# Passport Control for Onchain and Social Identities > Securing your web3 Proof of Work without going insane **Published by:** [0xNerdery](https://paragraph.com/@ispeaknerd.eth/) **Published on:** 2024-06-21 **Categories:** identity, ens, security **URL:** https://paragraph.com/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities ## Content Thank you to those of you that collected my writings, it helps me out and keeps me going!clt, logonaut.eth, sdot, lvackerman, tiamat-envoy, higher, eurekajohn, anonsGrateful to all 282 of you for reading, hope you're having a great start to your week! Join the /nerdery channel on Farcaster.Key TakeawaysOnchain identity is the accumulation of an entity's Work that collectively makes up who they are.Ethereum Name Service (ENS) is the onchain address lookup tool to help you keep identity organized and subdomains are an excellent tool to do that.Reputation attached to your identity is the most scarce resource you have, guard it well with a cold wallet.Keep three separate wallets for different activities to keep funds & identity safu.Split up the ENS Owner role from the ETH Address to ensure your onchain identity can't get phished!Individuals are defined by their actions. In other words, identity is the accumulation of all the things an individual has done. The sum and product of all their Work performed. Onchain actions and attributions give individuals a way to point to their Proof of Work (POW), be it write an article on Paragraph, go viral on Farcaster, or even hack and drain a crypto payment provider. History in web3 is tied to static wallet addresses generated as Externally Owned Accounts (EOAs) by wallet apps like Metamask, Rainbow, and others. Losing access to that history hurts because now you've lost any and all Proof of Work tied to that address. But, you can build an identity layer and abstract it from the Ethereum address 0x123... to a moveable human-readable name like ispeaknerd.eth. ENS - Ethereum Name ServiceNames (ispeaknerd.eth) Ethereum addresses (0x123...)DNS - Domain Name ServiceNames (google.com) IP addresses (127.0.0.1)Owners can redirect the names to new addresses if needed, like how google.com can point to a new server if something goes wrong. In this way, owners can maintain their history and identity even if they lose access to their Ethereum wallet or it becomes compromised in some way. Secure your web3 identity to navigate the web3 digital landscape without compromising your peace of mind. In this article I'll show how Farcaster is integrating onchain and social identities and how people on Farcaster are leveraging ENS to safeguard our Proof of Work (POW) and onchain identities.Onchain + Social IdentityOnchain identity using ENS is a self-sovereign identity, acting like a self-issued onchain passport. The current scheme uses NFTs to represent one's registration, which, while easy to transfer, can also be easily stolen if not properly secured. More and more tools are also using Farcaster as an identity source. Unify your social identity on Farcaster with your onchain identity by adding an Farcaster record to ENS. Farcasterlimes on WarpcastI think that's a good idea Ultimately an ENS Labs decision on how to make it an official record, I know there is some debate re this quoted cast https://warpcast.com/chriscocreated/0x1dbfdf27 I just added the farcaster record to limes.eth https://imagedelivery.net/BXluQx4ige9GuW0Ia56BHw/e5c78859-c214-4bbd-1914-f8616524f000/original https://warpcast.com/chriscocreated/0x1dbfdf27This will only continue to become more valuable as more and more tools learn that they can leverage Farcaster for a user's social graph and preferences. For example, Airstack now uses Sign In With Farcaster (SIWF) to unify onchain and social identities for users. Neynar is popularizing Sign In With Neynar (SIWN) for app developers, and Drakula has shown how apps can bootstrap their entire userbase from the Farcaster social graph. This interconnected approach ensures a robust yet flexible identity system that evolves with the web3 landscape. But it means that users now must protect both their funds and their identity.Securing One's Identity + AssetsEnsuring your web3 identity remains secure without causing unnecessary stress boils down to smart management of your digital assets and identities. By utilizing tools like ENS and maintaining separate wallets for different activities, you can protect your funds and POW effectively. My hot wallet ispeaknerd.eth was becoming too large of a target as my original DEGEN airdrop ballooned in value, if someone noticed and hacked my account, I'd lose it all. I moved my DEGEN out of my hot wallet for safekeeping following the Rule of Three for wallets as described in my previous article:https://paragraph.xyzPersonal security foundations for web3 and beyondProtect your digital life in web3 with these top eight tips for security. Learn