
How to avoid getting scammed with malicious token contracts
Usually when a new wallet address interacts with a decentralized exchange, scammers start sending tokens which can't be sold. This is because the token contract checks if the wallet address matches predefined list of addresses and if the address doesn't match, the contract enables code path that usually drains the balance of user's wallet empty. Some malicious contracts target specific token balances, some spend as much gas as the wallet is willing to provide or try to transfer whole coin balance (BNB, ETH, etc.).
At least BscScan and EthScan have comments section where people can report suspicious contracts. People should also avoid interacting with contracts that don't have source published. If the source is published, Approve and Transfer methods can be checked that they only check or change internal variables holding user balance and the approved transfer amount and emit correct event. If they do anything else, the contract most likely is not safe to use.
Approve method should emit Approval event with three parameters containing the wallet address where the funds can be transferred from, wallet address of approved account, and the approved amount.
Transfer method should emit Transfer event with three parameters containing source address, destination address and the amount of tokens transferred.
If the token list in block explorer doesn't show any value for the token, it might be either recently created token, or the token can't be sold on any reputable exchange. Not all decentralized exchange pairs are tracked due to low volume, or because nobody has requested the token to be listed. Most legitimate tokens are listed on at least one statistics site after the token has enough liquidity and trading volume.
Leave How to avoid getting scammed with malicious token contracts to:
Read more #ethereum posts
Best Posts From Mika
We have not curated any of mtl1979's posts yet. But you can encourage our curation team to review posts by visiting them regularly and by referring other readers. Because we give priority to frequently read content.
More Posts From Mika
- How to use MyHeritage Family Tree Builder without subscribing...
- PayPal launches its own stablecoin PYUSD... Is it safe or not?
- Design limitations of responsive websites
- April 1st, 2023 marks end of mainstream support of Ubuntu 18.04
- Understanding the Ethereum London Revised scam...
- How to use PancakeSwap for creating trading pair, swapping, buying and selling tokens - Part 2
- How to use PancakeSwap for creating trading pair, swapping, buying and selling tokens - Part 1
- How to combat abuse of token bridges...
- Finnish food and drink company recalls potato chips due to potential overdose...
- Why it is bad idea to let Ubuntu upgrade Python to 3.10...
- How to avoid getting scammed with malicious token contracts
- Decentralized exchange or not?
- Corruption scandal revealed in Finnish judicial system
- Calculating Ethereum or Binance Smart Chain gas...
- Smart contract platforms start to fight against non-conforming token contracts...
- Recent trend on exchange hacking...
- How token scams work...
- Support for resolving wallet address using DNS
- Talleo adds support for compiling under FreeBSD and NetBSD.
- Overloading operators in namespaces