Skip to content
English
Submit a request Customer portal
Back to iofinnet.com
  • There are no suggestions because the search field is empty.

Best practices

 

This article is relevant for all io.vault and io.network subscriptions.

To help you maintain the highest level of security when using io.vault, we’ve outlined the key best practices we recommend for all users. Following these steps reduces risk, strengthens recoverability, and ensures a smooth experience when creating or managing your vaults.
Below are some best practices we strongly recommend all users and clients using the io.network and io.vault products to implement.

For definitions of key terms mentioned throughout this page, you can refer to our glossary section.

Registering and securing your signing device:

When registering a new signer device in io.vault, users are required to create a PIN or passphrase for this specific device. Additionally, you can configure authentication preferences and enable biometrics authentication for faster access. This PIN/passphrase must be securely stored.

It will be required any time the signer needs to be restored—for example:

  • When replacing a device
  • If the device has been compromised (lost/stolen) 

Without this PIN/passphrase, the signer cannot be restored, and any actions requiring that signer share may be blocked. We strongly recommend storing this PIN/passphrase in a trusted and secure method, such as a password manager or an equivalent secure solution.

Please refer to best practices and recommended configurations for securing your personal signing device here.

24-Word Seed Phrase

When setting up a signer device, users are provided with a 24-word seed phrase.
This phrase represents part of the cryptographic material used to decrypt the device’s recovery file. The seed phrase is required if you need to:

  • Recover your signer file outside of the standard mobile environment

  • Restore access to assets in io.vault during advanced or emergency recovery scenarios

Important:

  • The seed phrase must be written down and stored securely offline, and never shared.

  • Losing this seed phrase may permanently block certain recovery paths.

  • The 24-word phrase alone is not sufficient for recovery —
    you will also need the most recent backup file generated from your signer device (explained in the next section).

Backing up devices

Ensure all users consistently and frequently back up their devices. These backups should not be stored solely in iCloud or Google Drive; doing so only duplicates the native backup functionality of the app and does not provide the additional redundancy required. Instead, backups should be downloaded and stored on an alternative, secure storage drive.

At a minimum, each user device should be backed up every time it participates in the creation of a new vault or in a vault re-share, as these processes generate new shares locally on the device.

Redundancy of Users/Devices:

When creating a vault, it's important to decide how signing power is distributed across your team’s devices. This setup determines who can authorize transactions—and what happens if one of the devices is lost.
Design your vault so that no single device is essential for signing. This ensures business continuity and simplifies incident response if a device is lost or decommissioned. 

Example 1 – Risky Setup:

Screenshot 2025-11-27 at 3.03.44 PM

Vault signing threshold: 3
- Device 1: 2 signing shares
- Device 2: 1 signing share
- Device 3: 1 signing share

In this configuration, Device 1 holds 2 out of the 3 required shares, making it mandatory for every transaction. If Device 1 is lost or compromised, transactions can no longer be signed, and disaster recovery would be required to regain access to the vault.

Key risk: This setup introduces a single point of failure.

Example 2 – Recommended Setup:

Screenshot 2025-11-27 at 3.03.59 PMVault signing threshold: 3
- Device 1: 2 signing shares
- Device 2: 1 signing share
- Device 3: 1 signing share
- Device 1: 1 signing share

This structure still gives Device 1 greater authority, but a transaction can be approved without it. If a device is compromised, the remaining devices can meet the signing threshold on their own, reducing operational risk.

If you need help configuring your vault, we’re here to assist. You can also explore our resources for additional guidance.

Test transaction:

Always perform  two test transactions when creating a new vault:

  • First, verify that the deposit address displayed is valid by making a test deposit and confirming receipt.
  • Finally, ownership of the vault and underlying public addresses should be verified by performing a test withdrawal

If you’d like help implementing any of these best practices, feel free to reach out to our  Customer Office .