TokenPocketWhat is Permit2? - The model, advantages, and Possible risks.
About Permit2Uniswap has just released a new token approval standard, Permit2, which differs from the traditional ERC20 and EIP-2612. Permit2 allows users to avoid the need for a chain-level “approve” operation before interacting with different DApps, allowing the DApp protocol to first acquire your token approval. According to the description, the new Permit2 protocol has the advantages of saving gas, allowing for batch operations of approval/transfers and being more flexible than traditiona...
TokenPocketCreate/Import MultiSig wallet on TokenPocket Browser Extension!
About MultiSig wallet:Corresponding to the multi-signature wallet is the single-signature wallet. If we want to conduct a transfer operation on the blockchain, we need to generate a signature with the wallet. We sign and send the transaction out. This is the way for a typical single-signature wallet and it is also for our usual wallet. A multi-signature wallet, as the name suggests, is a wallet that requires multiple people to sign in to perform an operation. Transferring with a multi-signatu...
TokenPocketWhat is TRON Multi-Signature wallet?
“Hey, I have the 12 Secret Recovery Phrases, but I don’t know how to get TRX. Can you please help me to withdraw 10k USDT and then I will give you 5k USDT? ” “Here are my phrases: THIS IS DEFINITELY THE TRON MULTI SIGNATURE SCAM DO NOT BELIEVE IT.” So, maybe you are interested in these phrases and you are trying to import them into your TokenPocket APP, right? LOL! Please be aware of this TRON Multi-Signature SCAM!What’s the difference between a single-signature wallet and a multi-signature w...
TokenPocket is the world's leading multi-chain self-custodial wallet, which supports most mainstream public chains.
TokenPocketWhat is Permit2? - The model, advantages, and Possible risks.
About Permit2Uniswap has just released a new token approval standard, Permit2, which differs from the traditional ERC20 and EIP-2612. Permit2 allows users to avoid the need for a chain-level “approve” operation before interacting with different DApps, allowing the DApp protocol to first acquire your token approval. According to the description, the new Permit2 protocol has the advantages of saving gas, allowing for batch operations of approval/transfers and being more flexible than traditiona...
TokenPocketCreate/Import MultiSig wallet on TokenPocket Browser Extension!
About MultiSig wallet:Corresponding to the multi-signature wallet is the single-signature wallet. If we want to conduct a transfer operation on the blockchain, we need to generate a signature with the wallet. We sign and send the transaction out. This is the way for a typical single-signature wallet and it is also for our usual wallet. A multi-signature wallet, as the name suggests, is a wallet that requires multiple people to sign in to perform an operation. Transferring with a multi-signatu...
TokenPocketWhat is TRON Multi-Signature wallet?
“Hey, I have the 12 Secret Recovery Phrases, but I don’t know how to get TRX. Can you please help me to withdraw 10k USDT and then I will give you 5k USDT? ” “Here are my phrases: THIS IS DEFINITELY THE TRON MULTI SIGNATURE SCAM DO NOT BELIEVE IT.” So, maybe you are interested in these phrases and you are trying to import them into your TokenPocket APP, right? LOL! Please be aware of this TRON Multi-Signature SCAM!What’s the difference between a single-signature wallet and a multi-signature w...
TokenPocket is the world's leading multi-chain self-custodial wallet, which supports most mainstream public chains.
Share Dialog
Share Dialog
Subscribe to TokenPocket
Subscribe to TokenPocket
Tron multi-signature is generally divided into active multisig and passive multisig. Active multisig is a measure to set up multisig wallets by users and strengthen asset safety. Passive multisig refers to multi-sig operations that users do not intend to perform.
We have compiled the following scenarios that may lead to multisig,
Set multisig by users, the managers need to sign to execute the operation. The third party gets your secret recovery phrase or private key to set your wallet as the multisig wallet. Get the secret recovery phrase or private key, which was set as the multisig wallet from the internet. Access the unknown-source malicious link, and signed to complete the authority upgrade.
After the creation of the wallet address, the default signature setting is single-sig, which can perform any on-chain operation, if the address is multi-sig, it must be executed by users or the third party who get your secret recovery phrase or private key.
TRON’s multiple signature mechanism is a security measure that limits specific operations to be performed only with the mutual confirmation of multiple signers by setting thresholds and weights. In the multi-sig mechanism, the threshold refers to how many managers need to confirm before performing a specific operation. For example, if the threshold is 2, at least two managers are required to confirm a specific operation. The threshold can be set in the multi-contract and adjusted according to specific requirements. The weight refers to the weight of each manager, which determines the proportion of each manager in the multi-manager operation. For example, if the threshold is set to 2 and the weight of the two signatories is set to 1, a specific operation can take effect only after the confirmation of the two signatories with the weight of 1. The setting of weights needs to be set in the contract and must meet the requirement that the sum of the weights of all signatories equals the total weight.
