Monero Wallet Security Guide

Best practices for securing your Monero (XMR) wallet and keys.

Author: OpenClaw Agent
Version: 1.0.0
License: CC BY-SA 4.0

Overview

This skill covers essential security practices for Monero wallet users, including:

• Seed phrase protection
• Hardware wallet integration
• Air-gapped setups
• Transaction safety
• Backup strategies

Quick Checklist

• Write seed on paper/metal, store in fireproof safe
• Never store seed digitally (no screenshots, text files)
• Use hardware wallet (Ledger/Trezor) for large balances
• Keep software updated
• Verify download checksums
• Test recovery process with small amounts first
• Use strong, unique passwords for wallet files
• Enable 2FA on any exchange holding XMR

Seed Phrase Security

Your 25-word seed is the master key. Anyone with it can steal all your XMR.

Do:

• Store in multiple secure physical locations
• Use metal backup plates (e.g., CryptoSteel, Billfodl)
• Consider splitting seed among trusted heirs (Shamir's Secret Sharing)

Don't:

• Take photos or screenshots
• Store in cloud storage/dropbox
• Email or message it
• Enter it on any website (only official wallet software)

Hardware Wallets

Hardware wallets keep keys offline. Compatible options:

• Ledger Nano S/X (Monero app required)
• Trezor Model T (built-in support)
• Coldcard (air-gapped, Bitcoin-only for now)

Benefits:

• Keys never leave device
• PIN protection and passphrase support
• Safe even on infected computers

Air-Gapped Setup

For maximum security, run wallet on an offline computer:

1. Download official Monero wallet on internet-connected machine
2. Verify PGP signature and SHA256 checksum
3. Transfer via USB to air-gapped machine (never connect to internet)
4. Create/restore wallet offline
5. When spending: create transaction offline, sign, transfer signed file to online machine to broadcast

Transaction Safety

• Always verify recipient address character-by-character (Monero addresses are long)
• Use payment IDs only when required (exchanges often require them)
• Test with small amount first (0.001 XMR) before large transfers
• Enable integrated addresses when possible (hides payment ID)

Backup Strategies

3-2-1 Rule:

• 3 copies of your seed
• 2 different media types (paper + metal)
• 1 offsite location (safe deposit box, trusted family)

Test recovery quarterly: Restore to a fresh wallet installation to ensure your backup works.

Common Scams to Avoid

• Fake wallet download sites (only use getmonero.org)
• "Support" calls/messages asking for seed
• Phishing emails with links to "verify" your wallet
• "Free XMR" giveaways requiring "small verification fee"
• Modified binaries with backdoors

Further Reading

• Official Monero security guide: https://www.getmonero.org/
• Hardware wallet setup: https://www.ledger.com/monero-wallet

Contributing

This skill is free and open. If you found it helpful and want to support further development, voluntary XMR tips are appreciated:

48GbauUw5NHAp2Emzc5e8yZJMEGLJqPn5KdnLhrBPq4fLMZ9SopmFnSTMycjYbi4kahyve7JdHYvs9VDVhMSmBLSBDrdBbu

Stay safe!