Blockchain Domain Security Guide and Best Practices

Self-custody is one of the most important features of a blockchain domain. This is what makes your domain uncensorable. This is what gives you full control over your domain.

A self-custody solution is possible because your domain is an asset on the blockchain and stored like a cryptocurrency in your wallet. This custody method gives your blockchain domain “superpowers” that traditional domains do not have.

Due to the self-custody nature of your blockchain domain it:

  • Cannot be seized by a third party.
  • Can enable censorship resistant websites.
  • Can be transferred around the world in seconds, without needing permission from any third party.
  • Gives the owner sole control and access to domain management features - adding crypto addresses and pointing content to your domain.

Claiming Your Domains

Claiming your domain is the process of taking your domain from our database and launching it on the blockchain. This is the process where you, the user, takes full control and ownership of your domain. After you claim, your domain is an asset on the blockchain and stored in your wallet.

In the process of creating your wallet, you will generate a keystore file and create a passphrase. It is extremely important to store both of these items in a safe place.

If you lose your keystore file or your passphrase - you will lose access to your domains.

Why?

Because after claiming your domains - your domains are assets on the blockchain and stored in your wallet. The only way to interact with your domains (add cryptocurrency addresses, transfer, build websites) is to access your wallet. Every time you want to access your wallet you will be asked to upload your keystore file and enter your passphrase.

Keystore Security Best Practices

The focal point of discussion up to this point is understanding why blockchain keystore file security and passphrase security are vitally important. We are now going to discuss best storage and safety practices.

When creating a wallet, a prompt appears to generate a passphrase for the wallet. Create a strong passphrase that hasn’t been repeatedly used with other authentication systems in the past. We recommend creating a passphrase that is at least 13 characters long. Enter the passphrase, confirm it, and then select ‘Generate Keystore’.

After you create your passphrase, we recommend writing down your passphrase on a piece of paper and storing the paper in a safe location. You can repeat this process multiple times and store each paper in a different location.

You can also create a text file with your passphrase and add it to a password protected folder, email, or drive.

The most important part is to pick a security method that works for you. If you lose your passphrase - you will not be able to access your domains.

After you create your passphrase, you will be asked to generate and download a keystore file:

This automatically creates a unique keystore and generates a file. Just like your passphrase, if you lose your keystore file - you will not be able to access your domains.

Here are a few security methods to store your keystore file:

  • Password protected folder: Create a local password protected folder in the file system on your computer. It’s critical to remember the name of this folder in the future, so pick a name you will remember. Download the keystore wallet file and save it in the password protected folder.
  • USB: Purchase a USB and store your keystore file offline on the USB. You can also password protect your USB for an added layer of security. You can repeat this process multiple times by duplicating your keystore file and adding it to different USBs. It is very important that you store your USB in a safe place.

Every time you want to perform an action or access your domains - you will be asked to enter your passphrase and upload your keystore file.

The next step is to create reliable backup methods to retrieve this information in case it is lost or forgotten. Single points of failure are bad for security.

Write all of the corresponding information down on a piece of paper:

  • Where you stored your passphrase.
  • Where you stored your keystore file.
  • Store this paper in a safe place that is also repeatedly accessible. Do not share this information with anyone!

Warnings:

Be careful of hackers that devise deceptive phishing and social engineering tactics online. It’s critical to remember that an Unstoppable Domains team member will never ask you for a wallet passphrase or keystore file. Never share this information online in a public location such as a Telegram chat. It’s also a standard security practice to double check the domain name for the Unstoppable Domains website before engaging in activities involving a keystore file. Hackers will commonly attempt to trick users into sharing sensitive information by cloning a website and switching around a few details in the URL. Do not trust online services that reach out claiming to take secure custody of blockchain domains. Finally, watch out for fake emails and social media messages from hackers or bots spreading false information about Unstoppable Domains involving wallet ‘updates’. There is never a reason to share your keystore file or passphrase with anyone. If you want to transfer a domain to someone else, this will happen with the public address.