What Are Address Poisoning Attacks and How Can You Protect Yourself?

Address poisoning is a scam where attackers create lookalike addresses to trick users into sending funds to the wrong address, often mimicking a legitimate one.

Address Verification confirms the receiving address shown on a hardware wallet's screen matches the one on the computer or app, preventing malware from altering it.

Anti-Klepto Protocol is a blockchain security mechanism that prevents unauthorized data exfiltration by verifying nonces to ensure transaction authenticity and integrity.

App Isolation confines each cryptocurrency app on a hardware wallet to its own secure environment, preventing vulnerabilities in one app from affecting others.

Auto-Wipe is a security feature that automatically erases a device's data after a set number of failed login attempts, protecting sensitive information in cryptocurrency hardware wallets.

Blind signing is the process of signing a transaction without viewing its contents, typically used in hardware wallets for enhanced security.

Clear Signing is a process in blockchain where transaction data is displayed in human-readable form before being signed, ensuring transparency and preventing blind signing risks.

Clipboard hijacking is a malware attack that monitors the clipboard and swaps a user's copied cryptocurrency wallet address with the attacker's address, diverting funds.

Crypto custody is the secure storage and management of cryptocurrency private keys, often provided by specialized custodial services.

Crypto insurance protects cryptocurrency holdings from risks like theft, hacks, and loss through specialized policies offered by insurers.

Crypto Security refers to practices, tools, and protocols that protect cryptocurrencies, private keys, wallets, and blockchain networks from theft, hacks, and unauthorized access.

Downgrade protection prevents blockchain nodes from accepting blocks from older protocol versions, blocking rollbacks to vulnerable states via version checks.

A dust attack sends tiny cryptocurrency amounts (dust) to many wallet addresses to track spending patterns and de-anonymize users on the blockchain.

EAL Certification (Evaluation Assurance Level) from Common Criteria rates the security of hardware components, like secure chips in crypto hardware wallets. Higher levels, such as EAL5+ or EAL6+, indicate stronger resistance to attacks.

Encrypted communication in cryptocurrency and blockchain secures data transmission between wallets, nodes, or users using encryption techniques like end-to-end encryption, preventing unauthorized access.

Entropy is the randomness used to generate secure cryptographic keys or seeds in blockchain and cryptocurrency systems.

An evil maid attack is a physical security threat where an attacker gains temporary unsupervised access to a hardware wallet to tamper with it, install malicious firmware, or extract private keys.

Firmware Attestation is the process of verifying the authenticity of a device's firmware to ensure it has not been tampered with, commonly used in hardware wallets for security.

Firmware Trust Model describes the trust level users place in a hardware wallet's firmware, from fully relying on the vendor (vendor-only trust) to independently verifying it (user verification).

Hologram security refers to tamper-evident holographic seals used to verify the authenticity of hardware wallets and other crypto-related products, preventing counterfeiting.

Inheritance planning in cryptocurrency ensures heirs access digital assets after death. It uses tools like dead man's switches or multi-signature wallets to securely share private keys.

A Key Ceremony is a secure, multi-person process to generate and distribute cryptographic keys for blockchain systems.

A Man-in-the-Middle (MITM) attack occurs when an attacker secretly intercepts and alters communication between a user and a blockchain service, such as changing wallet addresses during transactions.

A metal backup is a durable metal plate or device engraved with a cryptocurrency wallet's seed phrase, providing fireproof and waterproof protection for offline key storage.

Non-extractable keys are private keys generated and stored within a hardware wallet that users cannot export or remove, protecting them from malware or physical attacks.

Open Source Firmware refers to firmware in hardware devices, like wallets, where the source code is publicly available, allowing transparency, auditability, and customization.

Operational Security (OpSec) refers to practices that protect sensitive information in cryptocurrency and blockchain activities, minimizing risks of hacking or theft through careful management of data.

Passkeys are a form of passwordless authentication using cryptographic keys for secure, phishing-resistant logins in blockchain and crypto applications.

A phishing attack tricks crypto users into revealing private keys, seed phrases, or login details via fake emails, websites, or messages mimicking legitimate wallets or exchanges.

