Unido was founded as a secure wallet, and is centred around our patented, multi-signature core. Security is in our DNA, and we welcome your questions and feedback.
Please find the answers to your frequently asked questions surrounding security below.
Why is my passphrase sent via email?
The passphrase (also known as the “Account Token”) is just one component of several that will be required in the event that you need to recover your account. It is not the secure component and if someone sees or has access to your passphrase, your account is not compromised.
On the other hand, the password (or Trade Key) you nominate when signing up for a Unido account is a secret and is the key to recovering your account. For security purposes, Unido will never email your trade password, nor does Unido save it or have access to it. You, the user, are the sole custodian of your password. We recommend being very careful about any backup you may keep of your password.
Note: many wallets (eg. Ledger, Metamask) use a “seed phrase”. Seed phrases that are used by these wallets are actually a derivative of the entire private key or key(s) for your account and is the sole item needed for recovery.
The security team at Unido regards this “seed phrase” approach to be relatively insecure, hence the Unido platform is designed with a token and password combination, along with extensive application and network security solutions.
What is my trade key?
Your trade key is your unique password to enter Unido, sign transactions, and approve other functionalities. Your trade key should be kept safe and private. No other person should have access to your trade key including us at Unido. When you are creating your trade key it is best practice to include uppercase letters, numbers, and special characters.
What is phishing and how do I prevent it?
Phishing is the fraudulent practice of sending emails or approaching you via online platforms purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and financial information. We recommend users never send out personal information such as your trade key, account token, or passphrase. People may try to approach you via DMs on Telegram, Discord, or other social platforms. Please note moderators will never send you a DM first. If you receive a DM asking for sensitive personal information on Telegram you should block the user.
What is multisig?
Multisig is simply a type of wallet that requires more than one signature — i.e., uses more than one private key to encrypt signature-related data. With single-signature wallets, a single digital signature that is generated by a wallet’s private key is enough to execute a transaction. With multisig wallets, multiple signatures (determined by the system) that are generated by multiple private keys are required to approve and/or execute transactions. This adds an additional layer of security to your funds.
How does Unido use Multisig?
Unido’s proprietary multi-sig key management technology is powered by Unido Core, a proprietary key management and transaction signing technology. It uses an innovative private key obfuscation algorithm that breaks up private keys and securely encrypts and shares the key with multiple users. This reduces the chances of the key being lost or stolen, and it allows multiple members of a wallet or account to approve or refuse transactions, as needed. Unido’s fragmented key signing engine brings unmatched security to a growing marketplace that currently does not have the enterprise-grade security demanded by clients.
For maximum account security we recommed adding more members and signers to your wallets