security best practices

Snow-Fall is designed to be non-custodial, but safe multisig operations also depend on user behavior.

Use this checklist before signing or broadcasting transactions.

Never share secrets

Never share:

  • seed phrases;
  • private keys;
  • hardware wallet recovery phrases;
  • wallet backup files;
  • remote access to a signing machine.
  • Snow-Fall never needs those secrets.

    Verify every transaction field

    Before signing, review:

  • chain name;
  • chain ID;
  • multisig address;
  • signer address;
  • action type;
  • recipient, validator, or proposal ID;
  • amount;
  • denom;
  • fee;
  • gas limit;
  • memo;
  • payload hash.
  • Use trusted communication channels

    When coordinating signatures, use known team channels.

    Confirm unusual requests through a second channel, especially for high-value transactions or urgent requests.

    Avoid pressure signing

    Do not sign because someone says it is urgent.

    A common attack pattern is to create pressure and reduce review time. Slow down, verify details, and ask another signer to review.

    Prefer hardware wallets

    When possible, use hardware wallets for signer accounts.

    Hardware wallets help keep private keys away from everyday computers and browsers.

    Separate signer roles

    Avoid having all signers controlled by the same person, same machine, or same browser profile.

    A multisig is strongest when signer access is separated.

    Review payload hash

    The payload hash helps verify that signers are approving the same transaction.

    If the payload hash changes unexpectedly, stop and investigate.

    Keep audit logs

    Audit logs help answer:

  • who created a transaction;
  • who signed;
  • when finalization happened;
  • when broadcast happened;
  • what failed.
  • Review audit logs after important operations.

    Test before large operations

    For a new multisig or new chain, make a small test transaction first.

    Stop when uncertain

    If a field is unclear, do not sign. Ask the team to verify the transaction details.