Security Practices

While Brava incorporates robust security measures—including our self-custodial infrastructure built on Safe and comprehensive Nexus Mutual cover—your personal security practices are equally critical for protecting your assets.

Essential Security Measures

Wallet Security

• Never share your private keys or recovery phrases with anyone, including Brava team members

• Store recovery phrases offline in multiple secure locations

• Use hardware wallets (Ledger, Trezor) for managing larger positions

• Enable biometric authentication and additional security features in your wallet

Phishing Prevention

• Verify our URL: Always use https://app.brava.xyz (bookmark it!)

• Be alert for red flags: Brava will never ask for your private keys, recovery phrase, or passwords

• Beware of urgency: Legitimate platforms don't create artificial time pressure for "security" actions

Transaction Safety

• Double-check before confirming: Verify recipient addresses, amounts, and contract interactions

• Send test transactions for significant transfers

• Review and limit token approvals: Use tools like Revoke.cash to manage permissions

• Verify on hardware devices: Always confirm transaction details on your hardware wallet's screen

Secure Access

• Keep software updated: Regularly update your operating system and browsers

• Use trusted devices and networks: Avoid public Wi-Fi and computers for DeFi activities

• Consider multi-signature setup: Brava's Safe infrastructure supports multi-sig for enhanced security

If You Suspect a Security Issue

1. Move remaining funds to a new, secure wallet created on a trusted device

2. Contact our support team immediately (but never share private keys)

3. Document the incident including suspicious transactions and communications

Quick Security Checklist

✅ Hardware wallet for large positions

✅ Recovery phrase stored securely offline

✅ Official website bookmarked

✅ Regular approval revocations

✅ Software and devices updated

✅ Transaction verification habit

Remember: Your security practices are the strongest defense against potential threats.

For more detailed security resources, visit CryptoScamDB, Ethereum Phishing Detector, or Web3 Security Resources.