Setup checklist (30 min)
- Install ONLY from metamask.io (not from Google search — ads are fake)
- Create wallet → write 12-word seed phrase on PAPER (not screenshot)
- Store seed phrase in fireproof safe + a copy at a trusted relative
- Set browser extension to 'never save password'
- Disable password auto-fill for web3 sites
- Add Rabby as secondary (see below)
Why you might add Rabby
MetaMask doesn't simulate transactions before signing. Rabby does. Running both = cross-check malicious approvals. Many users keep MetaMask as primary for compatibility + Rabby for security review.