Subscribe to BiteyeHQ
BiteyeHQAn in-depth analysis of TVL’s skyrocketing Manta Pacific
Author: Biteye Core Contributor Lucky Editor: Biteye Core Contributor Crush Community: @BiteyeCN *Text: 2400 words, read in 5 mins.01Introduction to Manta PacificThe recent futures price of the popular Blast on Aevo has continued to increase with TVL. In just one week, it rose from the lowest of 3.5 dollars to 15.5 dollars, and then fell back to 7 dollars. It can be seen that the L2 model, which focuses on native income, has begun to be recognized by the market. . And can Manta, which has als...
BiteyeHQDecoding the New L2——Public Goods Network
On July 7th, Gitcoin officially introduced the Layer2 network——Public Goods Network (PGN), which developed by the OP Stack. On August 18th, Gitcoin announced its 18th round of Grants will support the PGN network. What makes this L2 so favored by Gitcoin? This article will analyze PGN from the following aspects:What is a Public Good?Background and problem-solving of Public Goods NetworkHighlights of Public Goods NetworkWill Public Goods Network have an airdrop?How to interact with Public Goods...
BiteyeHQMovement:The Next Breakthrough Blockchain After Sui and Aptos
Please credit Biteye community when sharingAuthor: Biteye Core Contributor Fishery Editor: Biteye Core Contributor Crush Community: @BiteyeCN *Text: 5000 words, read in 5 mins.01 IntroductionFive years ago, Facebook's Libra (later renamed Diem) project emerged, drawing global attention. However, this ambitious initiative ended in 2022, leaving behind an unfinished legacy. Nevertheless, Libra’s technical foundation—Move programming language—has found new life through its successors. As wi...
<100 subscribers
BiteyeHQAn in-depth analysis of TVL’s skyrocketing Manta Pacific
Author: Biteye Core Contributor Lucky Editor: Biteye Core Contributor Crush Community: @BiteyeCN *Text: 2400 words, read in 5 mins.01Introduction to Manta PacificThe recent futures price of the popular Blast on Aevo has continued to increase with TVL. In just one week, it rose from the lowest of 3.5 dollars to 15.5 dollars, and then fell back to 7 dollars. It can be seen that the L2 model, which focuses on native income, has begun to be recognized by the market. . And can Manta, which has als...
BiteyeHQDecoding the New L2——Public Goods Network
On July 7th, Gitcoin officially introduced the Layer2 network——Public Goods Network (PGN), which developed by the OP Stack. On August 18th, Gitcoin announced its 18th round of Grants will support the PGN network. What makes this L2 so favored by Gitcoin? This article will analyze PGN from the following aspects:What is a Public Good?Background and problem-solving of Public Goods NetworkHighlights of Public Goods NetworkWill Public Goods Network have an airdrop?How to interact with Public Goods...
BiteyeHQMovement:The Next Breakthrough Blockchain After Sui and Aptos
Please credit Biteye community when sharingAuthor: Biteye Core Contributor Fishery Editor: Biteye Core Contributor Crush Community: @BiteyeCN *Text: 5000 words, read in 5 mins.01 IntroductionFive years ago, Facebook's Libra (later renamed Diem) project emerged, drawing global attention. However, this ambitious initiative ended in 2022, leaving behind an unfinished legacy. Nevertheless, Libra’s technical foundation—Move programming language—has found new life through its successors. As wi...
Subscribe to BiteyeHQ
<100 subscribers
Share Dialog
Share Dialog
Author: @0xHankester
Web3 takes back the sovereignty of data and assets for users through blockchain technology, allowing them to manage their own information and property, while at the same time letting them into the dark forest. In Web3 World, where Code is Law, interacting with various smart contracts is a fundamental action for users, but ordinary users without a development background have difficulty identifying vulnerabilities embedded in malicious contract code and are vulnerable to loss of property.
Faulty Approvals: Users often need to sign to authorise smart contracts when interacting with dapps, and some malicious addresses would initiate authorisation requests to transfer users' assets, which will lead to users' property loss if users click the approve button.
Changable Mechanism: contract developers can change the token mechanism through a range of means, such as adding, destroying and changing transaction taxes.
Pixie Contracts: Pixie contracts mean that when interacting with this kind of smart contract, users' buying and selling behaviour is restricted, commonly in the form of free buying and restrictions on selling.
To help users solve these issues above, we have compiled a list of the top 10 security tools to help Web3 users safeguard their assets and accounts. All of the tools below are free except for Harpie, which has a fixed fee of 0.01 ETH in the event of a recovery, and MistTrack, which requires a paid subscription after a one-month free trial period.
