« Index
« Index
Browser Wallet
Web3 Infrastructure • Tools • Interfaces
extension-based Web3 gateway
Browser Wallet is a type of cryptocurrency wallet that functions as a browser extension, allowing users to manage digital assets and interact directly with decentralized applications (dApps). It securely stores private keys on the user’s device and enables quick access to Web3 features like token swaps, NFT minting, and DeFi protocols. Examples include MetaMask, Rabby, and Phantom.
Use Case: A trader connects their browser wallet to a DeFi exchange to swap tokens quickly, while also using it for NFT minting without relying on centralized exchanges, keeping silver profits liquid.
Key Concepts:
- Mobile Wallet — Smartphone-based wallet for portability and QR code payments
- Desktop Wallet — Software installed on a computer, often supporting full-node features
- Custodial Wallet — Exchange or third-party-controlled wallet requiring user trust
- Hardware Wallet — Physical device for offline private key storage and high security
- Software Wallet — Application-based wallet installed on devices for asset management
- Crypto Wallets — General category covering all types of cryptocurrency wallets
- Private Keys — Cryptographic keys required to access and control wallet funds
- Self-Custody — Direct control of assets without depending on intermediaries
- Hot Wallet — Internet-connected wallet with higher convenience but more risk
- Seed Phrase — Backup recovery phrase used to restore wallets if lost or damaged
- Multisig Wallet — Wallet requiring multiple signatures for transactions
- Air-Gapped Wallet — Wallet isolated from the internet for maximum security
- Cold Wallet — Wallet kept offline to protect assets from hacks and online threats
- Watch-Only Wallet — Wallet that can view balances and activity without spending ability
- Paper Wallet — Printed version of keys or QR codes for offline storage
Summary: Browser wallets are the primary interface between users and Web3. They combine convenience with self-custody, letting you sign transactions, connect to dApps, and manage assets across multiple chains—all from your browser toolbar.
How Browser Wallets Work
the mechanics of extension-based Web3 access
Install
Connect
Sign
Broadcast
Step 1: Install Extension
Download from official source • Extension lives in browser toolbar • Create wallet or import seed phrase • Keys stored locally (encrypted)
Download from official source • Extension lives in browser toolbar • Create wallet or import seed phrase • Keys stored locally (encrypted)
Step 2: Connect to dApp
Visit DeFi site or NFT marketplace • Click “Connect Wallet” • Wallet popup requests permission • You approve connection
Visit DeFi site or NFT marketplace • Click “Connect Wallet” • Wallet popup requests permission • You approve connection
Step 3: Sign Transaction
dApp requests action (swap, stake, mint) • Wallet displays transaction details • You review gas fees and amounts • Click confirm to sign with private key
dApp requests action (swap, stake, mint) • Wallet displays transaction details • You review gas fees and amounts • Click confirm to sign with private key
Step 4: Broadcast to Chain
Signed transaction sent to network • Validators include in next block • Confirmation appears on-chain • dApp updates to reflect change
Signed transaction sent to network • Validators include in next block • Confirmation appears on-chain • dApp updates to reflect change
Key Security Feature: Your private key never leaves your device. The wallet signs transactions locally and only sends the signed output to the blockchain. dApps never see your seed phrase.
