Encrypting user data and private keys
Ensure that the protection of sensitive information such as secret numbers, mnemonics, and private keys is addressing all possible risks. Merely storing data in the Keychain or Keystore is insufficient. To enhance security, keys should be encrypted using hardware-backed encryption (Secure Enclave/Hardware-backed Keystore) and tied to biometric authentication.
Protecting against large-scale exploits
To mitigate the risk of widespread exploits and financial fraud, a number of factors need to be taken into account, such as implementing proper session management, securely handling transactions, and incorporating measures to prevent network attacks (replay, MitM, TLS strip, etc).
Educating the user to make better choices
In a self-custodial wallet, the weakest link is often the user. By understanding how to protect their secrets, enabling biometric authentication, and identifying phishing attempts, users can make informed decisions that reduce the likelihood of losing their funds.
