Blockchain Wallet Safety Patterns

Reference implementation demonstrating how to build blockchain interfaces that protect users from catastrophic, irreversible losses.

Why This Exists

A wallet should never delete the active seed phrase without a confirmation without express user intent.

A notification about a "Genesis token" was clicked
The flow silently deleted the active seed phrase
No balance detection or explicit warning was shown
Funds became permanently inaccessible

These patterns demonstrate how to prevent such disasters.

Core Safety Principle

The app NEVER sees or touches seed phrases or private keys.

Wallet adapters delegate signing to the user's wallet (browser extension, hardware, mobile app). The app only knows public keys and can only REQUEST signatures.

Wallet Connection (Safe Pattern)

Click "Select Wallet" to connect. Your private keys remain in your wallet - this app only receives your public key.

Connection Patterns

Complete

Safe wallet connection without key exposure. Proper state management and disconnection flows.

View Pattern →

Transaction Safety

Complete

Simulate transactions before signing. Show users exactly what will happen to their balances.

View Pattern →

Destructive Operations

Complete

Nuclear warnings with multi-step confirmation for any action that could cause irreversible harm.

View Pattern →

Balance Guard

Complete

Check for assets before destructive operations. Block or warn when funds are at risk.

View Pattern →

Asset Handling

Complete

Correct patterns for NFT/token operations. Asset operations NEVER trigger key lifecycle changes.

View Pattern →

Critical Safety Rules

!
Notifications should NEVER trigger key lifecycle operations
Clicking a notification about an NFT/token should only open a view screen, never modify wallet state.
!
Balance detection is mandatory before destructive actions
Any operation that could strand funds must first check if the affected addresses have non-zero balances.
!
One-way decisions need nuclear-level warnings
Multi-step confirmation: show what's at risk, require typed phrase, add countdown before action.
!
Asset operations ≠ Key operations
Genesis, NFTs, tokens are just assets. Transferring them should NEVER delete or modify seed phrases.

Why This Exists

A wallet should never delete the active seed phrase without a confirmation without express user intent.

A notification about a "Genesis token" was clicked

The flow silently deleted the active seed phrase

No balance detection or explicit warning was shown

Funds became permanently inaccessible

These patterns demonstrate how to prevent such disasters.

Critical Safety Rules

Notifications should NEVER trigger key lifecycle operations

Clicking a notification about an NFT/token should only open a view screen, never modify wallet state.

Balance detection is mandatory before destructive actions

Any operation that could strand funds must first check if the affected addresses have non-zero balances.

One-way decisions need nuclear-level warnings

Multi-step confirmation: show what's at risk, require typed phrase, add countdown before action.

Asset operations ≠ Key operations

Genesis, NFTs, tokens are just assets. Transferring them should NEVER delete or modify seed phrases.