3、How to prevent DApp Approve scams?

There are hidden dangers when a user needs to authorize the first interaction with a dApp. If the dApp is attacked later, it will be able to directly use its permissions to steal user assets. When a user conducts a transaction in a dApp contract, there will be an Approve button on the dApp page. The user must authorize to allow transactions, and this authorization means that the dApp contract has the right to transfer your assets. For the convenience of users, generally The default is to authorize an unlimited number of tokens. Once there is a loophole in the contract, or the contract administrator becomes greedy, all the tokens in the wallet authorized by the user will be transferred away. Pallet reminds that users should not over-authorize when interacting with on-chain protocols, and at the same time, they should regularly deauthorize Dapps that are not commonly used, and pay attention to preventing fraudsters from “changing vests” to avoid asset loss. Therefore, you need to regularly clean up the permissions of dApps that are not commonly used or set an upper limit on the amount of token transfers.

Last updated