Popular Browser Wallets
choosing the right extension for your ecosystem
Browser Wallet Security
protecting your extension-based assets
Do This
✓ Download only from official sites
✓ Write seed phrase on paper (offline)
✓ Use hardware wallet for large holdings
✓ Review every transaction before signing
✓ Revoke unused token approvals
✓ Use separate wallet for risky dApps
✓ Download only from official sites
✓ Write seed phrase on paper (offline)
✓ Use hardware wallet for large holdings
✓ Review every transaction before signing
✓ Revoke unused token approvals
✓ Use separate wallet for risky dApps
Never Do This
✗ Store seed phrase digitally
✗ Share seed phrase with anyone
✗ Click wallet links from DMs
✗ Connect to unknown dApps
✗ Approve unlimited token spending
✗ Ignore transaction warnings
✗ Store seed phrase digitally
✗ Share seed phrase with anyone
✗ Click wallet links from DMs
✗ Connect to unknown dApps
✗ Approve unlimited token spending
✗ Ignore transaction warnings
Common Attack Vectors
• Phishing sites mimicking official URLs
• Fake “wallet support” DMs
• Malicious token approvals
• Browser extension hijacking
• Clipboard malware (address swapping)
• Social engineering
• Phishing sites mimicking official URLs
• Fake “wallet support” DMs
• Malicious token approvals
• Browser extension hijacking
• Clipboard malware (address swapping)
• Social engineering
Security Tools
• Revoke.cash — Approval management
• Rabby — Transaction simulation
• Wallet Guard — Phishing protection
• Tangem — Hardware signing (10% off)
• Ledger — Hardware wallet
• Revoke.cash — Approval management
• Rabby — Transaction simulation
• Wallet Guard — Phishing protection
• Tangem — Hardware signing (10% off)
• Ledger — Hardware wallet
Golden Rule: Your seed phrase = your funds. Anyone who asks for it is a scammer. No legitimate support will ever request your seed phrase or ask you to “validate” or “sync” your wallet.
Browser Wallet vs Mobile Wallet
choosing the right interface for your needs
Browser Wallet Strengths
• Seamless dApp integration
• Larger screen for complex DeFi
• Easier to review transaction details
• Multiple tabs for research + action
• Better for power users
• Hardware wallet integration
• Seamless dApp integration
• Larger screen for complex DeFi
• Easier to review transaction details
• Multiple tabs for research + action
• Better for power users
• Hardware wallet integration
Mobile Wallet Strengths
• Always with you
• QR code scanning for payments
• Biometric security (face/fingerprint)
• Better for quick transfers
• In-person payments possible
• WalletConnect to desktop dApps
• Always with you
• QR code scanning for payments
• Biometric security (face/fingerprint)
• Better for quick transfers
• In-person payments possible
• WalletConnect to desktop dApps
Browser Wallet Risks
• Computer malware exposure
• Phishing via lookalike URLs
• Extension vulnerabilities
• Shared computer risk
• Clipboard hijacking
• Computer malware exposure
• Phishing via lookalike URLs
• Extension vulnerabilities
• Shared computer risk
• Clipboard hijacking
Mobile Wallet Risks
• Phone loss or theft
• SIM swap attacks
• Malicious apps
• Smaller screen = harder to verify
• Impulse decisions on-the-go
• Phone loss or theft
• SIM swap attacks
• Malicious apps
• Smaller screen = harder to verify
• Impulse decisions on-the-go
Wallet Setup Strategy
organizing wallets by purpose for security and convenience
Vault Wallet (Cold)
• Hardware wallet (Tangem/Ledger)
• Long-term holdings only
• Rarely connected to dApps
• Majority of portfolio here
• Never used for risky interactions
• Hardware wallet (Tangem/Ledger)
• Long-term holdings only
• Rarely connected to dApps
• Majority of portfolio here
• Never used for risky interactions
Main Wallet (Warm)
• Browser wallet (MetaMask/Rabby)
• Trusted DeFi protocols only
• Active yield positions
• Moderate holdings
• Regular approval audits
• Browser wallet (MetaMask/Rabby)
• Trusted DeFi protocols only
• Active yield positions
• Moderate holdings
• Regular approval audits
Burner Wallet (Hot)
• Separate browser wallet
• New mints, airdrops, experiments
• Minimal funds loaded
• Assume it could be compromised
• Disposable if exploited
• Separate browser wallet
• New mints, airdrops, experiments
• Minimal funds loaded
• Assume it could be compromised
• Disposable if exploited
Mobile Wallet
• Daily spending/payments
• Quick transfers
• Small amounts only
• Biometrics enabled
• Convenience over security
• Daily spending/payments
• Quick transfers
• Small amounts only
• Biometrics enabled
• Convenience over security
Pro Setup: 80% in hardware vault (Tangem 10% off), 15% in main browser wallet for active DeFi, 5% in burner/mobile for experiments and daily use. Never connect vault wallet to unverified contracts.
