IOTA is a protocol designed for use by IoT devices. These devices will happily follow any rules to use the protocol strictly, optimally and safe. Sadly, humans are not so good at following rules -if they know them at all- and they often have no idea of the consequences of certain actions. So I decided to write a list of best practices and explain the why in this article.

Here are the rules:

RULE 1: NEVER generate your seed online.

RULE 2: NEVER give your seed to anyone.

RULE 3: ALWAYS store a copy of your seed some place safe

RULE 4: NEVER re-use an address. NEVER. NO exceptions.

RULE 5: ALWAYS attach a new receive address to the Tangle.

RULE 6: ALWAYS wait for a transaction to be confirmed before sending anything else.


And here are the whys:

-------

Rule 1-3 all have to do with your seed. The seed is literally the master key to your wallet. Whoever has the key controls the wallet and the iotas therein. So it is very important to have a few best practices that help you keep  your seed safe.


RULE 1: NEVER generate your seed online.

Because iotas have monetary value there are a lot of nasty people out there ready to try and relieve you of your iota stash. One way they do this is by offering to generate a seed for you. Don't fall for it!!! Most, if not all online seed generators are designed to make your seed vulnerable. They either will copy the seed or generate a seed from a limited number of random seeds. And as we have seen in the beginning of January some of them have a lot of patience. All of a sudden over 4 million USD worth of iotas got stolen by the operator of a popular seed generator.
Generating a seed isn't difficult. You just need to know the right method to use. Here are 3 methods to do it yourself:

Method 1. Make up a string of random, unrelated words. Mix in weird words or foreign words. Really, that's the simplest and safest way to go. With 81 characters it is impossible for anyone to guess them as long as you keep them unrelated.
Example (spaces are for readability only): FLOWER BEER JE MAINTIENDRAI CLOCKWORK SHELDON ELDERBERRIES BLITZKRIEG OVENMITT AUTOCORRUPT

Method 2. Use a single finger and slowly type 81 random letters. Just let your finger go around and around and sometimes let it go down. Purposely trying to make it random is okay. Just try to avoid patterns, which is why quickly mashing fingers on the keyboard is not a good idea. If you want, you can throw a 9 in here and there for good measure. Once you have 81 of them, replace some random letters with other random letters, just to make sure you break any patters you unwittingly used.
Example: KUWVQZOVFENI9GTESKPLJKMVFTETTKGSWQBMOPHTJLOHRRGKOKNHKKECDSKNSFFHGKBPYU9NVDL9ECVMB

Method 3: Warning: This method is only for people who actually know what they are doing and what I am talking about. There are a local/offline secure random generators available with most major operating systems. I won't go into detail here to prevent the noob users from using them. You really want to know what you are doing. Mac and Linux for example offer /dev/urandom. If this does not mean anything to you, just use method 1 or 2 instead.



RULE 2: NEVER give your seed to anyone.

Again, there are many predators out there. Some of them will even pretend to be part of the IOTA foundation and offer to help you if you ask for help with a problem in any of the help channels.
Be paranoid in those cases where such a person asks for your seed. Once you give it they will quickly empty your wallet. Most problems you will encounter can be solved without ever giving up your seed to anyone.


RULE 3: ALWAYS store a copy of your seed some place safe

Protect yourself from ever losing your iotas. Keep one or more copies of your seed in safe places. Make sure that it is not easy for anyone to get a quick peek at them. Remember, mobile devices are cameras and snapping a picture of your seed is very easily done. Best to separate your seed in two parts and keep them stored away from each other. I recommend 2 bank safes at 2 different banks. Especially when the amount of iotas becomes large this is no overkill. And while you're at it make sure that it includes a succession list in case anything happens to you and maybe include some trusted persons that can help your heirs get their hands on the funds. Nothing sadder than sitting on a million worth of iotas and no one being able to access them when you die.

--------

Rule 4-6 all have to do with multi-spending. Which is spending more than once from the same address. The problem here is that IOTA uses one-time signatures. After spending addresses are not supposed to be used any more because in the process of spending a random 50% of the private key to the address gets exposed. This in itself is not a problem, any funds arriving after a single spend are still pretty safe. Breaking the other 50% of the key is still a daunting task.

But when a second spend happens on the same address a new random 50% of the private key for that address gets exposed. Theoretically, statistics will tell you that now 75% of the private key is exposed. But here is the difference between theory and practice. Since it is a *random* 50% of the key that gets exposed, you could be unlucky enough that both 50% exposures only have a 10% overlap. In which case a whopping 90% of your key is exposed already! In which case your private key is toast and broken relatively easy.

