Introduction

If you suspect your Polymesh account has been compromised (for example, your funds were transferred or unstaked without your permission), it’s important to act immediately to protect your funds.

Please note that Polymesh won't be able to help recover your account or lost funds. No one can freeze, reverse, or refund POLYX transactions on the Polymesh blockchain.

If you believe that your Polymesh account has been compromised, please reach out to Polymesh Support immediately by using the Help button at the bottom of this page or through this form. Stolen funds are generally not retrievable, but understanding different attack vectors could help protect others.

How can your account be compromised

The first step is to identify how it happened. This may have occurred through a variety of means including, but not limited to:

• Downloading malicious software on your device.
• Giving a site unrestricted access to your wallet.
• Inputting personal information on a phishing website.
• Giving away your recovery phrase or JSON backup file.
• Interacting with a fake wallet extension.

What to do to prevent this from happening

• Ignore every DMs on socials and don't click on any links you don't fully trust. Assume every support person approaches you on social media is a scammer.
• Keep your seed phrase secure and do not share it with anyone. Never store your seed phrase online or on a computer with an internet connection.
• Use Ledger hardware wallet or an alternative cold wallet solution like Polkadot Vault.
• Follow the general security practices (like strong password policy, keeping all softwares up to date etc.).

What to do when your account is compromised

• Review connected Dapps in the wallet and delete everything apart from Polymesh domains.
  Open the Polymesh wallet, click on the three dots at the top, then click on "Manage connected Dapps" from the dropdown menu. A similar feature can be found on the other supported wallets as well.
  
  
  
• Transfer your funds to a new account immediately:
  
  • Create a secondary key in your wallet.
  • Transfer funds from the Overview page on the Polymesh Portal to your newly created secondary key.
  • Rotate the newly created key with the compromised primary one.
  • In case your new secondary key becomes unassigned in the wallet, you will have to onboard to Polymesh again to access to your funds.
  • Head over to the next step to remove the compromised key.
• Remove the compromised key from your wallet.
  • To remove a primary key, open the wallet then click on the three dots near your account, then click on "Forget account". Remaining funds on the account should be transferred to a different account before. 
    
     
    • To remove a secondary key, open the Polymesh Portal then:
      • Click on the "Details" button on your DID card.
      • Select the secondary key you want to remove, then click on "Remove Keys".
• Check the latest transactions on The Polymesh Block Explorer.
• Run a virus scan on your device. You may also want to uninstall every remote-access software from your device.
• You may also want to review and change other online accounts and passwords.

How to check your transactions on the Polymesh Block Explorer

• Open the Polymesh Blockchain Explorer.
• Copy the key from your wallet (which begins with 2), then search Subscan:
  
• Scroll down to the bottom of the page to see the Extrinsics and Transfers tab. Click on these to view more details about your recent transactions and actions on the blockchain. You can also click on the Extrinsic ID or the arrow on the right side to view the full transaction data.

Learn and implement security best practices

To keep your funds secure and to prevent such incidents from occurring in the future, it is essential to be educated about the best practices for using crypto wallets in a secure way. This may include understanding phishing and social engineering attacks, keeping all software up to date and so on.

If you are in doubt, you can reach out to Polymesh Support anytime.