Understanding Token Approvals
what you’re really signing when connecting to dApps
What Is an Approval?
• Permission for contract to move your tokens
• Required before swaps, staking, LPing
• One-time per token per contract
• Stays active until revoked
• Separate from the actual transaction
• Permission for contract to move your tokens
• Required before swaps, staking, LPing
• One-time per token per contract
• Stays active until revoked
• Separate from the actual transaction
The Risk
• Unlimited approvals = unlimited access
• Malicious contracts can drain wallet
• Old approvals never expire
• Forgotten approvals = attack surface
• Phishing sites exploit this
• Unlimited approvals = unlimited access
• Malicious contracts can drain wallet
• Old approvals never expire
• Forgotten approvals = attack surface
• Phishing sites exploit this
Safe Approval Practices
• Approve exact amount needed
• Revoke after use when possible
• Check what you’re approving
• Use Rabby for simulation
• Audit approvals monthly
• Approve exact amount needed
• Revoke after use when possible
• Check what you’re approving
• Use Rabby for simulation
• Audit approvals monthly
How to Revoke
1. Visit revoke.cash
2. Connect your browser wallet
3. Select network (Flare, ETH, etc.)
4. Review active approvals
5. Revoke unnecessary ones
6. Confirm (small gas fee)
1. Visit revoke.cash
2. Connect your browser wallet
3. Select network (Flare, ETH, etc.)
4. Review active approvals
5. Revoke unnecessary ones
6. Confirm (small gas fee)
Monthly Habit: Set a reminder to check revoke.cash once a month. Revoke approvals for contracts you no longer use. This simple habit prevents most approval-based exploits.
Browser Wallet Checklist
secure setup from day one
Initial Setup
☐ Download from official website only
☐ Verify URL carefully before installing
☐ Create new wallet (fresh seed)
☐ Write seed phrase on paper
☐ Store in secure physical location
☐ Set strong unique password
☐ Download from official website only
☐ Verify URL carefully before installing
☐ Create new wallet (fresh seed)
☐ Write seed phrase on paper
☐ Store in secure physical location
☐ Set strong unique password
Network Configuration
☐ Add Flare Network (if using FLR)
☐ Add other chains you need
☐ Verify RPC URLs are correct
☐ Test with small transaction
☐ Bookmark official dApp URLs
☐ Use chainlist.org for easy setup
☐ Add Flare Network (if using FLR)
☐ Add other chains you need
☐ Verify RPC URLs are correct
☐ Test with small transaction
☐ Bookmark official dApp URLs
☐ Use chainlist.org for easy setup
Security Hardening
☐ Never screenshot seed phrase
☐ Get hardware wallet (Tangem 10% off)
☐ Install Wallet Guard extension
☐ Learn to read transaction details
☐ Create separate burner wallet
☐ Practice revoking an approval
☐ Never screenshot seed phrase
☐ Get hardware wallet (Tangem 10% off)
☐ Install Wallet Guard extension
☐ Learn to read transaction details
☐ Create separate burner wallet
☐ Practice revoking an approval
Ongoing Maintenance
☐ Review approvals monthly
☐ Keep extension updated
☐ Monitor for suspicious activity
☐ Back up seed phrase copy
☐ Test recovery process yearly
☐ Clear unused account connections
☐ Review approvals monthly
☐ Keep extension updated
☐ Monitor for suspicious activity
☐ Back up seed phrase copy
☐ Test recovery process yearly
☐ Clear unused account connections
First-Timer Tip: Send a tiny amount first to test your setup. Verify the address, confirm it arrives, then send the rest. This habit prevents costly mistakes and confirms everything works correctly.