Proof of Reserves (PoR) is a method for crypto platforms to verify they hold enough assets to cover user deposits.

A Randomized Keypad is a security feature used in hardware wallets where the PIN layout is shuffled each time, preventing PIN theft via keylogging or visual observation.

A Random Number Generator (RNG) produces unpredictable numbers essential for cryptographic security in blockchain, such as generating private keys and nonces.

Remote Key Extraction is a vulnerability where attackers steal private keys from hardware wallets remotely via exploits, without physical access.

A replay attack occurs when an attacker captures a valid blockchain transaction and rebroadcasts it to execute multiple times, often exploiting chain forks for double-spending.

Reproducible Builds refer to the process where the same source code consistently produces identical binary outputs, ensuring verifiable and trustworthy software in blockchain and crypto projects.

A rug pull is a cryptocurrency scam where project developers hype a token or DeFi project, attract investors, then abruptly withdraw liquidity or dump holdings, crashing the price and fleeing with funds.

Secure Boot is a security feature that ensures only trusted software runs on a device by verifying its integrity during startup, preventing unauthorized code execution in crypto systems.

A security audit is an independent review of blockchain code or smart contracts by experts to identify vulnerabilities and ensure robustness.

Self-Sovereign Identity (SSI) is a blockchain-based identity system where users control and share their personal data without relying on central authorities.

Shamir Secret Sharing (SSS) divides a secret, like a crypto wallet seed, into multiple shares. A threshold number of shares reconstructs it, enhancing security as in SLIP-39 backups.

A side-channel attack in cryptocurrency and blockchain targets indirect information, like power usage or timing, to extract sensitive data from a system or device.

Tamper-Evident Design refers to features on hardware devices that visibly show if they have been altered, ensuring the integrity and security of blockchain assets or data.

A Threshold Signature Scheme (TSS) splits a private key among multiple parties, allowing them to jointly sign transactions without exposing the full key.

Tor Support enables cryptocurrency wallets and services to route connections through the Tor network, masking IP addresses to enhance user privacy.

Two-Factor Authentication (2FA) secures cryptocurrency accounts and wallets by requiring two verification methods, such as a password plus a code from an authenticator app.

Account Abstraction lets smart contracts control accounts, enabling flexible transaction rules and gas payment options beyond standard wallets.

An AMM (Automated Market Maker) is a decentralized protocol that allows users to trade assets without a central order book, using liquidity pools to facilitate transactions.

APR (Annual Percentage Rate) measures the simple annualized return on cryptocurrency investments, such as staking or lending in DeFi, without compounding.

APY stands for Annual Percentage Yield. It measures the annualized return on crypto investments like staking or lending, accounting for compounding interest.

Arbitrum is an Ethereum layer 2 scaling solution using optimistic rollups for faster, cheaper transactions while inheriting Ethereum's security.

Avalanche (AVAX) is a scalable layer-1 blockchain platform that achieves high throughput and sub-second transaction finality using its novel proof-of-stake consensus.

Base is an Ethereum Layer 2 network developed by Coinbase. It uses optimistic rollups for scalable, low-cost transactions.

BIP32 is a Bitcoin Improvement Proposal defining a standard for hierarchical deterministic (HD) wallets, allowing the generation of a tree of keys from a single seed phrase.

BIP44 is a standard for deriving cryptocurrency wallet keys using a hierarchical structure, allowing for multiple accounts and addresses within a single wallet.

BIP85 is a Bitcoin Improvement Proposal for generating child seeds from a master seed, providing deterministic entropy for use in secure key derivation and backup processes.

Bitcoin (BTC) is the first decentralized cryptocurrency, launched in 2009. It uses blockchain technology for secure, peer-to-peer digital transactions without intermediaries.

Bitcoin Ordinals are unique digital inscriptions on individual satoshis, enabling NFT-like assets directly on the Bitcoin blockchain.

Bitcoin Runes are tokens created on Bitcoin using the Runes protocol, enabling fungible and collectible assets directly on the Bitcoin network.

A blob is a large binary data object used in Ethereum upgrades like EIP-4844 to store transaction data off-chain for efficiency.

A block confirmation is the process of verifying a new block in the blockchain network, confirming its validity and preventing double-spending or fraud.

