You own your ENS name completely. No one—not ENS, not anyone—can take it from you. This means you're responsible for protecting it. If you lose your name, we cannot recover it.
Below are some recomendations around security setups for your ENS Name, different wallet types to consider in your setup, and Common Scams to watch out for.
Follow these security practices to protect your name from scammers and thieves.
Wallet type | Details |
Cold wallet | Stores your valuable assets offline. You rarely access it. |
Hot wallet | Your daily wallet for transactions. Only hold small amounts here. |
Hardware wallet | A physical device that keeps your private keys offline and secure |
Multi-Sig wallet | Requires multiple wallet approvals for any transaction. No single point of failure. |
Multiple wallets | Using multiple wallets of any of the above types |
Recomended Security Setup for your ENS name.
Recommended security setup:
Store ownership in your cold wallet to prevent theft
Set a hot or warm wallet as manager for daily updates without risking ownership
Point your ETH address and Primary Name to your hot wallet for daily transactions.
About the Cold wallet
Interacting with contracts can be risky, but necessary. A good idea is to keep a Cold wallet where you store assets you want to keep safe while using a Hot wallet for your day-to-day contract interactions.
ENS names have unique properties that make holding them in cold wallets easy, namely that you can have one wallet be the ownerOwner of it while having another wallet be its record administrator.
By pointing the ETH Address and Manager records to your hot wallet, you can use the ENS name from your day-to-day hot wallet just as if it was in that wallet, except if that wallet is compromised, you won't lose your ENS name.
This two-wallet setup ensures that even if a malicious actor compromises your hot wallet, the actual ownership of your ENS name remains safe in your cold wallet.
Cold wallets don't directly protect against interacting with a malicious contract or token approval scams, they only do so indirectly by not using them to interact with them. If your wallet is compromised and contains ENS names, transferring ownership to a secure wallet should be prioritized.
For maximum safety, always transfer ENS ownership to a cold wallet or hardware wallet that is not used for regular transactions. Additionally, double-check all transactions, particularly when transferring ownership or making modifications to records, to avoid costly errors.
Hardware wallets
A Hardware wallet is a device that improves your wallet security by keeping your private keys off your phone and computer. The keys are kept on the external device itself, and for each transaction you make you'll have to connect and approve the transaction on the device.
This gives added protection against many (but not all) types of scams and security issues:
Viruses
Fake MetaMask login websites
Fake wallets
Token approval scams / interacting with malicious contracts
Compromised seed phrase
Physical access
Multi-Sig wallets
A Multi-Sig wallet is a smart contract wallet that provides security by only allowing transactions to be performed if they're approved by several different wallets, thereby distributing the security responsibility between different keys or even different people.
Safe provides a very popular multi-sig wallet.
Common scams
The fake NFT mint
The fake NFT mint website is one of the most common scams, a site that's set up to look like an NFT project where you connect your wallet, press a button to mint, and approve a transaction to "get your NFT".
Instead, the transaction either transfers your NFTs directly or grants another wallet access to your entire NFT collection.
Always verify the transaction details in your wallet match what you intend to do.
The fake MetaMask login
A website designed to look like MetaMask's login screen can sometimes be extremely convincing.
The scam asks for your seedphrase. The real MetaMask only asks for your password.
Never share your seedphrase with anyone. ENS will never ask for it.
The fake airdrop claim
Fake airdrop claim pages multiply during real airdrops. During the ENS airdrop, we saw at least one fake claim site per week.
ENS has no current or planned airdrops. Any site claiming otherwise is a scam.
The fake token scam
Scammers send unknown tokens to your wallet. These tokens can drain your funds when you try to exchange them.
Never interact with tokens you didn't request or recognize.