Through this article, we will try to better understand what is a Decentralized exchange, how they work, and learn to access them using Metamask/Trust Wallet.
What is a DEX?
A decentralized exchange is a platform where transactions occur directly between traders using an Automated Market Maker protocol. All transactions done on a DEX are made directly on the blockchain and are visible publicly. Popular examples of DEXs are Uniswap and SushiSwap which run on the Ethereum Blockchain.
DEXs fulfill one of the core utilities of cryptocurrencies where transactions occur directly between people. The transactions on a DEX are not facilitated by any banks, brokers, payment processing companies, or any other kind of intermediary. The biggest DEXs – Uniswap, Pancakeswap, and Sushiswap make up for the growing suite of Crypto services available directly from the wallets.
Volumes of trading on DEXs have been rising ever since 2020. $217 billion worth of assets were traded on DEXs in the first quarter of 2021. Many traders prefer using DEXs because of their no KYC requirements.
If you’re also planning to start trading on DEXs starting this year, then I have some tips to share with you all. Here are the Top 5 Tips to keep in mind while using a Decentralized Exchange.
1. Not your Keys, Not your Funds
While trading on a Decentralized exchange might sound fancy, it can get really bad when you lose your wallet keys. It isn’t that rare either these days where scammers are finding more & more clever ways to sneak around your wallets. Keys can get exposed through Phishing, Google Account hijacking, and compromising Browsers for example.
For starters, keeping your wallet seed phrase somewhere offline can be a good start. People take a screenshot or note down their wallet seed phrase on Google Drive, this must be avoided completely. Google accounts can be hijacked & phones can be compromised. If you own a self-custodial wallet, it is best to keep your keys somewhere safe, away from the Internet.
2. Avoid Clicking on links sent to Emails
Surely many of us have received a fake phishing email from scammers who often pose as support technicians. Not many days back, one of my friends got an email from someone claiming to be a support technician from Metamask.
Phishing emails are often narrated in a way to induce fear into the mind of the receiver. It can ask you to complete KYC or validate your account to avoid suspension. A simple way to look through this would be to cross-check the sender’s email address and common spelling, and grammatical errors in the email.
It is very rare almost unlikely for wallet providers like Metamask or Trust wallet to send a direct email to their users. That’s because none of them ask for user details like name or email address while signing up on their applications. Tricksters try to get their hands on your seed phrase to steal funds from your wallet.
3. Cross-checking the Website URL
This is another way by which scammers can get access to your wallet using search engine optimization and a fraudulent smart contract. Google is not just a search engine but also a big place for advertisers to bid for being ranked on the search results.
Fraudsters use Google Ads to rank their websites for specific keywords at the top of the search results page. These fake websites have domain names with minor changes in the URL which makes it hard for the average person to note at a glance. Behind these websites, scammers place a fake smart contract with some function to wipe out the funds from user wallets once they approve a transaction.
Domains can also get DNS hijacked by scammers to show a fake website which gets rarely noticed by the users who are scammed later on.
4. USE a Secure password to unlock your Metamask Wallet
Metamask once installed into the browser doesn’t ask for your seed phrase or private key repeatedly. Instead, to unlock your wallet after the initial setup, we’re asked to use a custom password. The wallet seed phrase is then stored inside our browser data files as an encrypted text using that custom password set by the user.
The exact path for the seed phrase in encrypted format for Windows users is
C:\Users\USER_NAME\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
If the password used for opening the Metamask wallet is easy to guess and some hacker gets a hand on your PC using a keylogger, it won’t take that long to break into your wallet. Hence using a password manager to unlock your wallet can be helpful. A combination of name, date of birth, and mobile number is too risky to use as a wallet password.
5. Don’t keep large sums in Metamask
Metamask is your wallet but not your bank account. Nobody would walk into a restaurant with $10,000 in their wallet. It might offend true crypto believers but keeping funds on a Hardware Wallet or a reputable big crypto exchange like Binance, Coinbase, and WazirX, for example, can reduce the risk of losing all your money.
Big exchanges like Binance have dedicated budgets for protecting users against future hacks. It’s the binance Secure Asset Fund for Users (SAFU) fund! Others have Insurance against hacks and robust security tools like multi-sig hardware wallets to store funds safely offline.
Ending Thoughts
DEXs have a lot of potential benefits like transparency, finding projects in their Infancy, and lower hacking risks compared to a centralized exchange but owning custodial wallets can be risky.
Potential downsides include trickier interfaces for newbies which is a big entry barrier for mass adoption of DEXs. Gas fees can also be a headache for new traders who’re starting with a smaller initial capital.
Impermanent losses can also trouble liquidity providers who aren’t familiar with how things work in Defi. It is caused by pairing a more volatile cryptocurrency with a less volatile one eg, stablecoin in a liquidity pool. (Key Takeaway here? Do your research).
Smart Contract vulnerability can also affect people using DEXs. A smart contract is only as secure as the code powering it. If the code underneath has exploitable bugs, hackers could steal all the funds kept inside liquidity pools. Just as a matter of fact, this isn’t uncommon either.
Thanks to Ethereum Push Notification Service
You may have already noticed that we don’t serve any ads on our website. That’s because of awesome projects like EPNS which help us sustain the website. If you don’t know about them already, it’s a decentralized Web 3.0-based notification platform. Unlike Android or iOS notifications, EPNS uses a decentralized approach to send alerts about your activities on DEXs and platforms like CoinDesk, MakerDAO, BTC Tracker, and more.
How to get started?
- Firstly, you’ll need to have a wallet like Metamask, WalletConnect, etc.
- You can then download the EPNS application from Play Store or App Store and sign up using the Wallet ID.
- If you’re like me, a Browser Extension must look like your favorite option.
- Go to the available notification channels.
- Click on “Opt-In” & Sign the popup. It’s free and doesn’t take any gas.
- That’s it.
The best part, EPNS is already working on a Wallet to Wallet messaging service. If you haven’t checked them already go now!
