Security check contains a series of security checks that are performed when a transaction is initiated and before the transaction is confirmed by the wallet.
Check whether the current website domain name has fake popular projects, this method is more common and can block common fake websites
Based on @etherscan's API, We can checks whether the called contract is open source, generally malicious contracts will not be open source
Based on @TenderlyApp's transaction simulation, we can try to simulate the execution to see if there is an authorization and token transfer to remind users of the risk
Like setApprovalForAll, transferFrom, allowance, we will take out addresses such as spender, and check whether these addresses have suspicious behavior through APIs such as @SlowMist_Team, @GoplusSecurity, @etherscan, etc.
Malicious code check
In the case of malicious code injection like Premint, we can use code features to check whether the page contains malicious feature code to remind users to pay attention to the risk
Malicious websites may initiate malicious sign-request: initiate an OpenSea order to sell at price 0
Check whether the initiation of transactions is allowed through the Yearn Allow List
Updated 4 months ago