Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Warn user before signing a token approval to an EOA #509

Open
Tracked by #1234
mhluongo opened this issue Dec 3, 2021 · 2 comments
Open
Tracked by #1234

Warn user before signing a token approval to an EOA #509

mhluongo opened this issue Dec 3, 2021 · 2 comments
Labels
Priority: Low Low Monetary / Growth impact, not time-sensitive. Type: Enhancement New feature or request Type: Security Security-related concerns & enhancements

Comments

@mhluongo
Copy link
Contributor

mhluongo commented Dec 3, 2021

We can't reliably tell is an address is an EOA or a CREATE2 contract that hasn't been deployed, but there should be a "THIS CERT IS WRONG" style warning that needs dismissing to enable this behavior.

We've been talking about in Discord due to the Badger hack, and @banteg summed the issue up well

https://twitter.com/bantg/status/1466724441866526726
@mhluongo mhluongo added the Type: Security Security-related concerns & enhancements label Dec 3, 2021
@mhluongo
Copy link
Contributor Author

mhluongo commented Dec 3, 2021

@VladUXUI do we have a dismissable warning for the signature page designed yet? Even a mockup would be helpful

@mhluongo
Copy link
Contributor Author

mhluongo commented Dec 4, 2021

image-2

@mhluongo mhluongo mentioned this issue May 24, 2022
Open
8 tasks
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Add a utility to annotate addresses
5de21f8 
Refs #1234 #509
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Annotate addresses alongside transactions
87c974d 
Refs #1234 #509
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Warn when approving EOAs or sending to contracts
2e5f8c1 
Refs #509, #262, #84
@mhluongo mhluongo mentioned this issue Aug 8, 2022
Merged
4 tasks
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Add a utility to annotate addresses
79a9dc5 
Refs #1234 #509
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Annotate addresses alongside transactions
ad5519d 
Refs #1234 #509
mhluongo added a commit that referenced this issue Aug 8, 2022
@mhluongo
Warn when approving EOAs or sending to contracts
03de0e9 
Refs #509, #262, #84
@0xDaedalus 0xDaedalus added Priority: Low Low Monetary / Growth impact, not time-sensitive. Type: Enhancement New feature or request labels Feb 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority: Low Low Monetary / Growth impact, not time-sensitive. Type: Enhancement New feature or request Type: Security Security-related concerns & enhancements
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mhluongo @0xDaedalus