WebsiteGitHub
Edit

Device Security Guidelines

Overview

SSP Wallet uses a 2-of-2 multisignature system where both your browser extension (SSP Wallet) and mobile app (SSP Key) must approve transactions. This means protecting both devices is essential for securing your cryptocurrency.

🖥️ SSP Wallet (Browser Extension) Security

Browser Extension Protection

Essential Browser Settings:

  • Pin SSP Wallet extension to toolbar for easy access

  • Enable automatic browser updates

  • Use official browser stores only (Chrome Web Store, Firefox Add-ons)

  • Verify publisher is "Run on Flux" before installing

  • Never install SSP Wallet from third-party websites

SSP Wallet Password Security

Your SSP Wallet password protects access to your browser extension:

  • 🔐 Use strong, unique password (12+ characters)

  • 💾 Store in password manager

  • 🔄 Never reuse passwords from other accounts

  • 🚫 Don't use browser's built-in password saving for SSP Wallet

Computer Security for SSP Wallet

Critical Requirements:

  • 🔒 Lock your computer when not in use

  • 🔄 Enable automatic OS updates

  • 🛡️ Run antivirus software (Windows Defender is sufficient)

  • 🚫 Avoid using SSP Wallet on shared computers

📱 SSP Key (Mobile App) Security

Mobile App Protection

Essential Mobile Settings:

  • 📱 Enable strong screen lock (6+ digit PIN or biometric)

  • 🔐 Enable biometric authentication for SSP Key if available

  • 🔄 Keep mobile OS updated to latest version

  • Download only from official app stores (App Store, Google Play)

SSP Key PIN Security

Your SSP Key PIN protects transaction approvals:

  • 🔢 Use 6+ digit PIN (longer is better)

  • 🤔 Choose non-obvious numbers (avoid birthdays, sequences)

  • 🔄 Change PIN periodically for high-value wallets

  • 🚫 Never share PIN with anyone

🔐 2-of-2 Security Implications

Why Both Devices Matter

In SSP's 2-of-2 system:

  • 🔑 Both keys required - Compromise of one device alone cannot steal funds

  • Both devices needed - Losing access to either device blocks transactions

  • 🛡️ Distributed security - No single point of failure

Device Loss Scenarios

If you lose SSP Wallet device (computer):

  1. 🆕 Install SSP Wallet on new computer

  2. 🔑 Restore using seed phrase

  3. 🔄 Re-sync with existing SSP Key

If you lose SSP Key device (mobile):

  1. 🆕 Install SSP Key on new mobile device

  2. 🔑 Restore using SSP Key seed phrase

  3. 🔄 Re-sync with existing SSP Wallet

If you lose both devices:

  1. 🔑 Need both seed phrases for complete recovery

  2. 🆕 Install both apps on new devices

  3. 🔄 Restore and re-sync both components

🚨 SSP-Specific Security Warnings

Never Do These:

  • Don't use SSP Wallet on public computers (libraries, internet cafes)

  • Don't approve transactions without verifying details on mobile

  • Don't store seed phrases digitally (photos, cloud storage, etc.)

  • Don't ignore sync errors - they may indicate security issues

  • Don't share QR codes from sync process with others

Critical Security Practices:

  • Always verify transaction details on SSP Key before approving

  • Keep both devices updated and secure

  • Store seed phrases separately in secure physical locations

  • Test recovery process with small amounts first

  • Monitor transaction history regularly on both devices

🛠️ Secure Usage Patterns

Daily Usage

  • 🔒 Lock both devices when not in use

  • 📱 Keep mobile device with you for transaction approvals

  • 👀 Verify transaction details match on both screens

  • Don't approve transactions you didn't initiate

High-Value Transactions

  • 🔍 Double-check recipient addresses

  • 💰 Test with small amounts first

  • 🏠 Use secure network (avoid public WiFi)

  • ⏱️ Take time to review - don't rush approvals

Regular Maintenance

  • 🔄 Update both apps when new versions available

  • 🔍 Review transaction history weekly

  • 🔑 Verify seed phrase backups are secure and accessible

  • 📱 Check device sync status regularly

Emergency Response

If You Suspect Device Compromise

Immediate Actions:

  1. 🚨 Stop using compromised device immediately

  2. 🔄 Move funds to new wallet if possible

  3. 🆕 Set up fresh SSP Wallet on clean device

  4. 🔑 Use seed phrases to restore on new device

Getting Help

  • 📝 Report security issues via GitHub Issues

  • 🔍 Check transaction history on both devices for unauthorized activity

  • 📱 Contact device manufacturer for device-specific security concerns

Remember: SSP's 2-of-2 multisignature design means both devices must be secure, but also provides protection against single device compromise.

PreviousRuntime Security with LavaMoatNextHalborn Security Audit 2025

Last updated