CertiK Logo
CertiK Logo
Products
Company
incident-response
Back to all stories
Blogs
Spooky Stories From the Crypt
10/31/2022

The world of crypto can be a creepy place. Wide-eyed zombies spend sleepless nights under the full moon watching charts tick ever-forward, reading the tea leaves and trying to predict the future. Vampires lurk around every corner, promising untold riches to unsuspecting newcomers who are lucky to walk away with just their wallets drained. And werewolves pose as friends on Discord, waiting for just the right moment to shift into their true form and steal your monkey JPEG.

When it comes to security, a clove of garlic and a wooden stake won’t cut it. If you’re going to navigate the Web3 wilderness, you need to arm yourself with the most powerful tool of all: knowledge.

So, in the spirit of Halloween, let’s take a look at some of the scariest stories from the crypt(o).

Spooky Stories From the Crypt

The Lost Password

You’ve scrimped and saved, and done all your due diligence. You’ve invested in quality projects and you’re comfortable holding your tokens through the ups and down, come what may. You don’t even check your portfolio that often, you’re living life.

You smile to yourself on the days when number go up, and on the days it goes down you reassure yourself that you’re in it for the long haul. Eventually, the day finally comes. You’re rich, you’ve made it. You dig through the drawers and blow the dust off your old hardware wallet. You go to type in your password. But your mind goes blank. What is it? There’s nothing between you and your tokens except the combination of numbers that you can’t for the life of you remember. You didn’t write it down, that would defeat the whole purpose of secure self custody. You trusted yourself to remember a handful of digits.

No matter, you know you can always restore from your seed phrase. But suddenly, your heart starts racing. You’d looked into those stainless steel wallet backups. Pretty cool, but kind of overkill, you’d thought at the time. You’d researched Shamir's Secret Sharing and tried to wrap your head around the cryptography. You’d even thought about renting a safe deposit box and storing your seed phrase there. But somehow, you’d never got around to any of it.

You did nearly everything right. But you only wrote down your seed phrase on the little card that came with the hardware wallet, and now it’s nowhere to be found. Where could it be? Where could it have gone? Did I accidentally throw it out?

The number on the screen goes up, but now it no longer feels good at all. It’s like the world is laughing in your face, a twisted witch’s horrible cackle. All because of that one mistake, you’re doomed to be a haunted being, a tortured soul, scouring trash heaps for eternity, looking for the slip of paper you threw out.

Just like you wouldn’t store all your Halloween candy somewhere a nosy sibling could steal it all, you should take care to backup your seed phrase securely. Do it as a favor to your future self.

The Offer That’s Too Good to Be True

It seems like a great deal. All you have to do is spend one night in a recently-deceased relative’s big old mansion and it’s yours to keep. Only problem is: it’s haunted. Evil forces are at work, hidden behind the walls and down deep, twisting staircases. You know they’re there, you just can’t see them.

It always pays to read the fine print. While you might not get any offers of old Transylvanian castles, any crypto user is likely to come across deals that seem too good to be true. And almost all of the time, they are. Whether it’s a phishing email that’s offering a $500 reward if you’ll just enter your seed phrase into this totally legit and definitely not fake Metamask clone, or the allure of a brand new yield farm that’s offering guaranteed returns of 10% per day, there’s always someone out there who’s trying to take advantage of you. It’s smart to be skeptical. Don’t believe every story you hear.

The Rugpull

One of the classic crypto horror stories. A tale as old as time, or at least as old as humans have been trading with each other. The Web3 version goes a little something like this. You’ve been staking your crypto in this protocols for weeks. You pride yourself on how early you were, you’re beating the rest of the market. You’re a genius. The yield keeps going up and up, and you’re making a killing. You’re convinced that this is the one, the DeFi protocol to end all DeFi protocols. You’re going to retire off the yield, your children’s children’s children will look up at the sky above their yacht and thank you for getting into such a world-changing protocol so early.

And then, without any warning, the team pulls the rug out from under you. It’s all gone. The token goes to zero, your portfolio crashes. Your dreams of dynastic wealth built on the promise of perpetual gains vanish into thin air.

Now you understand why the protocol was never audited, why the team was so adamant about not being doxxed, why no one could tell you what the actual product was. Because there never was a product. It was all too good to be true.

The beauty of Web3 lies in its freedom, but freedom goes both ways. You’re free to make your own choices, and free to make your own mistakes. Never risk more than you can afford to lose, and learn from the mistakes you do make to ensure they don’t happen again.

Even on the spookiest day of the year, CertiK is working around the clock to secure the Web3 world. Our suite of pre-deployment auditing and on-chain security monitoring tools protect users and protocols alike, giving you the reassurance you need to step away from the computer and celebrate today in peace.

Happy Halloween from CertiK!