected via USB, Unlocked, and the Ethereum Account is Selected.

  1. Click “LEDGER” and click “CONNECT
  1. Select “LEDGER LIVE” from the dropdown box. Most likely the first ETH account will be the correct one but make sure the Account key matches. If you cannot tell you can click the box to the far right of the key to launch the account in Etherscan.io and vie the entire public key. Once you have verified the correct account, click the “RADIO BUTTON” to the left of the key and then click “UNLOCK
  1. Metamask will now display the Ledger Account. Click on “LEDGER 1
  1. Click on the “EDIT” tool
  1. Type in a new name that matches the name you used in Ledger Live. In this case “SOMNIUM SPACE”, then click the “CHECKMARK” and close the window using the “X” in the upper right corner.
  1. Metamask should now display the Ledger Device Account as SOMNIUM SPACE. Now we need to add the tokens, click “ADD TOKEN
  1. Click on the tab “CUSTOM TOKEN
  1. For ITEMS (Teleporters, Kayaks, Tents, etc) type in contract address:

0x595f279de4b5df1e47ca55b65175d8a9a935a0fa

Click “NEXT

  1. Click “ADD TOKEN”
  1. Click the “Ξ“ tool to go back to the main account
  1. Click “ADD TOKEN” and repeat the steps for each one.

  1. For PARCELS (Land) type in contract address:

0x913ae503153d9a335398d0785ba60a2d63ddb4e2

Click “NEXT” and repeat the steps used in #58 – #60

  1. For CUBES (Somnium currency) type in contract address:

0xdf801468a808a32656d2ed2d2d80b72a129739f4

Click “NEXT” and repeat the steps used in #58 – #60

  1. For WETH (Opensea currency) type in contract address:

0xc02aaa39b223fe8d0a0e5c4f27ead9083c756cc2

Click “NEXT” and repeat the steps used in #58 & #59

  1. Metamask should now look like this:

Congratulations! You have successfully created and linked a new secure Ledger Nano Hardware Wallet to Metamask and configured it to store all your Somnium Space tokens! At this point you can begin transferring all of your tokens to the Ledger receive address you created and saved in step #36. Then all you need to do is update your Somnium Space account to the new address.

As with any crypto transfer I suggest you attempt to move a small amount of Ethereum to the new wallet and then move it back off to ensure everything works properly before moving everything to it.

Categories: How To

Tagged as: , , , ,

Leave a Reply