Block height refers to the number of blocks in a blockchain, starting from the first block (genesis block). It is also known as the block number and indicates the position of a block in the chain.

Block time is the average time it takes for a new block to be added to a blockchain, typically measured in seconds or minutes. It determines the speed of block generation.

BNB Chain is a high-performance blockchain network developed by Binance, formerly Binance Smart Chain (BSC). It supports smart contracts, DeFi, and uses BNB as its native token.

BRC-20 is a token standard on Bitcoin, enabling the creation and transfer of fungible tokens using the Ordinals protocol, allowing tokenization on the Bitcoin blockchain.

A bridge in blockchain allows assets or data to move between different blockchains, enabling interoperability between otherwise separate networks.

Cardano is a proof-of-stake blockchain platform that prioritizes research-driven development, scalability, and sustainability. Its native cryptocurrency is ADA.

Cold staking lets users earn staking rewards on proof-of-stake cryptocurrencies while keeping private keys offline, often via hardware wallets, for enhanced security.

A consensus mechanism is a protocol that enables blockchain networks to agree on valid transactions and the ledger's state without a central authority.

Cosmos is a blockchain ecosystem enabling interoperable chains via the Cosmos SDK and IBC protocol. The Cosmos Hub serves as its central chain with the ATOM token.

A DAO (Decentralized Autonomous Organization) is a blockchain-based entity governed by smart contracts and token holder votes, enabling decentralized decision-making without central authority.

Data Availability in blockchain ensures that transaction and block data are accessible to all network participants, enabling verification and consensus.

Decentralization spreads control and data across many independent nodes in a blockchain network, eliminating reliance on a single authority.

DeFi (Decentralized Finance) refers to a set of financial services, such as lending and trading, built on blockchain technology without traditional intermediaries like banks.

DePIN refers to decentralized physical infrastructure networks, where blockchain technology powers and incentivizes the ownership and operation of physical assets or infrastructure.

A derivation path is a string of indices (e.g., m/44'/0'/0'/0) that specifies how to derive specific keys and addresses from a hierarchical deterministic (HD) wallet's master seed.

A digital signature is a cryptographic method that uses a private key to sign blockchain transactions, verifiable with the public key to prove authenticity and prevent tampering.

Dogecoin (DOGE) is a cryptocurrency launched in 2013 as a joke based on the Doge meme. It uses proof-of-work on a Litecoin fork with unlimited supply.

An elliptic curve is a mathematical curve used in elliptic curve cryptography (ECC) for generating secure public-private key pairs in blockchains, like secp256k1 in Bitcoin.

ENS (Ethereum Name Service) is a decentralized domain name system on the Ethereum blockchain, allowing users to register human-readable .eth domain names for wallet addresses and more.

ERC-20 Token is a fungible token standard on the Ethereum blockchain. It defines rules for creating, transferring, and managing tokens uniformly.

A flash loan attack exploits uncollateralized flash loans in DeFi to manipulate prices or drain funds within a single blockchain transaction that must repay the loan or revert.

A fork is a blockchain split into two chains due to protocol changes or disagreements. Hard forks create permanent divergences; soft forks are backward-compatible.

A Full Node is a computer that stores the entire blockchain and verifies all transactions, ensuring network security and consistency in cryptocurrency systems like Bitcoin.

The Genesis Block is the first block in a blockchain, marking the start of the blockchain's history. It is hardcoded and has no predecessor.

A governance token grants holders voting rights in DAOs or blockchain protocols, allowing them to influence decisions like upgrades or fund allocation.

Halving is a Bitcoin protocol event that cuts the block reward for miners in half every 210,000 blocks, roughly every four years, to control the supply of new bitcoins.

Hash rate measures the computational power of a miner or network in cryptocurrency mining, expressed as hashes per second (H/s). Higher rates increase block-solving chances.

IDO (Initial DEX Offering) is a fundraising method where crypto projects launch new tokens directly on decentralized exchanges (DEXs), bypassing centralized platforms.

Impermanent loss happens when asset prices in a liquidity pool diverge from external markets, reducing the value of liquidity providers' holdings compared to simply holding the assets.