So in short: 2 or more spends from the same address is VERY BAD!

Now let's see what scenarios could occur that will end up in a multi-spend and why these rules are good:


RULE 4: NEVER re-use an address. NEVER. NO exceptions.

I can immediately hear some people say: "But you are allowed to receive multiple times at a address!" And they are technically correct. IoT devices will do this all the time. But they have the advantage of knowing exactly what the parties they are talking to are going to do and when. So they can safely do this. Here is a scenario that shows just one example of why it is a bad idea to send multiple times to the same address:

Let's say I withdraw X iotas from an exchange to address A in my wallet. The whole process takes a little time, but I end up with X iota in address A.

Encouraged by this success I decide to withdraw another Y iotas to that same address A. After all, I can send *to* an address multiple times, right? So I put in the order and the exchange starts processing the order. Note that this processing can sometimes take hours or even days.

In the mean time I tell my friend about IOTA, and to encourage him I want to send him a few (let's say Z) iotas. So he installs the wallet and gives me a receive address B. I tell the wallet to send Z iotas to address B. The wallet happily obliges and takes the iotas in address A, sends Z iotas to address B, and -to guard address A from multi-spending- it also sends the remaining X - Z iotas safely to a newly generated address C in my wallet.

Everything seems okay so far. But with one problem: The exchange did not process my withdrawal yet. When it finally does process it, the Y iotas will be sent to address A just like I instructed. Except that address now already has an earlier spend on it! Oops!

This situation could have been simply avoided by generating a new address D for the second withdrawal and using that instead of address A.
So case in point: NEVER re-use an address. Not even for receiving.


RULE 5: ALWAYS attach a new receive address to the Tangle.

I can immediately hear some people say: "But you don't really *have* to do this!" And again, they are technically correct. It is perfectly fine to send iotas to an address that was not attached to the Tangle explicitly. They will arrive just fine. Again, IoT devices do this all the time, but they also keep track of what addresses they gave out as receive addresses.

The IOTA wallet does it differently. Because it is possible to install the wallet on different devices, and log in both wallets with the same seed, the developers are determining the state of the wallet directly from the Tangle. That way both wallets will respond the same to events. Otherwise one could have kept track of some important addresses and the other would have no knowledge of that. Pretty elegant solution.

But this solution comes with a hidden cost. To understand this we need to look at how the wallet decides which addresses have been used already. It does that by asking the node it is connected to for a list of transactions that incorporate that address. If there are no transactions yet it concludes that it has not used the address yet.

By attaching an address to the Tangle you explicitly create a zero-transfer transaction for that address. Now the wallet can find that transaction in the Tangle, so it knows it is in use already. And yes, in case someone sends iotas to that address, the wallet can find that transaction in the tangle and again sees that it is in use already. Therefore we don't need to explicitly attach it, right? Bzzzzt! *Wrong*!!

Let's say I have X iotas in address A. I decide to withdraw another Y iotas from the exchange to address B. That's what I learned from rule 1. Use a different address. I don't bother explicitly attaching address B to the Tangle, because I was told before that that was not strictly necessary. So I put in the order and the exchange starts processing the order. Which again takes time.

To spread more joy I decide to send Z iotas to my friend again. I initiate the transfer, and this time the wallet can take from address A, send Z iotas to my friend's address, and then it wants to send the remaining X - z iotas to a new receive address. So it looks in the tangle which address is not in use already. Aha! Address B is not used yet. So it merrily sends the results to address B. Oh dear. Now we are in the same situation as we were in with rule 1.

So if we now decide to send another amount of iotas to another friend, we will be spending address B before the withdrawal *to* address B has executed. And we end up with a guaranteed multi-spend again.

This situation could have been simply avoided by explicitly attaching address B to the Tangle. In which case the wallet would have seen it was in use already, and it would have sent the remainder to a new address C instead.
So case in point: ALWAYS attach a new receive address to the Tangle.


RULE 6: ALWAYS wait for a transaction to be confirmed before sending anything else.

I can immediately hear some people say: "But the wallet will keep me from multi-spending!" And again, they are technically correct. The wallet will check before spending if there already has been a confirmed spend on the address, and won't allow a second spend in that case. But consider the following scenario:

I have X iotas in address A. I now decide to send Y iotas to an exchange. This will generate a transaction #1 spending Y iotas from address A.
Now I also decide to send my friend his Z iotas before transaction #1 has been confirmed. Since the wallet still sees the X iotas in address A it will happily generate transaction #2 spending Z iotas from address A. Oops! Two spends from the same address.

