[ad_1]
After the worst year for cryptocurrency hacks and exploits, the cryptocurrency community has some advice for novice investors heading into 2023. Review smart contract authorizations and revoke access on a regular basis.
Reddit user 4cademy posted advice on the r/CryptoCurrency subreddit on Jan. 1 stating that he has approved a large number of smart contracts in two years and said, “I thought it was time to check the approved smart contracts. ‘ said.
They found that “nearly all” of the approvals were for “unlimited amounts,” spurring them to un-approve all smart contracts in the wallet, saying it was “safer than regretting.” I gave the following advice:
“At least the authorization should also be checked and possibly revoked.”
The reason for doing this is that some users of Decentralized Finance (DeFi) or Non-Fungible Token (NFT) protocols can avoid malicious smart contracts from phishing attacks that may be waiting to steal your funds. because you may have mistakenly approved the
Such ice phishing scams have been successful in the past, with one elaborate month-long scam involving offers from bogus movie studios stealing 14 Bored Ape Yacht Club ( BAYC) NFT has been stolen.
Hackers may find exploits to steal funds from connected wallets, so even known “well-behaved” contracts should be revoked.
The 10 largest exploits of 2022 stole around $2.1 billion, mostly from DeFi protocols and cross-chain bridges, where attackers discovered vulnerabilities in existing smart contracts and carried out heists.
Related: Developers Must Stop Crypto Hackers in 2023 or Face Regulation
Users provided further advice to “use different wallets for different purposes”, including using one wallet that only interacts with smart contracts and another wallet that is only used to hold funds.
Users commenting on this post have also suggested that a regular interval can be scheduled to revoke all smart contract approvals, such as the 1st of each month or the beginning of each week.
Some have suggested that there are third-party services that can check and revoke smart contract approvals on many chains such as Binance Smart Chain (BSC), Ethereum, and Polygon.
One user responded that the “best” advice was to interact with as few smart contracts as possible, saying, “It’s good practice to revoke permissions, but it’s better not to grant them in the first place.”
[ad_2]
Source link