Intent-Based Trading lets users express trade goals instead of exact orders, which blockchain solvers match and execute automatically.

Interoperability in blockchain refers to the ability of different blockchain networks to communicate and exchange data or value seamlessly, enabling cross-chain functionality.

Key derivation generates cryptographic keys from a password or seed using functions like PBKDF2 (a KDF) to slow brute-force attacks and enhance security in wallets.

Layer 2 refers to blockchain solutions built on top of a base blockchain (Layer 1) to improve scalability and transaction speed, often using methods like rollups.

A lending protocol is a DeFi smart contract platform on blockchain where users lend crypto to earn interest and borrow assets using collateral.

The Lightning Network is a Layer 2 solution for Bitcoin that enables faster, cheaper transactions by creating off-chain payment channels between users.

A liquidity pool is a smart contract holding paired cryptocurrency reserves. It powers decentralized trading on AMMs like Uniswap by enabling automated swaps.

Liquid staking lets users stake crypto assets to secure a network and receive a liquid derivative token, like stETH from Lido, usable in DeFi while earning rewards.

Litecoin (LTC) is a peer-to-peer cryptocurrency forked from Bitcoin in 2011, offering faster block times (2.5 minutes) and using the Scrypt hashing algorithm.

Mainnet is the primary blockchain network where actual transactions occur, as opposed to testnets. It represents the live, functioning version of a blockchain.

Mempool, short for memory pool, is a node's temporary storage for unconfirmed cryptocurrency transactions awaiting validation and inclusion in a blockchain block.

A Merkle Tree is a binary tree structure used in blockchain to efficiently verify data integrity, where each leaf node is a hash of data and non-leaf nodes are hashes of child nodes.

MEV (Maximal Extractable Value) is the profit block producers extract by reordering, including, or excluding transactions in a block, often via front-running.

Mining uses computational power to solve puzzles, validate transactions, and add blocks to a blockchain. Miners earn cryptocurrency rewards for securing the network.

Miniscript is a structured policy language for Bitcoin Script. It simplifies writing, analyzing, and compiling complex spending conditions.

A modular blockchain is a blockchain architecture that separates different functions (e.g., consensus, execution, storage) into distinct layers for greater flexibility and scalability.

Monero (XMR) is a privacy-focused cryptocurrency that uses ring signatures, stealth addresses, and RingCT to obscure sender, receiver, and transaction amounts on the blockchain.

An NFT (Non-Fungible Token) is a unique digital asset stored on a blockchain, representing ownership of a specific item, such as artwork, music, or virtual goods.

A node is a computer running blockchain software that connects to the network, validates transactions, and maintains a copy of the ledger.

On-Chain Analytics examines data directly from the blockchain, like transactions and wallet balances, to reveal insights into user behavior and network activity.

Optimism is an Ethereum Layer 2 optimistic rollup network. It batches transactions off-chain for faster, cheaper processing while inheriting Ethereum's security.

An Options Protocol is a DeFi platform on blockchain that enables trading of options contracts, like calls and puts, on-chain.

An oracle provides external real-world data, such as price feeds, to smart contracts on a blockchain, bridging on-chain and off-chain worlds.

An orphan block is a valid block that is not part of the main blockchain due to a chain split, often becoming stale as another block becomes the accepted version.

Output descriptors (BIP 380) concisely describe Bitcoin wallet output scripts and spending conditions without revealing private keys.

A paymaster is a blockchain entity that sponsors transaction fees, enabling users to execute transactions without paying gas fees directly, often used in gasless transactions.

Perpetual futures are cryptocurrency derivative contracts without expiration dates. Traders use leverage to speculate on asset prices, with funding rates aligning the contract price to the spot market.

Polkadot is a multi-chain blockchain protocol that connects independent blockchains (parachains) to a central relay chain for interoperability and shared security. Its native token is DOT.

Polygon is a layer-2 scaling solution for Ethereum that enables faster, cheaper transactions via its Proof-of-Stake sidechain. Native token: MATIC (also called Polygon PoS).

Proof of Stake (PoS) is a blockchain consensus mechanism. Validators create new blocks based on staked cryptocurrency amounts, not computational power.

