Security
Keep Security as a short practical guide for wallet-based operations. Bonkit is non-custodial, but users are still approving real transactions and managing real authorities.
What Matters Most
- The connected wallet signs and executes the transaction
- Token authority and campaign ownership still matter
- Recipient data and mint selection should be checked before launch
- Never share your wallet private key or recovery phrase with anyone.
Practical Rules
- Review every wallet prompt before approving it.
- Use the correct wallet for the token or campaign you manage.
- Double-check mint addresses before using
Manual Mint. - Keep your source CSV or allocation dataset for audit and reruns.
- Test claim flows with a known wallet before sharing them publicly.
- When launching a campaign for the first time, test with a small dataset before running a full distribution.
Common Security Mistakes
- approving a transaction from the wrong wallet
- launching a campaign with the wrong token mint
- sharing a claim link before testing it
- changing authority or metadata without confirming the intended destination address
What Bonkit Does Not Do
Bonkit does not custody your wallet or sign transactions for you. The final approval and execution path stays with the connected wallet.
Read Next
Last updated on