Device Security Guidelines
Overview
SSP Wallet uses a 2-of-2 multisignature system where both your browser extension (SSP Wallet) and mobile app (SSP Key) must approve transactions. This means protecting both devices is essential for securing your cryptocurrency.
π₯οΈ SSP Wallet (Browser Extension) Security
Browser Extension Protection
Essential Browser Settings:
β Pin SSP Wallet extension to toolbar for easy access
β Enable automatic browser updates
β Use official browser stores only (Chrome Web Store, Firefox Add-ons)
β Verify publisher is "Run on Flux" before installing
β Never install SSP Wallet from third-party websites
SSP Wallet Password Security
Your SSP Wallet password protects access to your browser extension:
π Use strong, unique password (12+ characters)
πΎ Store in password manager
π Never reuse passwords from other accounts
π« Don't use browser's built-in password saving for SSP Wallet
Computer Security for SSP Wallet
Critical Requirements:
π Lock your computer when not in use
π Enable automatic OS updates
π‘οΈ Run antivirus software (Windows Defender is sufficient)
π« Avoid using SSP Wallet on shared computers
π± SSP Key (Mobile App) Security
Mobile App Protection
Essential Mobile Settings:
π± Enable strong screen lock (6+ digit PIN or biometric)
π Enable biometric authentication for SSP Key if available
π Keep mobile OS updated to latest version
β Download only from official app stores (App Store, Google Play)
SSP Key PIN Security
Your SSP Key PIN protects transaction approvals:
π’ Use 6+ digit PIN (longer is better)
π€ Choose non-obvious numbers (avoid birthdays, sequences)
π Change PIN periodically for high-value wallets
π« Never share PIN with anyone
π 2-of-2 Security Implications
Why Both Devices Matter
In SSP's 2-of-2 system:
π Both keys required - Compromise of one device alone cannot steal funds
β‘ Both devices needed - Losing access to either device blocks transactions
π‘οΈ Distributed security - No single point of failure
Device Loss Scenarios
If you lose SSP Wallet device (computer):
π Install SSP Wallet on new computer
π Restore using seed phrase
π Re-sync with existing SSP Key
If you lose SSP Key device (mobile):
π Install SSP Key on new mobile device
π Restore using SSP Key seed phrase
π Re-sync with existing SSP Wallet
If you lose both devices:
π Need both seed phrases for complete recovery
π Install both apps on new devices
π Restore and re-sync both components
π¨ SSP-Specific Security Warnings
Never Do These:
β Don't use SSP Wallet on public computers (libraries, internet cafes)
β Don't approve transactions without verifying details on mobile
β Don't store seed phrases digitally (photos, cloud storage, etc.)
β Don't ignore sync errors - they may indicate security issues
β Don't share QR codes from sync process with others
Critical Security Practices:
β Always verify transaction details on SSP Key before approving
β Keep both devices updated and secure
β Store seed phrases separately in secure physical locations
β Test recovery process with small amounts first
β Monitor transaction history regularly on both devices
π οΈ Secure Usage Patterns
Daily Usage
π Lock both devices when not in use
π± Keep mobile device with you for transaction approvals
π Verify transaction details match on both screens
β° Don't approve transactions you didn't initiate
High-Value Transactions
π Double-check recipient addresses
π° Test with small amounts first
π Use secure network (avoid public WiFi)
β±οΈ Take time to review - don't rush approvals
Regular Maintenance
π Update both apps when new versions available
π Review transaction history weekly
π Verify seed phrase backups are secure and accessible
π± Check device sync status regularly
Emergency Response
If You Suspect Device Compromise
Immediate Actions:
π¨ Stop using compromised device immediately
π Move funds to new wallet if possible
π Set up fresh SSP Wallet on clean device
π Use seed phrases to restore on new device
Getting Help
π Report security issues via GitHub Issues
π Check transaction history on both devices for unauthorized activity
π± Contact device manufacturer for device-specific security concerns
Remember: SSP's 2-of-2 multisignature design means both devices must be secure, but also provides protection against single device compromise.
Last updated