A wallet security team has made a real-time dashboard available on the OpenSea Marketplace. This dashboard provides community members with the ability to identify, track, monitor, and report possible breaches using nonfungible coins (NFTs), using offline signatures.
ZenGo, the company behind cryptocurrency wallet ZenGo, claims they have developed a simple method to detect NFT hacks. The company behind ZenGo claims that they have developed a simple method to detect NFT hacks. This involves keeping track of all NFT transactions made in the NFT marketplace, and then comparing each trade with the NFT collection’s floor price. If the ratio of the trade values is not normal, it could be a sign that there has been a hack.
For starters, this hack doesn’t use a standard method to reveal the significance of the messages users have to sign. This means that users must “blindly believe” and “blindly sign” the messages in order to proceed. Be’ery also noted that such attacks affect the contracts of platforms. He suggested that platforms should share some responsibility for situations like this.
A wallet executive was asked about possible solutions to the issue in the community. He replied that there is currently no satisfactory answer. His answer was: “Users may use certain proprietary browser extensions that permit some access to some offline signings. These extensions don’t cover all offline signatures and must be updated when a new type of offline signature is created.
The ZenGo team claims that they have begun to work with the Ethereum Foundation and a number of other decentralized apps and wallets to endorse an Ethereum Improvement Proposal. If adopted, it will address the problem. Be’ery explains that the EIP allows a contract which describes the exact meaning of an offline signature to be displayed to the user by the wallet app. The user is free to decide whether they want to sign the offline signing, and they don’t have to do so blindly. The EIP makes this possible.
OpenSea has also seen similar warning statements from other community organizations and individuals regarding gasless transactions. Harpie, an antitheft project, sent a warning to the community about fraud using private bidding that could have serious consequences for NFT users on December 23. The fraud also involves mindlessly validating signatures.