Security & Safety
Core principles for using an NFT bot safely. Please read this.
1. Private keys stay on your PC
- Imported wallets' private keys are encrypted with Windows DPAPI and stored only on this PC.
- Our server never receives or stores private keys.
- Export key is the only feature that shows a private key on screen — keep it away from others/recording/streaming.
2. Always mint with a burner (small) wallet
- Keep large assets in a vault wallet that has never connected to any dApp/app.
- Use a burner wallet (an amount you can afford to lose) for minting/events/giveaways. This alone hugely reduces risk.
3. The Telegram bot wallet is also a burner
- The Telegram bot wallet is kept on the server for burner use (to run 24/7). Don't put large funds in it.
4. Don't expose your pairing code / keys
- The Telegram pairing code is like a password. Never expose it while recording/streaming — anyone who sees it can connect to your bot and drain the bot wallet.
- Don't share your license key either (it's 1-device, so others can't use it anyway, but avoid exposure).
5. Beware phishing — official links only
- Minting via the bot reduces scam/phishing-site risk, but always suspect DMs and unfamiliar links.
- Download/buy only via the official links from the operator.
6. Good habits summary
| Do ✅ | Don't ❌ |
|---|---|
| Mint with a burner wallet | Mint with your main/vault wallet |
| Keep big assets in an unconnected vault | Store big funds in bot/burner wallets |
| Download only from official links | Click DMs / unfamiliar links |
| Keep pairing code & keys private | Expose code/keys while streaming |
Nothing is 100% safe in web3. These habits are the surest way to protect your assets.