Go+ Security, website: https://gopluslabs.io/
StaySafu, website: https://app.staysafu.org/
Token Sniffer, website: https://tokensniffer.com/
2.1.1 Functions and Usage Scenarios
Function: Detects the risk of smart contracts addresses and quickly obtains a brief audit report.
Scenario: When interacting with a dApp or entering an address on dex to buy long-tail tokens, if you are not sure whether there are vulnerabilities or other risks in the smart contract, you can enter the address of the smart contract you want to interact with in the scanner of the above tools to see the risk detection results.
2.1.2 Projects comparison
Chains Supported
Security Capabilities
Project Background
Comprehensive Review
- Go+ Security: covers the largest number of public chains and more risk indicators, allowing for a more comprehensive understanding of potential risks.
- Tokensiffer: also has more metrics covered, and each metric has a detailed explanation, allowing for a deeper understanding of risk points.
- StaySafu: fewer risk indicators and only one chain BSC is supported.
Scam Sniffer, website: https://scamsniffer.io/
Pocket Universe, website: https://www.pocketuniverse.app/
2.2.1 Functions and Usage Scenarios
Function: After downloading and installing the plugin, when an interaction is initiated by connecting to the wallet, the security plugin will scan the interaction logic and inform the security scan result in a pop-up window, indicating the risk.
Scenario: Some phishing smart contracts will lead the user to approval signatures by means of airdrops etc. When the user receives an unfamiliar airdrop and wants to sell it, the interaction initiated will be recognised and the user will be informed of the risk level of the interaction.
2.2.2 Projects Comparison
Supported Wallets: MetaMask
Security Capabilities
Project Background
Comprehensive Review: this type of tool is more homogeneous. With the accumulation of users, this type of project can accumulate more risk data and improve security capabilities.
Forta, website:https://forta.org/
Function: Monitor smart contract address and wallet address states changes and send the states information to email, Slack, Discord and other messaging software.
Scenario: Users enter the address they want to monitor into Forta and leave a notification to get real-time on-chain information, rather than having to connect to a wallet to see a particular contract address states every time.
Chains Supported: Ethereum, Polygon, BSC, Avalanche, Optimism, Fantom, Arbitrum
Project Background: Forta was incubated by OpenZeppelin and it raised $23 million in funding in October 2021 led by A16z. Other investors included Coinbase Ventures, True Ventures, OpenZeppelin and others.
Revoke, website: https://revoke.cash/
Approved.zone, website: https://approved.zone/
2.4.1 Functions and Usage Scenarios
Function: View approvals' states of NFT and Token and revoke these approvals.
Scenario: Many phishing smart contracts will guide users to approve their signature through various scenarios. Some authorization may involve the transfer of property, and assets may be transferred away at any time. Through such tools, users can check what approvals they have made and revoke them.
2.4.2 Projects Comparison
Chains Supported
Projects Background: No other information was available.
Comprehensive Review: Tools of this kind are homogeneous. The more chains are supported, the more convenient to use.
Harpie, website: https://harpie.io/
Function: The transaction of assets
Chain Supported: Ethereum
Project Background: In late September 2022, Harpie closed a $4.5 million seed round of funding led by Dragonfly Capital, Coinbase Ventures and OpenSea.
MistTrack: website: https://misttrack.io/
Function: Analyze related transaction, money flow and other on-chain information of the target wallet address, comprehensively assess address risks, and also monitor an address to obtain status change information.
Scenario: Users can analyze their addresses to check whether they have interacted with risky addresses and analyze potential security risks. After property loss happens, users can utilize this tool to analyze the way of attacking and learn lessons from the loss.
Chains Supported: Ethereum, BSC, Polygon, Avalanche, Tron, IoTeX
Project Background: This tool is a C-terminal security product launched by SlowMist Technology.
For newcomers to the Web3 world, it is very necessary to install anti-phishing wallet plug-in, which can make the newcomers fully aware of the potential risks and establish a good security awareness from the beginning. For these experienced users who are more familiar with the web3 world, before interacting with projects, they should also scan the risk of the project and calm down, to avoid unexpected loss. Finally, may we live safely in the Web3 Dark Forest and receive a full supply!
Author: @0xHankester
Web3 takes back the sovereignty of data and assets for users through blockchain technology, allowing them to manage their own information and property, while at the same time letting them into the dark forest. In Web3 World, where Code is Law, interacting with various smart contracts is a fundamental action for users, but ordinary users without a development background have difficulty identifying vulnerabilities embedded in malicious contract code and are vulnerable to loss of property.
Faulty Approvals: Users often need to sign to authorise smart contracts when interacting with dapps, and some malicious addresses would initiate authorisation requests to transfer users' assets, which will lead to users' property loss if users click the approve button.
