TL;DR
Your private key has been compromised? This guide walks you through immediate steps to contain the damage, secure your assets, and recover if possible. Speed is critical.
Steps to Take Immediately
- Identify the Scope: What wallets or accounts are associated with the leaked private key? Is it a single wallet, multiple, or part of a larger system (e.g., exchange account)?
- Move Funds (If Possible): This is your top priority. If you still have control and funds remain in affected wallets:
- Immediately transfer all assets to a new wallet with a securely generated private key. Do not reuse the compromised key!
- Consider using multiple new wallets for different asset types to limit potential damage.
- Revoke Access (Where Applicable): If the key was used on platforms like exchanges or DeFi protocols:
- Log into those accounts and revoke access for any addresses associated with the compromised private key. Most platforms have a ‘connected apps’ or similar section.
- Change passwords and enable two-factor authentication (2FA) on all related accounts, even if you believe they weren’t directly affected.
- Report the Leak:
- If it was an exchange or service where the key was stored, report the incident to their security team immediately.
- Consider reporting to relevant authorities (e.g., law enforcement) if you suspect a large-scale breach.
Securing Your Remaining Assets
- Generate New Private Keys: Use reputable wallet software or hardware wallets.
- Hardware Wallets (Recommended): These store your private key offline, significantly reducing the risk of compromise. Examples include Ledger and Trezor.
- Software Wallets: Choose well-established and audited options like MetaMask (for Ethereum) or Trust Wallet. Ensure you download from official sources only!
- Secure Your Seed Phrase: The seed phrase is the backup for your private key.
- Write it down on paper and store it in a secure, offline location (e.g., safe deposit box). Never store it digitally!
- Consider splitting the seed phrase into multiple parts and storing them separately.
- Review Connected Applications: Regularly check which applications have access to your wallets and revoke unnecessary permissions.
Understanding the Risks
A compromised private key gives an attacker complete control over any funds associated with that key. They can:
- Transfer all your assets.
- Interact with DeFi protocols and potentially lose funds due to malicious contracts.
- Impersonate you on platforms where the key was used.
Example: Revoking Access in MetaMask
To revoke access for a compromised address in MetaMask:
- Open MetaMask and click on the account icon.
- Select ‘Connected Sites’.
- Click ‘Disconnect’ next to any site associated with the leaked private key or any suspicious connections.
Example: Generating a New Key (Command Line – for advanced users)
Warning: This is for experienced users only. Incorrect use can lead to further loss of funds.
openssl rand -base64 32This command generates a random 32-byte string, which can be used as a private key (though it’s best practice to use wallet software for this).
Further Resources
- Your Wallet Provider’s Support: Contact their support team for specific guidance.
- cyber security awareness websites: Search online for reputable resources on blockchain and cyber security best practices.