As a general rule of thumb, if you don't know them, don't respond.
- Be cautious of anyone who messages you privately
- Autonomys staff will never DM you first. We will always ask a user to DM us in a public channel
- Never share recovery phrases, seeds, private keys, or passwords with ANYONE
- Do not click on any links or download any files sent to you in a private message
- Never send funds to someone you don't know
If you encounter suspicious activity or need help with wallet security, use these resources to get immediate assistance or set up secure storage for your crypto assets.
Security Best Practices
The following security guidance is organized into focused sections to help you protect your crypto assets, avoid common scams, secure your infrastructure, and maintain your privacy. These practices are essential for anyone participating in the Autonomys ecosystem, whether you're farming, staking, or simply holding AI3 tokens. Each section builds upon fundamental security principles while addressing the unique challenges of the modern crypto landscape.
- Wallet Security
- Scam Protection
- Infrastructure Security
- Privacy & OPSEC
Protecting Your Crypto Assets
Strong Password Requirements
With AI-powered attacks becoming common, password requirements have evolved:
- Minimum 16 characters (12-character passwords can be cracked in hours)
- Use passphrases: 4-6 random words are stronger than complex symbols
- Example weak:
S0methin9C00l! - Example strong:
coffee-helicopter-mountain-telescope-47 - Never reuse passwords across any services
Password Managers - Essential for Security
Recommended password managers:
- 1Password - Cross-platform, excellent security record
- Bitwarden - Open-source, self-hostable option
- KeePass - Offline, completely private
Avoid: LastPass (security breaches), browser-based managers for crypto
Hardware 2FA Keys
Essential protection: Hardware security keys provide the strongest protection:
- YubiKey 5 Series - USB-A, USB-C, NFC options
- Google Titan Keys - Budget-friendly alternative
- Nitrokey - Open-source hardware option
Why hardware keys matter: SMS and app-based 2FA can be bypassed through SIM swapping and malware
Cold Storage is Critical
There is no official support for AI3 on any of these wallets at this time, but we will update as hardware wallet support is confirmed.
Never store significant amounts in hot wallets. Hardware wallets are essential:
Tier 1 (Recommended):
- Ledger Nano X/S Plus - Wide ecosystem support
- Trezor Model T/One - Open-source firmware
- GridPlus Lattice1 - Advanced security features
Security practices:
- Purchase only from official vendors
- Verify authenticity upon receipt
- Never enter seed phrase into any software
- Store seed phrase in fireproof/waterproof safe
Seed Phrase Best Practices
Physical storage only:
- Use metal seed phrase storage (fireproof/waterproof)
- Never store digitally (photos, cloud, etc.)
- Split storage across multiple secure locations
- Consider Shamir's Secret Sharing for large amounts
Recommended products:
- Billfodl/Cryptosteel for metal storage
- Distributed storage across bank safety deposit boxes
Recognizing and Avoiding Scams
Discord/Telegram Scams
Common tactics:
- Fake support accounts with similar names/avatars
- "Urgent validation" messages claiming account issues
- Fake airdrop/reward notifications
- Tech support impersonation for wallet "fixes"
Red flags:
- Unsolicited DMs about your account
- Requests for screen sharing or remote access
- Pressure to act quickly
- Links to lookalike websites
Website and App Scams
Always verify URLs:
- Bookmark official sites
- Check SSL certificates
- Be suspicious of URL shorteners
- Verify app signatures before installing
Common fake domains:
- autonomys.network (Official)
- autonomys.com (Fake)
- autonomys.io (Fake)
- autonomy.network (Fake)
Deepfake and AI Scams
New threats:
- Deepfake video calls impersonating team members
- AI-generated voice cloning for phone scams
- ChatGPT-powered phishing with perfect grammar
- Fake AI trading bots promising guaranteed returns
Protection strategies:
- Verify identity through multiple channels
- Use predetermined code words for sensitive discussions
- Be skeptical of "too good to be true" AI opportunities
DeFi and Yield Farming Scams
Common scam patterns:
- Fake yield farming pools with impossibly high APY
- Rug pulls disguised as legitimate protocols
- Influencer pump and dumps on social media
- Fake audit reports for malicious contracts
Due diligence checklist:
- Research team backgrounds and previous projects
- Verify smart contract audits from reputable firms
- Check tokenomics and vesting schedules
- Start with small test amounts
Securing Your Systems
Ubuntu 24.04 LTS Hardening
Base system security:
# Update system
sudo apt update && sudo apt upgrade -y
# Enable automatic security updates
sudo apt install unattended-upgrades
sudo dpkg-reconfigure -plow unattended-upgrades
# Install essential security tools
sudo apt install fail2ban ufw
Key improvements in Ubuntu 24.04:
- Enhanced AppArmor profiles
- Improved secure boot support
- Better container security
SSH Hardening
Modern SSH configuration (/etc/ssh/sshd_config):
# Disable password authentication completely
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
# Use strong key exchange algorithms
KexAlgorithms [email protected],diffie-hellman-group16-sha512
# Disable root login
PermitRootLogin no
# Limit connection attempts
MaxAuthTries 3
MaxSessions 2
# Use non-standard port
Port 2222
Generate Ed25519 keys (stronger than RSA):
ssh-keygen -t ed25519 -f ~/.ssh/autonomys_server
UFW Firewall Setup
Essential firewall rules:
# Reset to defaults
sudo ufw --force reset
# Default policies
sudo ufw default deny incoming
sudo ufw default allow outgoing
# SSH (use your custom port)
sudo ufw allow 2222/tcp comment 'SSH'
# Autonomys node ports
sudo ufw allow 30333/tcp comment 'Node Consensus'
sudo ufw allow 30433/tcp comment 'Node DSN'
sudo ufw allow 30533/tcp comment 'Farmer'
# Enable firewall
sudo ufw enable
Note: The ports shown above are the standard Autonomys network ports. For detailed information about port forwarding, firewall configuration, and scenarios with multiple nodes, refer to the comprehensive Port Forwarding & Firewall guide.
Docker Security Best Practices
Secure Docker configuration:
# Run containers as non-root user
docker run --user 1000:1000 autonomys/node
Operational Security
VPN and Network Security
Reliable VPN providers:
- Mullvad - Anonymous payments, no logs
- IVPN - Privacy-focused, open source
- ProtonVPN - Secure Core architecture
Avoid: Free VPNs, providers with data retention laws
Additional network security:
- Use DNS over HTTPS (DoH) or DNS over TLS (DoT)
- Consider Tor for maximum anonymity
- Avoid public WiFi for crypto transactions
Secure Browsing Setup
Recommended browser configuration:
- Firefox with privacy hardening
- Brave with built-in ad/tracker blocking
- Tor Browser for maximum privacy
Essential extensions:
- uBlock Origin - Ad and tracker blocking
- ClearURLs - Remove tracking parameters
- Decentraleyes - Protect against tracking
Avoid: Chrome for crypto activities (Google tracking)
Social Media Security
Platform-specific risks:
- Twitter/X: Account takeovers, fake verification
- Discord: Server impersonation, DM scams
- Telegram: Fake channels, impersonation bots
- Reddit: Subreddit takeovers, fake AMAs
Protection strategies:
- Use separate accounts for crypto activities
- Never post about holdings or profits
- Verify official accounts through multiple sources
- Be suspicious of financial advice from strangers
Personal Data Protection
Email security:
- ProtonMail or Tutanota for crypto communications
- Use aliases for different services
- Enable email encryption when possible
File storage:
- Encrypt sensitive files locally
- Signal for secure messaging
Device security:
- Full disk encryption (FileVault, BitLocker, LUKS)
- Regular security updates