# Metamask / Web3 Wallet Warning

zkBob provides a convenient method to create an account using Metamask (MM) or another web3 wallet using Wallet Connect. When deriving an account with a web3 wallet there is no need to write down or remember a new secret phrase for your shielded account.&#x20;

<figure><img src="/files/uIpmxv9sQED97mmMaJpI" alt=""><figcaption></figcaption></figure>

With this method, a zkBob private key is derived using your Metamask private key. You sign a message to enable this derivation. There is no fee, the operation is performed on your local machine and nothing is sent to the blockchain. The zkBob application collects your signature and creates a private key for the shielded account.&#x20;

No one can reproduce the signature without access to your Metamask private key. If you change your browser or device, simply authorize Metamask and sign the same message in the zkBob application to get access to your shielded funds.&#x20;

This method is secure and anonymous; it is not possible to reveal your private key through signature analysis.

{% hint style="danger" %}
**Security Warning**

Be vigilant when using Metamask or another web3 wallet, as an adversary can ask you to sign the *same message* on a spoofed site.

If you provide a signature to the attacker your zkBob private key is leaked and the attacker can steal all funds from the zkBob account. To protect against this threat you must always **check the source URL** sending the signing request.&#x20;

The genuine application is hosted on [**https://app.zkbob.com/**](https://app.zkbob.com/) only.

<img src="/files/th1CVX9e2EFNdTonBPeB" alt="" data-size="original">
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.zkbob.com/zkbob-app/account-creation/metamask-web3-wallet-warning.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.