Changable Mechanism: contract developers can change the token mechanism through a range of means, such as adding, destroying and changing transaction taxes.
Pixie Contracts: Pixie contracts mean that when interacting with this kind of smart contract, users' buying and selling behaviour is restricted, commonly in the form of free buying and restrictions on selling.
To help users solve these issues above, we have compiled a list of the top 10 security tools to help Web3 users safeguard their assets and accounts. All of the tools below are free except for Harpie, which has a fixed fee of 0.01 ETH in the event of a recovery, and MistTrack, which requires a paid subscription after a one-month free trial period.
Go+ Security, website: https://gopluslabs.io/
StaySafu, website: https://app.staysafu.org/
Token Sniffer, website: https://tokensniffer.com/
2.1.1 Functions and Usage Scenarios
Function: Detects the risk of smart contracts addresses and quickly obtains a brief audit report.
Scenario: When interacting with a dApp or entering an address on dex to buy long-tail tokens, if you are not sure whether there are vulnerabilities or other risks in the smart contract, you can enter the address of the smart contract you want to interact with in the scanner of the above tools to see the risk detection results.
2.1.2 Projects comparison
Chains Supported
Security Capabilities
Project Background
Comprehensive Review
- Go+ Security: covers the largest number of public chains and more risk indicators, allowing for a more comprehensive understanding of potential risks.
- Tokensiffer: also has more metrics covered, and each metric has a detailed explanation, allowing for a deeper understanding of risk points.
- StaySafu: fewer risk indicators and only one chain BSC is supported.
Scam Sniffer, website: https://scamsniffer.io/
Pocket Universe, website: https://www.pocketuniverse.app/
2.2.1 Functions and Usage Scenarios
Function: After downloading and installing the plugin, when an interaction is initiated by connecting to the wallet, the security plugin will scan the interaction logic and inform the security scan result in a pop-up window, indicating the risk.
Scenario: Some phishing smart contracts will lead the user to approval signatures by means of airdrops etc. When the user receives an unfamiliar airdrop and wants to sell it, the interaction initiated will be recognised and the user will be informed of the risk level of the interaction.
2.2.2 Projects Comparison
Supported Wallets: MetaMask
Security Capabilities
Project Background
Comprehensive Review: this type of tool is more homogeneous. With the accumulation of users, this type of project can accumulate more risk data and improve security capabilities.
Forta, website:https://forta.org/
Function: Monitor smart contract address and wallet address states changes and send the states information to email, Slack, Discord and other messaging software.
Scenario: Users enter the address they want to monitor into Forta and leave a notification to get real-time on-chain information, rather than having to connect to a wallet to see a particular contract address states every time.
Chains Supported: Ethereum, Polygon, BSC, Avalanche, Optimism, Fantom, Arbitrum
Project Background: Forta was incubated by OpenZeppelin and it raised $23 million in funding in October 2021 led by A16z. Other investors included Coinbase Ventures, True Ventures, OpenZeppelin and others.
Revoke, website: https://revoke.cash/
Approved.zone, website: https://approved.zone/
2.4.1 Functions and Usage Scenarios
Function: View approvals' states of NFT and Token and revoke these approvals.
Scenario: Many phishing smart contracts will guide users to approve their signature through various scenarios. Some authorization may involve the transfer of property, and assets may be transferred away at any time. Through such tools, users can check what approvals they have made and revoke them.
2.4.2 Projects Comparison
Chains Supported
Projects Background: No other information was available.
Comprehensive Review: Tools of this kind are homogeneous. The more chains are supported, the more convenient to use.
Harpie, website: https://harpie.io/
Function: The transaction of assets
Chain Supported: Ethereum
Project Background: In late September 2022, Harpie closed a $4.5 million seed round of funding led by Dragonfly Capital, Coinbase Ventures and OpenSea.
MistTrack: website: https://misttrack.io/
Function: Analyze related transaction, money flow and other on-chain information of the target wallet address, comprehensively assess address risks, and also monitor an address to obtain status change information.
Scenario: Users can analyze their addresses to check whether they have interacted with risky addresses and analyze potential security risks. After property loss happens, users can utilize this tool to analyze the way of attacking and learn lessons from the loss.
Chains Supported: Ethereum, BSC, Polygon, Avalanche, Tron, IoTeX
Project Background: This tool is a C-terminal security product launched by SlowMist Technology.
For newcomers to the Web3 world, it is very necessary to install anti-phishing wallet plug-in, which can make the newcomers fully aware of the potential risks and establish a good security awareness from the beginning. For these experienced users who are more familiar with the web3 world, before interacting with projects, they should also scan the risk of the project and calm down, to avoid unexpected loss. Finally, may we live safely in the Web3 Dark Forest and receive a full supply!
No comments yet