This situation could have been simply avoided by waiting for transaction #1 to be confirmed before sending transaction #2.
So case in point: ALWAYS wait for a transaction to be confirmed before sending anything else.


Note that a lot of these situations are even muddier because you have no idea what address(es) the wallet is going to pick as input(s) for sending iotas somewhere.

Also note that I only provide one example of where things can go wrong for each rule. Things become even muddier when snapshots happen. But that is something for another article.

Hello Eric, 

While I believe those are great rules and a good contribution that people needs to be aware of, I feel that RULE#1 is overly prohibitive and strictly phrased, so it ends up creating worries rather than removing them.

If you typically make 1 transfer a month (which currently is probably the typical usage pattern for most human users, unless you are a developer and/or like to play around and testing stuff)
+ you know that there are no pending transfers, and you know that no outgoing transfers have ever been made from the address you are sending into 
then you will be just fine with receiving to the same address multiple times.

So for a very active user who 24/7 transfers IOTA here and there, on-the-fly from their mobile while on a bus: 
then yes, I would agree with your emphasizing of NEVER in rule 1.

But for someone who for the most part passively stores value, I think it is a bit over the top.

Also, iotasear.ch now remembers history across snapshots, so you would be able to check since the beginning of time if you had ever sent out from that address. 


Kind regards

Great guide Eric. Will translate to spanish ASAP. Thanks!

that raises couple of questions for me. 

so beside the SEED which I think of it as my private key, obviously there are addresses and each address has one private key assigned to it?
and when the wallet sends fund, the 50% of that address is exposed to the whole world or just to receiver?

@nightograph 50% of the private key for that address is revealed to the whole world. Which matters none at all as long as you don't ever use that address again. Here's a much deeper dive for you:
Everything to know about address reuse: (and how to avoid losing your funds!)
https://forum.helloiota.com/996/IOTA-Address-Reuse-Explained-for-Laymen
https://kb.helloiota.com/KnowledgebaseArticle50015.aspx
https://forum.helloiota.com/975/Address-Reuse-Discussion
https://forum.helloiota.com/1806/RE-Does-the-GUI-wallet-automatically-take-care-of-generating-new-adresses-when-you-take-iotas-out-of?

thanks , so technically there is no need for the seeds to get access to one's funds - knowing the addresses is sufficient to initiate a transfer (am i correct?) - so is it my correct understanding that the SEED is just an entry to a set of addresses owned by you? thanks agai

@nightograph This is incorrect.

You can't sign a transaction from an address without a private key. You can't know that address's private key unless you 1) have the seed that generates that private key, or 2) brute force (guess) the private key after somebody double spends an address.

Spanish version already available at: 
http://www.iotahispano.com/2017/12/01/buenas-practicas-para-utilizar-la-wallet-de-iota-de-forma-segura/

+x

 

Carpincho - 1 Dec 2017

Spanish version already available at: 
http://www.iotahispano.com/2017/12/01/buenas-practicas-para-utilizar-la-wallet-de-iota-de-forma-segura/

Ok I have a question. It says u always have to create a new address to recieve new iotas (new transaction) .

This apply for when I sell/buy iotas with bitcoins in bitfinex for example?? Or that's another history?
I'm from Argentina and I'm only doing that for the moment..

+x

 

Nicolaaay - 5 Dec 2017

+x

 

Carpincho - 1 Dec 2017

Spanish version already available at: 
http://www.iotahispano.com/2017/12/01/buenas-practicas-para-utilizar-la-wallet-de-iota-de-forma-segura/

Ok I have a question. It says u always have to create a new address to recieve new iotas (new transaction) .

This apply for when I sell/buy iotas with bitcoins in bitfinex for example?? Or that's another history?
I'm from Argentina and I'm only doing that for the moment..

If you are trading BTC to IOTA or viceversa you dont need to create a new IOTA adress on your Exchange Wallet. You only need to do this everytime you are doing a new deposit on the Exchange wallets.

Wouldn't it be better to use a new seed for every transaction and only one address per seed?

Worst wallet ever. I can't get my coins. Will stop buying until they are ready to be a professional team. Maybe i will be back then.

+x

 

GLariviere - 8 Dec 2017

Worst wallet ever. I can't get my coins. Will stop buying until they are ready to be a professional team. Maybe i will be back then.

@GLariviere Really good choice. Definitely wait to get involved until the protocol is production ready in a few years. Thanks for the post

Was that some kind of irony?

Thanks Eric for a good explanation.

