Everything you need to know about CryptoShield's wallet verification protocol. If your question is not answered here, contact our support team.
Yes. CryptoShield uses a read-only WalletConnect v2 connection. We never request permission to sign transactions, move funds, or access token approvals. Your private keys and seed phrase remain entirely on your device and are never transmitted to our servers at any point during or after the verification process.
No. This is architecturally impossible. CryptoShield establishes a read-only session via WalletConnect. To move funds, a wallet application must display a transaction request that the user manually approves. CryptoShield never sends any transaction request — only a message signing request, which carries no on-chain value and cannot authorize any fund movement.
Yes. CryptoShield has been independently audited by CertiK, Hacken, and Quantstamp — three of the most respected security audit firms in the Web3 space. All audits have passed, and the full reports are publicly available on our Security page. We also run a continuous bug bounty program for responsible disclosure.
Always verify the URL in your browser's address bar before connecting your wallet. The official CryptoShield domain is cryptoshield.io. We do not operate any other domains. CryptoShield will never DM you on Telegram, Twitter, or Discord asking you to verify your wallet through an unsolicited link. If you received such a message, it is a scam.
Wallet verification creates an on-chain proof of ownership and registers your wallet in our security registry. This helps protect against phishing impersonation, establishes a verifiable security credential for your address, and is increasingly required by dApps, DAOs, and NFT platforms as a prerequisite to participation.
Verification typically completes in under 60 seconds. The steps include: connecting to your wallet (5–15 seconds), signing the verification message (instantaneous once approved), running the integrity check on our servers (10–20 seconds), and issuing the certificate (5 seconds). All steps are automated and require no manual input beyond the initial connection and signing approval.
You will need to approve two things: (1) a WalletConnect connection request — this allows CryptoShield to communicate with your wallet application; and (2) a "Sign Message" request — this is a plain text signature proving you own the wallet address. You will not be asked to approve any transactions, token approvals, or spending permissions.
If verification fails, the most common causes are: the session timed out (connections expire after 10 minutes), the sign request was rejected in the wallet app, or a network connectivity issue interrupted the session. Simply restart the verification process from the beginning. If the issue persists, try clearing your browser cache or using a different browser. Contact support if the problem continues.
We read only your wallet's public address. We also receive a cryptographic signature proving ownership, but this signature is used only for the one-time verification check and is not stored. We do not read your token balances, transaction history, NFT holdings, or any other data associated with your wallet.
After verification completes, the only data stored is: your wallet's public address, the wallet provider type, and the verification timestamp. These are stored as part of your certificate record. We do not store your IP address, browser fingerprint, device information, or any personal identifiers. See our Privacy Policy for the full data handling disclosure.
Certificates remain active indefinitely by default. They do not expire. However, you may choose to revoke your certificate at any time through our self-service revocation tool or by removing CryptoShield from your wallet's connected application list.
Yes. You can revoke your certificate at any time. Revocation disconnects the WalletConnect session and marks the certificate as inactive in our on-chain registry. The revocation is propagated to our verification API within seconds. You can also revoke access directly from your Trust Wallet or MetaMask settings by removing CryptoShield from connected applications.
If your wallet supports WalletConnect v2, it should be compatible with CryptoShield even if it is not listed explicitly on our Supported Wallets page. Select "Other Wallets" during the verification flow and scan the QR code with your WalletConnect-compatible wallet. We are continuously adding explicit support for additional providers.
Yes. Ledger hardware wallets are supported through the Ledger Live application. Trezor support is planned for a future release. Hardware wallets are excellent candidates for CryptoShield verification because they provide the highest level of key security and our read-only protocol is fully compatible with their security model.