Security team creates dashboard to detect potential NFT hacks in OpenSea
1 min readA wallet security team released a real-time dashboard that lets community members detect, track and monitor potential nonfungible token (NFT) hacks using offline signatures in the OpenSea marketplace.
When asked about potential solutions for this problem within the community, the wallet executive claimed there’s currently no good solution. He explained that:
“Users can use some proprietary browser extensions that give some visibility into some offline signatures, but does not cover all offline signatures and needs to be updated whenever a new form of offline signature is added.”
According to the ZenGo team, they’ve also started working with the Ethereum Foundation, various decentralized applications, and other wallets to support a draft Ethereum Improvement Proposal (EIP) that fixes the issue if implemented. Be’ery said:
“The EIP allows a contract to describe the exact meaning of the offline signature, such that the wallet app can display it to the user and then the user can make an informed decision on whether or not they want to sign the offline signature and don’t need to blindly sign.”
Similarly, the other entities within the community have also been issuing warnings over gasless transactions on OpenSea. On Dec. 23, anti-theft project Harpie warned the community about a private auction scam that threatens users of the NFT marketplace. The scam also involves blindly approving signatures.