When you have a need of sending or receiving Iotas before a pending transaction is confirmed, there is a way around to abide by Rule 3 mentioned by Eric. Set up a few wallets with different seeds and storing various amounts of Iotas in each wallet.  If a transaction is pending on wallet A, and if you need to send or receive Iotas to or from an external source right away, you can use wallet B to perform the next transaction before the first transaction is confirmed. It is also a good risk management strategy -- not keeping all your eggs in one basket.

I have a related question for Eric though. Since only one wallet GUI can be opened on one computing device, can the same wallet GUI be re-used to open different wallets by inputting different seeds?  If it can, can we log-off wallet A while the first transaction is pending, restart the same wallet GUI in the same computer and sing-in wallet B with a different seed and then perform the second transaction under wallet B?  So the two transactions can be running simultaneously although from different wallets.

My question hasn't been answered, so I'd like to share my thoughts about something I think is going wrong here:

First of all: If I mustn't receive more than one transaction to a single address, how can I prevent that from happening? E.g. I want people to spend some IOTA...so I put an address on a website...and now there are severel transactions incoming. Or someone I am trading with just sends me the IOTA seperated to the same address, 1 i, 1 i again and 1 i again and so on. What shall I do in these cases?

And secondly: If I expose 50% of my private key with a transaction...wait. What is a private key? Is this the seed or is the seed something else? If it is indeed the seed, I would expose 50% of it on every spend I make, no matter which address I use, or wouldn't I? So after 2 or 3 transactions I'm exposed?

Thanks in advance if my questions, even if they sound stupid somehow, get answered.

+x

 

Cryptroll - 9 Dec 2017

My question hasn't been answered, so I'd like to share my thoughts about something I think is going wrong here:

First of all: If I mustn't receive more than one transaction to a single address, how can I prevent that from happening? E.g. I want people to spend some IOTA...so I put an address on a website...and now there are severel transactions incoming. Or someone I am trading with just sends me the IOTA seperated to the same address, 1 i, 1 i again and 1 i again and so on. What shall I do in these cases?

And secondly: If I expose 50% of my private key with a transaction...wait. What is a private key? Is this the seed or is the seed something else? If it is indeed the seed, I would expose 50% of it on every spend I make, no matter which address I use, or wouldn't I? So after 2 or 3 transactions I'm exposed?

Thanks in advance if my questions, even if they sound stupid somehow, get answered.

@Cryptroll Thanks for the good questions.

1) This will have to be a second layer solution later on down the road. For the moment, you'll just want to keep all of your websites updated with your most recent IOTA donation address.

2)  You'll find tidbits in all of these resources. Don't have time to type everything out right now.
https://kb.helloiota.com/KnowledgebaseArticle50015.aspx
Everything to know about address reuse: (and how to avoid losing your funds!)
Easy to understand depiction of address reuse: https://imgur.com/a/hFO67
https://forum.helloiota.com/996/IOTA-Address-Reuse-Explained-for-Laymen
https://kb.helloiota.com/KnowledgebaseArticle50015.aspx
https://forum.helloiota.com/975/Address-Reuse-Discussion
https://forum.helloiota.com/1806/RE-Does-the-GUI-wallet-automatically-take-care-of-generating-new-adresses-when-you-take-iotas-out-of?

Hallo everybody. I am new here. May I kindly ask you for some help please?
I bought some iota on bitfinex and have installed the light iota wallet 2.5.4 on my windows10 computer.
I was unable to attach my wallet to the tangle but this is obviously not needed?
I read that sometimes to recover any iotas one has to keep generating new addresses?
I hit the “receive” button several times but the wallet would always show the same addess.
How do I generate new addresses please?

I’d like to understand this wallet before I transfer any tokens into it?

Would it be better to use MAC instead of Windows or is there no difference?

With best regards
John

+x

 

CoinJohn - 17 Dec 2017

Hallo everybody. I am new here. May I kindly ask you for some help please?
I bought some iota on bitfinex and have installed the light iota wallet 2.5.4 on my windows10 computer.
I was unable to attach my wallet to the tangle but this is obviously not needed?
I read that sometimes to recover any iotas one has to keep generating new addresses?
I hit the “receive” button several times but the wallet would always show the same addess.
How do I generate new addresses please?

I’d like to understand this wallet before I transfer any tokens into it?

Would it be better to use MAC instead of Windows or is there no difference?

With best regards
John

@CoinJohn Thank you for the post, John.

In the wallet, click "Receive" > "Generate Address" > "Attach to tangle" > "Address Attached" > "Generate Address" > etc.