Proof of Work (PoW) is a blockchain consensus mechanism where miners solve complex cryptographic puzzles to validate transactions, add new blocks, and earn rewards.

Restaking reuses staked assets, like ETH, to secure additional blockchain networks or protocols beyond the original chain, enabling shared security as in EigenLayer.

A ring signature hides the true signer's identity by mixing their signature with those of other users in a group, boosting privacy in cryptocurrencies like Monero.

A rollup is a layer 2 scaling solution that processes transactions off-chain while posting summary data on-chain to improve efficiency, with types including Optimistic and ZK rollups.

RWA (Real World Assets) are physical or financial assets represented on a blockchain as digital tokens for trading or investment.

A Satoshi is the smallest unit of Bitcoin, equal to 0.00000001 BTC. It is named after Bitcoin's creator, Satoshi Nakamoto.

Schnorr Signature is an efficient digital signature scheme (BIP340) used in Bitcoin. It supports key aggregation, multisignatures, and reduces transaction size compared to ECDSA.

SHA-256 is a cryptographic hash function that produces a fixed 256-bit output from any input. In blockchain, Bitcoin uses it for proof-of-work mining, block hashing, and transaction IDs.

A sidechain is a separate blockchain connected to a main chain, allowing for faster transactions or experimentation without affecting the main chain's security.

Slippage is the difference between the expected price of a cryptocurrency trade and the actual executed price, caused by market volatility or low liquidity.

Solana is a high-performance layer-1 blockchain platform that enables fast, low-cost transactions using Proof of History and Proof of Stake. Its native token is SOL.

A stablecoin is a cryptocurrency designed to maintain a stable value, typically pegged to a fiat currency like the US dollar or backed by reserves.

In cryptocurrency, a swap is the direct exchange of one token for another on a blockchain, often via decentralized exchanges (DEXs) without intermediaries.

A Sybil attack occurs when an attacker creates multiple fake identities or nodes to gain disproportionate control over a blockchain network, such as influencing consensus or voting.

A testnet is a blockchain network used for testing and development, where developers can experiment without using real cryptocurrency. Examples include Goerli and Sepolia.

TRON is a blockchain platform and cryptocurrency (TRX) designed for high-throughput decentralized applications, especially in content sharing and entertainment.

TVL (Total Value Locked) measures the total USD value of cryptocurrency assets deposited in a DeFi protocol's smart contracts.

An Uncle Block is a block in a blockchain that was mined but not added to the main chain due to a competing block being accepted first. It is also known as an ommer or stale block.

UTXO (Unspent Transaction Output) is a unit of cryptocurrency from a previous transaction that remains unspent and serves as input for new transactions in blockchains like Bitcoin.

A validator is a node in a proof-of-stake blockchain that stakes cryptocurrency to verify transactions, propose blocks, and secure the network.

WalletConnect is a protocol that enables secure communication between decentralized applications (dApps) and mobile wallets through QR code scanning or deep linking.

Wei is the smallest unit of Ether, the native cryptocurrency of the Ethereum blockchain. 1 Ether equals 1 quintillion Wei.

A wrapped token represents a cryptocurrency or asset from another blockchain on a target chain, pegged 1:1 for interoperability. Examples: WBTC (Bitcoin on Ethereum), WETH.

XPUB is an extended public key (xpub) in hierarchical deterministic (HD) wallets. It derives child public keys and addresses from a master public key without exposing private keys.

The XRP Ledger is a decentralized, open-source blockchain designed for fast, low-cost global payments using the XRP cryptocurrency.

Yield farming is a DeFi strategy where users provide liquidity to protocols, staking assets in pools to earn rewards like tokens or interest.

Zcash is a privacy-focused cryptocurrency that uses zero-knowledge proofs to enable shielded transactions, ensuring enhanced confidentiality of transaction details.

Zero-Knowledge Proof (ZKP) lets one party prove a statement is true to another without revealing extra information. In blockchain, it enables private transactions, as in Zcash, and scalable layer-2 solutions like zk-rollups.

ZPUB is the prefix for a Bitcoin extended public key that derives native SegWit addresses (bc1q...), used in HD wallets for secure key generation without private keys.