By setting thresholds and weights, the TRON multisig mechanism can improve the security of the contract and prevent the contract from being tampered with by unauthorized operations or used by attackers for malicious operations.
Tron Authority Upgrade is different from the Approve. After approval, only the approved Token is affected. However, the upgrade of authority will lead to the change of the authority of the address, thus losing the management authority of the address.
Tron Authority Upgrade often happens in some use of the TRC20 deposit process, such as optimizing the price to buy fuel cards, and gift cards, using some verification code platform deposit. When the user uses the link they provide to deposit, it will call the malicious authority upgrade code, when the user directly confirms and enter the password to sign, the authority of the TRON wallet will be upgraded.
Jump to the wallet through the deposit entrance of the malicious website and open it. The payment address is the contract address of USDT. Click [Pay now], and it will remind you not to copy the address to transfer, this is to prevent the user to bypass the malicious code to execute the transfer.
Click [Pay now], and you can see the transaction details. You can see the information about the ongoing operations and possible risks.
Click the second arrow position, you can view the role and risk of the Authority Upgrade(Upgrade account permissions). If you ignore the risk and execute the confirm operation, it will lead to Authority Upgrade, and the wallet address will be maliciously signed. Then, you will see the reminders when you transfer.
The original intention of multisig is to protect users’ assets, but after being used by scammers, it becomes a tool to steal assets, so please stay alert and read the reminders on TokenPocket carefully!
If you meet similar fraudulent links, please send them to our email: service@tokenpocket.pro and report them. After verification, we will localize the links to prevent more TokenPocket users from scams!
Tron multi-signature is generally divided into active multisig and passive multisig. Active multisig is a measure to set up multisig wallets by users and strengthen asset safety. Passive multisig refers to multi-sig operations that users do not intend to perform.
We have compiled the following scenarios that may lead to multisig,
Set multisig by users, the managers need to sign to execute the operation. The third party gets your secret recovery phrase or private key to set your wallet as the multisig wallet. Get the secret recovery phrase or private key, which was set as the multisig wallet from the internet. Access the unknown-source malicious link, and signed to complete the authority upgrade.
After the creation of the wallet address, the default signature setting is single-sig, which can perform any on-chain operation, if the address is multi-sig, it must be executed by users or the third party who get your secret recovery phrase or private key.
TRON’s multiple signature mechanism is a security measure that limits specific operations to be performed only with the mutual confirmation of multiple signers by setting thresholds and weights. In the multi-sig mechanism, the threshold refers to how many managers need to confirm before performing a specific operation. For example, if the threshold is 2, at least two managers are required to confirm a specific operation. The threshold can be set in the multi-contract and adjusted according to specific requirements. The weight refers to the weight of each manager, which determines the proportion of each manager in the multi-manager operation. For example, if the threshold is set to 2 and the weight of the two signatories is set to 1, a specific operation can take effect only after the confirmation of the two signatories with the weight of 1. The setting of weights needs to be set in the contract and must meet the requirement that the sum of the weights of all signatories equals the total weight.
By setting thresholds and weights, the TRON multisig mechanism can improve the security of the contract and prevent the contract from being tampered with by unauthorized operations or used by attackers for malicious operations.
Tron Authority Upgrade is different from the Approve. After approval, only the approved Token is affected. However, the upgrade of authority will lead to the change of the authority of the address, thus losing the management authority of the address.
Tron Authority Upgrade often happens in some use of the TRC20 deposit process, such as optimizing the price to buy fuel cards, and gift cards, using some verification code platform deposit. When the user uses the link they provide to deposit, it will call the malicious authority upgrade code, when the user directly confirms and enter the password to sign, the authority of the TRON wallet will be upgraded.
Jump to the wallet through the deposit entrance of the malicious website and open it. The payment address is the contract address of USDT. Click [Pay now], and it will remind you not to copy the address to transfer, this is to prevent the user to bypass the malicious code to execute the transfer.
Click [Pay now], and you can see the transaction details. You can see the information about the ongoing operations and possible risks.
Click the second arrow position, you can view the role and risk of the Authority Upgrade(Upgrade account permissions). If you ignore the risk and execute the confirm operation, it will lead to Authority Upgrade, and the wallet address will be maliciously signed. Then, you will see the reminders when you transfer.
The original intention of multisig is to protect users’ assets, but after being used by scammers, it becomes a tool to steal assets, so please stay alert and read the reminders on TokenPocket carefully!
If you meet similar fraudulent links, please send them to our email: service@tokenpocket.pro and report them. After verification, we will localize the links to prevent more TokenPocket users from scams!
<100 subscribers
<100 subscribers
No activity yet