Privacy & Security
Carrots behave like cash you hold yourself. That’s powerful — and it comes with responsibility. This page explains the basics for keeping your carrots private and secure.
Seeds & Keys (The Only Thing That Matters)
Your seed phrase (or private key) controls your carrots. Anyone with it can spend your balance. Never type it into random sites, never email it, and never store it in plain text.
- Best practice
- Write it down on paper (or metal) and store it in two safe, separate places.
- Passphrase
- Add a wallet passphrase if supported (BIP39 25th word). Don’t keep it with the seed.
Backups You Can Actually Restore
Backups are only useful if you’ve tested them. Do a small restore test on a second device (with networking off) to confirm your seed works before storing funds.
- Versioning
- If you back up encrypted wallet files, keep versioned copies so you can roll back corrupted ones.
- Separation
- Store backups away from your daily devices to reduce malware and theft risks.
Cold vs. Hot
Hot wallets live on connected devices—convenient but more exposed. Cold storage (hardware wallets or offline keys) keeps long-term savings safer.
- Rule of thumb
- Daily spending in hot; savings in cold. Don’t keep more hot than you’d carry in a physical wallet.
Device Hygiene
Most losses happen on infected or misconfigured machines, not from broken crypto.
- Keep OS and wallet software updated from official sources only.
- Use full-disk encryption and a strong device password (not reused).
- Install minimal extensions/apps; remove what you don’t use.
- Consider a dedicated, clean device for managing larger balances.
Phishing & Impersonation
If someone rushes you, offers “support,” or asks for your seed, it’s a scam.
- Type addresses manually or use your bookmarks. Don’t trust search ads.
- Verify downloads/checksums; beware look-alike domains.
- Never share screen or sign unknown transactions.
Network Privacy Basics
Carrot transactions are public; your identity shouldn’t be. Reduce linking signals where possible.
- Use new receive addresses; avoid reusing the same address.
- Prefer wallets that don’t leak your addresses to third parties.
- Consider Tor or privacy-enhanced wallets if available for Carrots.
Managing Risk by Amount
- Small (coffee money)
- Hot wallet on phone; simple PIN; cloud disabled for seed photos.
- Medium (rent)
- Hardware wallet + written seed in two locations; passphrase; transaction checks on device.
- Large (savings)
- Cold storage with multisig or split backups; dedicated offline device; strict access policy.
Multisig (Shared Responsibility)
Multisig requires multiple keys to move funds (e.g., 2-of-3). It protects against single-point failure: one lost key or one compromised device can’t drain the wallet.
- Distribute keys across people/places/providers.
- Document recovery steps clearly and test them.
- Avoid storing two keys in the same location or service.
Receiving & Sending Safely
- Always verify the full address before sending. Use device-screen verification if your wallet supports it.
- Send a tiny test first when paying a new address; confirm before the full amount.
- Remember: confirmed transactions are final. There’s no undo.
If Something Goes Wrong
- Lost device: Restore from seed on a clean machine; move funds to a new wallet.
- Seed exposed: Assume compromise. Immediately move funds to a fresh wallet with a new seed.
- Phished/Malware: Disconnect, sweep funds from a known-clean device, then rebuild your setup.
Remember: With great vegetable power comes great responsibility. Protect your seeds and you protect your carrots.