about password managers, 2FA, wallet bookmarks, wallet silos, and more. Stay safe in the decentralized world!High-value assets ("blue-chips") and large amounts of crypto should be kept in a hardware wallet, a vault account that is not directly connected to the internet. This is the least-accessed account, think of it as your safety-deposit box at the bank.Your day-to-day funds can be kept in an operational wallet, a separate internet-connected account that you use to interact with trusted entities, be they dapps, exchanges, or people.Finally, you want to have a third, risky degen wallet. This is the condom for all your other assets, preventing those untested NFT minting contracts, those unsafe airdrops, etc. from putting the rest of your money at risk. If you interact with the wrong contract and lose ALL the funds in this account, it shouldn't hurt too bad because your funds are elsewhere.... they are elsewhere, right? :|Guide for Wallet Separation using ENSOk, I've convinced you. You want to protect your identity and your onchain POW. But what's the best way to keep track of all these 0x123... accounts and keep it all secure?!?? We can use ENS to get the flexibility of changeable names with the security of hardware wallets and smart accounts. I touched on it in my initial article about Farcaster, but basically we need to separate the ENS Owner from the ETH Address record. https://paragraph.xyzAcculturate to Accelerate on FarcasterThe onboarding guide to catching the vibe ✨ and growing an audience on Farcaster.β–ΌWhat are Owner, Manager, and ETH Address of an ENS?Owner: ​The owner of the ENS name - the wallet that hold the ENS name NFT.Manager: ​The manager of records - the wallet allowed to make changes to its records (but not transfer the name)ETH Address: The wallet address the ENS name points to - where funds sent to a name are received.Full details are on the ENS support docs.Farcaster ENS SetupThe ETH Address is the wallet the ENS name points to, this will be the operational wallet we use to sign into Farcaster. You can easily set your Wallet Address in the ENS Manager appOwner is the wallet that holds ENS NFT, can transfer the token to give ownership to another address. This should be your vault account, a hardware wallet or a personal multisig like SAFE for even higher security. If you already have an ENS, you can send the ENS NFT to your vault account using the ENS Manager app.Put the ENS Owner on a hardware wallet, point the ETH Address to a low-value wallet you can use daily.The especially paranoid can easily create a new ENS subdomain for Farcaster specifically or even for their high-risk activity. For example, @sdv.eth uses hot.sdv.eth for his degen activity.Additional ResourcesENSdata.net by @pugson is a fantastic, free resource for looking up ENS and Farcaster data using simple json API call. I'm using it for my /tabletop backend services already.https://ensdata.net𝐄𝐍𝐒 πƒπšπ­πš - free API to lookup ENS recordsLook up Ethereum Name Service text records for any address and get them back in convenient JSON format. Reverse lookup the primary ENS for a wallet address.Local-only portfolio tracker Rotki by OG ETH dev @lefteris.eth is great and constantly adding new features! I've used it for ~2 years now.https://rotki.comrotkirotki is an open source portfolio tracker, accounting and analytics tool that protects your privacy.Take the Boring Security classes to level up your security knowledge and stay safe out there!https://boringsecurity.comBoring SecurityEveryday people are being attacked and scammed in Web3. We started Boring Security to educate people on what they can do to remain safe in this ever-evolving space. We provide free classes, resources, tools, and other informational material to the community so that they can prevent themselves from becoming the next victim.Follow @zachxbt on Twitter and FarcasterFollow the /infosec channel on FarcasterUse delegate.xyz to maintain minting connection between hot & cold walletsIf you enjoyed this,Please subscribe SubscribeGive me a shout on FarcasterCome join the /nerdery channel and the /infosec channelShare this post with someone who will enjoy it! You earn a referral fee when someone collects this post using your referral link.Share ## Publication Information - [0xNerdery](https://paragraph.com/@ispeaknerd.eth/): Publication homepage - [All Posts](https://paragraph.com/@ispeaknerd.eth/): More posts from this publication - [RSS Feed](https://api.paragraph.com/blogs/rss/@ispeaknerd.eth): Subscribe to updates - [Twitter](https://twitter.com/ispeak_nerd): Follow on Twitter ## Optional - [Collect as NFT](https://paragraph.com/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities): Support the author by collecting this post - [View Collectors](https://paragraph.com/@ispeaknerd.eth/passport-control-for-onchain-and-social-identities/collectors): See who has collected this post