WalletNow
Search…
WalletNow
Supported sources
Stay tuned
Privacy and security
WNOW Tokenomics
Roadmap
Pricing
Audits
Features
Account view
Login
Binance Exchange Integration
Custom Investments
Custom vaults
Detailed token data
Impermanent loss
Telegram Bot
Active Monitoring
Multiple Wallets
Privacy Lock
Time Machine
Token ignore list
View NFTs
Export data to CSV (Excel)
Harvest rewards
Profit & Loss (P&L)
WalletNow Swap
Price Charts
B2B (For business)
B2B Summary
Advertise on WalletNow
Swap as a service
One-click buy links
Price Chart APIs (OHLCV)
Support
Report a problem
Make a request
FAQ
Powered By GitBook
Login
To modify any settings on your account, you will need to Login using your wallet.
First, you need to open your "Account" by clicking on one of these locations:
Then, click on the "Login" button:
The login process is very simple: We will request a message signature which you need to accept with your wallet application. This message signature happens completely offline, so there is no cost for that.
Once the message is successfully signed, we will store that information on your browser and use it to sign all the requests. This will enable you to modify your settings.
We currently support the following wallet applications: MetaMask, Trust Wallet, Math Wallet, SafePal and WalletConnect. WalletConnect can be used to enable a large variety of other wallet applications and uses-cases.
If you wish to logout, you can do so in the same page:
You can also configure your account to be visible only when logged-in. Read more about it here.

Security considerations

Signing messages with your wallet (even offline messages) has been used as an attack vector multiple times already, so it is important to understand WHAT is being signed.
WalletNow login messages are created using a combination of a server-side generated secret and the account address, and they look like this: 0uKt9xd7eor738EtFjTPI+oacQIPahMIBwoWQA+3j95=
Notice that the message will always end with an equals sign (=). This is a Base64-encoded message of a SHA256, and it will always have the exact length of 44 characters. Base64-encoded data cannot be used to perform any operations in the blockchain, so it is perfectly safe to sign this for the purposes of logins.
You should take extra care when signing messages which appear to be HEX-encoded like this one: bb4cdb9cbd36b01bd1cbaebf2de08d9173bc095c as they may expose you to security threats. The biggest problem with this is WalletConnect, since most wallet applications will display WalletConnect signature requests as HEX-encoded regardless of the message itself. On this situation, the only thing you can validate is the message length, as it must be exactly 90 characters if it is coming from WalletNow (0x followed by 88 characters).
Features - Previous
Account view
Next - Features
Binance Exchange Integration
Last modified 9mo ago
Copy link
Contents
Security considerations