[ad_1]
After the worst year for cryptocurrency hacks and exploits, the cryptocurrency community has given advice to novice investors for 2023. Review smart contract authorizations and revoke access on a regular basis.
Reddit user 4cademy posted advice on the r/CryptoCurrency subreddit on Jan. 1 stating that he has approved a large number of smart contracts in two years and said, “I thought it was time to check the approved smart contracts. ‘ said.
They found that “nearly all” of the approvals were for “unlimited amounts,” spurring them to un-approve all smart contracts in the wallet, saying it was “safer than regretting.” I gave the following advice:
“At least the authorization should also be checked and possibly revoked.”
The reason for doing this is that some users of decentralized finance (DeFi) protocols or non-fungible tokens (NFTs) can avoid malicious attacks from phishing attacks that may be standing by to steal user funds. This is because you may have accidentally approved the smart contract.
Such ice phishing scams have been successful in the past, with one elaborate month-long scam involving offers from bogus movie studios stealing 14 Bored Ape Yacht Club ( BAYC) NFT has been stolen.
Hackers may find exploits to steal funds from connected wallets, so even known “well-behaved” contracts should be revoked.
The 10 largest exploits of 2022 stole around $2.1 billion, mostly from DeFi protocols and cross-chain bridges, where attackers discovered vulnerabilities in existing smart contracts and carried out heists.
Related: Developers Must Stop Crypto Hackers in 2023 or Face Regulation
The user further provided advice to “use different wallets for different purposes,” such as not having a wallet that only interacts with smart contracts and one that is only used to hold funds. .
A user who commented on this post suggested that we could also schedule a recurring interval to unauthorize all smart contracts, such as the 1st of every month or the beginning of every week.
Others have suggested that there are third-party services that can check and revoke smart contract approvals across many chains, such as the BNB smart chain, Ethereum, and Polygon.
One user responded that the “best” advice is to interact with as few smart contracts as possible, stating, “Revoking permissions is a good practice, but it’s better not to give them in the first place.”
[ad_2]
Source link
