Millions of dollars in crypto are lost daily due to targeted scams. With the increasing sophistication of cybercriminals, even the most cautious users can find themselves vulnerable. In a landscape where security is paramount, protecting your digital assets has never been more critical. This is where MultiversX’s Guardians feature steps in—a revolutionary on-chain 2FA mechanism designed to give you precious peace of mind in this ever-evolving crypto world.

What is a Guardian?

Guardians are the first on-chain two-factor authentication (2FA) mechanism in the crypto space, designed to add an additional layer of enhanced security to your wallet. In essence, a Guardian acts as a protective overseer of your account, ensuring that even if someone gains access to your seed phrase, they cannot move your funds without your knowledge and approval. For a quick video overview of the Guardian feature, click here.

How does the Guardian feature work?

When you activate a Guardian on your MultiversX account, you introduce an additional checkpoint (in the form of a 2FA code or an additional signature) that needs to be cleared before any changes—or transactions—can be made on your account. 

This means that even if someone gains unauthorized access to your account, they won't be able to process transactions without this crucial second step of verification.

If an unauthorized party attempts to disable the Guardian, this triggers a 20-day cooldown period necessary before the request can be completed. This delay is a critical security feature designed to give you ample time to react. During this period, you can take two key actions to secure your assets:

1. Cancel the Request: You can immediately cancel the unauthorized request to disable the Guardian, thereby maintaining the security of your account.
2. Move Your Funds: If you suspect that your account has been compromised, this 20-day window allows you to transfer your funds to a different wallet, ensuring they remain out of reach from potential attackers.

‍The two Guardians

1. 2FA Guardian: The additional signature required comes from a 2FA code provided by an authenticator app. This setup ensures that you’re always aware and can authorize any actions involving your account. 

The 2FA Guardian feature is device-agnostic and works seamlessly with any TOTP app, such as Google Authenticator, Authy, or Microsoft Authenticator, offering flexibility across multiple platforms, including Android, iOS, Windows, and Linux.

2. Invisible Guardian: For those who prefer a ‘stealthier’ approach, the Invisible Guardian is encrypted and stored locally on your mobile device, silently co-signing every transaction without the need to insert a code. This offers the fastest and most convenient way to safeguard your assets, blending security with seamless user experience.

Why you need a Guardian

Phishing scams are one of the most prevalent and dangerous threats in the crypto world. No matter how careful you are, it only takes a second of lost focus to fall victim to a cleverly disguised trap. Mistakes can happen to anyone, and the consequences can be devastating.

Fraudsters can pose as trusted individuals, support staff or even executives, tricking you into revealing sensitive information. You might receive links to websites that look identical to legitimate crypto services or notifications claiming you’ve won prizes in lotteries you never entered, and, to claim them, you need to "validate your account”. 

Scams come in all shapes and sizes, but, to tilt the scales on the user’s side, Guardians serve as a fail-safe against these types of attacks. Even if you fall for a phishing scam and your seed phrase is compromised, the Guardian will prevent any unauthorized transactions, giving you ample time to react and prevent loss of funds.

Battle-tested security

To ensure the robustness of this feature, MultiversX battle-tested Guardians in the Great Heist Competition, offering $20,000 in incentives to anyone who could drain a guarded wallet. Despite the high stakes, the funds never left the wallet, proving the feature’s effectiveness.

A secondary community-driven initiative, known as EGLDHeist, has seen community members voluntarily send funds to a Guardian-protected wallet and leak the seed phrase to the public. Even with the seed phrase publicly available, no one was able to drain the wallet. This demonstration further emphasized the robustness and safety the Guardian feature provides.

How to enable a Guardian

To fully leverage the powerful security that the Guardian feature offers, it’s essential to understand how to activate, disable or change a Guardian on your MultiversX account. Here is a detailed guide to help you manage Guardians effectively.

From safe, to safeguarded, to unhackable

The latest release of the Multi Factor Authentication service brings a new security mode that requires a second 2FA code is provided whenever the wallet receives multiple incorrect inputs.

When this happens, the wallet enters an enhanced protection state for 24 hours. In this period, the user will be required to enter 2 consecutive codes, an improvement that reduces the chances of funds being drained to virtually 0 (0.0000000001% for each try).

Final thoughts

In a world where crypto theft is a daily norm, protecting your assets should be a top priority. The Guardians feature offers an innovative and robust solution, combining ease of use with powerful security mechanisms. Whether you choose the 2FA Guardian or its invisible cousin, this on-chain 2FA is your best line of defense against the ever-present dangers in the crypto space. Don’t wait until it’s too late—activate a Guardian today and ensure the safety of your assets.

‍