Did you start messing around with crytpo on a hot wallet and before you knew it had a not immaterial amount of money on it?
Then did you see a string of posts about MetaMask hacks on twitter? Maybe a BowTiedIguana wrote a post that made you realize that little Fox extension isn’t actually safe?
Did you panic as you thought about how painful it was going to be to send your 20 different ponzu coins from MetaMask to your cold wallet? Especially as you looked at gas and unrealized gains…(LOL you know its all losses, but we can hope)…
Well, this F’er definitely did not have that experience at all, but if he hypothetically did, there is a way to migrate your wallet to ledger without needing to make any trades.
Now this isn’t a “separate virgin PC you built from scratch”-type security. But at least it is one additional layer of security on top of the hot wallet extension.
I know all the Giga-Brained, Diamond-Handed Chads who are reading this also definitely don’t have a bunch of coins sitting out there barely protected on MetaMask. But if one of you did in theory, here are the steps you could follow
Why is MetaMask Not Secure Enough?
For a longer exploration of the safety of MetaMask, you can check the post on how safe & secure MetaMask is. (Spoiler – it isn’t very safe or secure).
In summary, while MetaMask’s code may never have been hacked, there is still major concerns with the security due to:
- Malware on your computer that were picked up from other sites
- Phishing attempts
- Storing your secret phrase on the device attached to the internet
- Inability to stop transactions with a device in your control
What Are the Benefits of Cold Wallet / Hardware Wallet?
First, and most important, you generate your secret phrase completely separate from an internet connected device. Hopefully by this point, you know that your 12 or 24-word secret phrase will let anyone literally recreate your wallet anywhere and have full control of it. Anything accessible by the internet can be hacked.
The other big benefit of using a hardware wallet with your MetaMask is it allows you to manually approve transactions with your hardware device. If someone is able to gain access to your MetaMask and initiate a transaction, they won’t be able to approve it without your hardware wallet.
This is particularly helpful in preventing your wallet from getting completely drained.
Is Your Migrated Wallet Now Safe?
It is safer for sure. But note since your original seed was created on MetaMask and was connected to the internet for even some amount of time, this is still less ideal.
Starting a brand new wallet with a new hardware device and sending the coins to that new account is still a better solution. However, there are reasons why that isn’t always feasible. For instance:
- Taxes – sending coins from one wallet to another is a taxable event. If you are sitting on large gains you may not want to realize them all
- Staking/Locked-up periods – may make it impossible to move a token
- Being eligible for airdrops – you may impact your eligibility for an airdrop
- Gas – if you have a lot of tokens you may not want to incur all the gas fees making the transactions to send them to a new wallet
Migrating definitely helps improve your security so if any of the above reasons may apply to you, migrating may be a good enough choice for the time being.
12-Word Seed Phrase vs 24-Word Seed Phrase
Migrating your MetaMask to a Ledger leaves you with your 12-word MetaMask seed. Full disclosure, in case that is a deal breaker for you.
Now a 12-word seed phrase is supposedly more than sufficient for the time being. However, it is magnitudes less secure than a 24-word seed phrase, which may be important with the oncoming Quantum Computers.
Quantum Computing and a 12-Word Seed
All I know about quantum computing is it will be really really fast.
Like it may be able to solve a 12-word seed phrase through brute force. The crypto security community’s answer has always been “well then we can just change all seeds to more words to stay ahead of technology”.
Therefore, in some hypothetical future where quantum computing exists MetaMask changes its 12-word seeds to 24-words. I honestly don’t know what this means for your migrated wallet. Just full disclosure.
It isn’t a MetaMask wallet, so I’d imagine any updates they push wouldn’t apply.
Ledger/Trezor already has a 24-word seed so they wouldn’t do any updates.
Your migrated wallet may be orphaned in this scenario.
Personally, it isn’t a huge concern. But it is something that I have pondered and have not found an answer anywhere. Therefore, if in 3 years you are forced to make a bunch of swaps to a new wallet because quantum computing makes your 12-word inadequate, you can’t say I didn’t mention it.
How do You Migrate from MetaMask to Ledger?
In short, you will be importing your seed phrase from MetaMask onto a new cold wallet and then removing the MetaMask extension to wipe the seed phrase from your computer. Then you reinstall a new MetaMask extension and link your cold wallet with the new MetaMask.
The process is very similar for both Ledger and Trezor.
In more details the steps are:
Loading Current MetaMask Wallet onto Cold Wallet
1.Set up your new hardware device, but instead of creating a new seed phrase, you will import/load/Restore an existing seed phrase.
2. Hopefully, you have your MetaMask secret phrase written down on paper. If not you can access it in the main menu by clicking the colorful circle to bring up the menu and then going to “settings” -> “security & privacy” and revealing the secret phrase.
3. You will still have to set up the pin to access the hardware device
4. The last step will be importing all your accounts so they will show.
At this point, you have loaded your MetaMask wallet address onto your hardware device. You should be able to see all your Ethereum-based accounts and tokens.
Removing All Traces of Current MetaMask Wallet
Now that you have your hardware wallet set-up and existing seed phrase imported, you need to wipe the current MetaMask off your computer. This should remove the 12-word seed from your computer permanently.
To reiterate, there was a nonzero amount of time that the 12-word seed was potentially exposed to the internet. If your seed was compromised previously, moving to a hardware wallet won’t make it safe all of a sudden.
Additionally, if you don’t remove the seed from your current computer / MetaMask, you are no safer, so you can’t skip these next steps.
How to delete your MetaMask:
1.You have your secret phrase written down right?
2. If you right-click on your MetaMask icon, you should get the option to “remove from [browser]”. Just click to remove it and follow the prompts. Since your account is stored on the blockchain, you aren’t deleting any account, just severing the connection between the account and your browser extension. Do this for all browsers your MetaMask is on if you use more than 1 browser.
3. Run virus scanners and reboot your computer
4. Go to the official MetaMask site, metamask.io, and download a new browser extension. Make sure you go to the official MetaMask site as there is a lot of scam sites that come up in search results.
5. Set up a NEW MetaMask, do NOT use an existing seed phrase as the entire point is to not have your seed phrase on the computer.
You now have a new MetaMask with a dummy seed phrase. You should still write down the seed phrase though.
How to Connect Your Hardware Wallet to MetaMask
We are almost done. Last step is connecting your Hardware Wallet to MetaMask in order to use MetaMask to make transactions.
1. Open MetaMask and under “advanced settings” make sure that you allow access to Ledger or Trezor.
2. Click on the Menu button again and select to “Connect Hardware Wallet” and select your device
3. You will need to tell MetaMask to use the BIP44 protocol in order to have all your accounts load. Then you select the accounts with Ethereum in there.
4. When you open your menu button, you will now see multiple accounts listed there. Account 1 is the dummy account you created with the MetaMask, and there should be accounts listed as “Ledger” or “Trezor” and a number.
Congratulations, you have successfully migrated your MetaMask to a hardware wallet.
You will have all the same ability as you had previously with your MetaMask, however now you will need to approve any transaction on your hardware wallet. This means your hardware wallet will need to be plugged in for all your transactions as an extra precaution.
The process of migrating your MetaMask to a hardware wallet is fairly straightforward to do. If you are a visual person who wants to watch someone else do it first, there are videos of people showing the process.
This may not be ideal, but it is a vast improvement over having the low security of a hot wallet.