Security Check

Security check contains a series of security checks that are performed when a transaction is initiated and before the transaction is confirmed by the wallet.

Domain Check
Check whether the current website domain name has fake popular projects, this method is more common and can block common fake websites

Contract check
Based on @etherscan's API, We can checks whether the called contract is open source, generally malicious contracts will not be open source

Simulating transaction
Based on @TenderlyApp's transaction simulation, we can try to simulate the execution to see if there is an authorization and token transfer to remind users of the risk

Address Check
Like setApprovalForAll, transferFrom, allowance, we will take out addresses such as spender, and check whether these addresses have suspicious behavior through APIs such as @SlowMist_Team, @GoplusSecurity, @etherscan, etc.

Malicious code check
In the case of malicious code injection like Premint, we can use code features to check whether the page contains malicious feature code to remind users to pay attention to the risk

Sign Check
Malicious websites may initiate malicious sign-request: initiate an OpenSea order to sell at price 0

Yearn AllowList
Check whether the initiation of transactions is allowed through the Yearn Allow List