Wallet choice is preferential, but MetaMask is a reliable, non-custodial wallet that’s suitable for all levels of crypto trader
Keeping your digital assets safe is no easy feat. From everyday phishing scams to full-scale exchange collapses, leaving your digital assets in the ether of computer code is something that should be done with the utmost care. Cold wallets (i.e. offline hardware wallets) such as Ledger are the most secure and reliable way to store your assets, but hot wallets nonetheless are a necessary tool for everyday trading and transactions.
The essential Ethereum and NFT wallet, MetaMask now has more than 21 million active monthly users and counting. It’s available both as a browser extension and as a mobile app, and it comes with everything you need to manage your digital assets including a key vault, secure login, token wallet, and token exchange.
But is it a safe choice?
Custodial v Non-Custodial Wallets
When you use a custodial wallet, your private key (and thus, access to your funds) is held by a third party. Common custodial wallets include centralised exchanges such as Binance, Coinbase, Kraken and FTX, all of which are (or were) a popular choice for users looking for an easy-to-use platform that comes without hefty transaction fees.
Although there are some advantages to using custodial wallets (such as free transactions and ease of account recovery), using them to hold substantial sums carries significant risk — illuminated no better than the dramatic collapse of FTX. In the event of a custodial wallet collapse, you will lose access to your funds entirely.
MetaMask is user-custodial.
As a non-custodial (or user-custodial) wallet, MetaMask does not keep any user data on its servers. To access your wallet, you’ll either have to enter your password or biometric information, and your account can only be restored using a unique 12-word seed phrase. Retaining close control over your private and public key is a rare privilege in an age where personal data is a prized commodity.
Using a non-custodial wallet such as MetaMask does however put the burden of account safety upon users. Once you have your seed or recovery phrase, it cannot be changed, reset or restored. If you forget it, there is no technical support there to help since there is no email address associated with your account.
MetaMask leads in privacy and anonymity.
While there was controversy in the news several months ago over ConsenSys (the parent company of MetaMask) storing the IP addresses of those who use Infura as a default remote procedure call (RPC), the wallet does not use this data in any capacity, as confirmed by co-founder, Dan Finley:
MetaMask remains a fully user-custodial wallet that gives its users complete control over their data and assets. In addition, for those who value their financial data privacy, MetaMask doesn’t implement KYC, meaning you can use the wallet without having to submit verifiable personal identification.
It is however important to keep in mind that there’s rarely such a thing as complete anonymity on blockchain. By nature, blockchain is a public ledger, which means every transaction and wallet ID is publicly verifiable. While MetaMask doesn’t keep your personal identity on record, you’ll want to make sure that your wallet ID isn’t linked with any of your social media handles.
The latest update: MetaMask 10.18.0
MetaMask was widely praised last year for its latest update which highlights any transaction that requests you to “set approval for all” for your wallet. When a “set approval for all” command is executed, smart contracts have permission to approve and transfer other tokens from your wallet at a later date, which is widely the cause of wallet draining scams.
The new update protects users against notorious wallet draining scams and puts an emphasis on transparency.
The final verdict
As a hot wallet, MetaMask is a fantastic choice for storing funds in a way that is accessible, secure and reliable. It hasn’t been subject to any major hacks, and the newest update means that you have some degree of protection against wallet draining scams, if you’re paying attention to the transaction. In addition to this, it has an extremely user-friendly interface, and the mobile app is very easy to engage with.
To maximise the security of your digital assets, you’ll want to take various steps to protect yourself, including investing in a cold wallet and practising general due diligence.
And, whatever you do, don’t forget that 12-word seed phase.