Withdrawal Security / Authentication

I currently use a hardware wallet to store my crypto and I’m obviously quite nervous about storing it any other way.

Obviously I have the option of storing the majority of my holdings on my hardware wallet and using my Nash account as a sort of trading/hot wallet. The only problem is that my nex needs to stay on my Nash account for staking which, as I accumulate more nex, i start to worry about the security.

When I stored quite a lot of btc of Huobi they had a number of layers of protects that almost seemed over the top.
To withdraw crypto, it will possible to set the authentication requirements to:

  • enter the 2FA code, and
  • enter an emailed code and
  • enter a SMS code.

I set it to this ridiculous level. It was painful to withdraw funds but I felt as safe as I possibly could that a phishing attacker couldn’t get my btc. It felt almost as good as a hardware wallet (except, of course, for the risk of the whole exchange getting hacked).

I can see the 2FA is available on the site. Also I appreciate the limitations that exist with Nash being a DEX and that all these authentications might not be technologically possible. I just wanted to say, if it is possible, as a long term option to implement, that as many authentication options as possible would be fanstastic and at least two (2FA +’email code) or (2FA + sms) would be great (if possible) - although I’m awarene of the epic problem this might present and might not be technologically possible.

Last but not least. Given the prevalence of the ability of sophisticated hacking to steal just about anything these days, and the extreme potential value of the IP of the Nash processes and systems, is Nash confident they are well protected.

The reason I ask is because, given the amount of money made from excahnges these days, and the significant competitive advantage Nash might have over its competitors from its proprietary technology, there would be huge incentive for competitors to use underhanded tactics to obtain it by any means.

Hey, we’re definitely conscious of concerns such as these. Thanks for bringing them up!

I just wanted to highlight one thing:

(except, of course, for the risk of the whole exchange getting hacked).

This is a non-issue for us, as the exchange is never aware of your private keys. At any given point.