Emotion-Driven Investing
Diversification: Do not invest all funds in a single token or project. Diversifying investments can reduce overall risk and ensure that even if some investments fail, significant losses will not be incurred.
OKX Web3 Wallet Security Team: Rug pull incidents in on-chain projects are not uncommon, and users should be vigilant. For example:
1. Research project background: Before purchasing any tokens, thoroughly research the project. Understand the project’s vision, team members, whitepaper, roadmap, and other relevant information. Look for community discussions about the project to understand others’ perspectives.
2. Pay attention to warning signs: Some warning signs may indicate that a token is a scam or unreliable. For example, anonymous teams, exaggerated promises, lack of transparency, etc. If you notice any warning signs, it is best to remain cautious and avoid purchasing such tokens.
3. Use token scanning tools: Utilize token scanning features provided by OKX Web3 Wallet and other platforms. These tools analyze tokens from contract code, on-chain behavior, community feedback, and other aspects to detect potential scams.
4. Review contracts: On Ethereum or other smart contract platforms, you can review token contract code. Reviewing contracts can help determine the credibility of a token. Be cautious if the contract code contains suspicious logic or is not open-source.
5. Stay vigilant: Do not easily trust recommendations from strangers or promotional materials shared in communities. If a project makes overly optimistic promises, be skeptical and remain rational.
How users can prevent on-chain MEV attacks and avoid fund losses
GoPlus Security Team: To prevent fund losses from MEV (Miner Extractable Value) attacks, users can take the following detailed measures:
1. Use dedicated tools
• Anti-MEV feature: Users can enable the anti-MEV feature in their wallets and use specially designed transaction tools or plugins. These tools can identify and avoid potential MEV attacks, protecting users’ transactions from being exploited by miners and other attackers.
• Transaction protection services: Some platforms offer transaction protection services that can send users’ transactions in batches or obfuscate them to reduce the risk of MEV attacks. These services help users execute large transactions more securely.
2. Diversify transaction times:
• Avoid peak periods: Avoid conducting large transactions during peak trading hours when MEV attacks are more active. Peak periods are usually when the market is more volatile or significant news is released. Choosing low-volume trading times can effectively reduce the probability of being attacked.
• Scheduled transactions: Use the scheduled transaction feature to spread large transactions across multiple times to reduce the risk of exposure to MEV attacks.
3. Use privacy technologies:
• Privacy nodes: Users can send transactions to privacy nodes (such as Flashbots) to ensure that transactions are executed normally. Flashbots can send transactions directly to miners, bypassing public transaction pools to prevent MEV attacks. However, this method may result in slightly slower transaction confirmation speeds as transactions need to wait for block confirmation to verify their status.
• Transaction obfuscation: Use transaction obfuscation techniques to split transactions into multiple small transactions and send them mixed to increase transaction privacy and reduce the risk of attacks.
4. Diversify strategies:
• Diversify transactions: Do not concentrate all transactions at the same time or on the same platform. Diversifying risks reduces the likelihood of being targeted. By diversifying transactions, attackers find it challenging to predict and intercept all transactions, thereby reducing overall risk.
• Use multiple trading platforms: Utilize multiple trading platforms and tools to avoid conducting all transactions on a single platform, reducing the risk of centralized attacks.
5. Choose liquidity-rich trading pools:
• High liquidity pools: Try to select trading token pools with high liquidity and abundant LP (liquidity provider). This helps avoid slippage losses and MEV attacks caused by insufficient liquidity. High liquidity pools can absorb larger trading volumes, reducing the risk of manipulated trades.
• Review transaction depth: Before conducting transactions, check the depth of the trading pool and the liquidity situation of the trading pair to ensure smooth transactions and avoid significant price fluctuations.
6. Set reasonable slippage tolerance:
• Slippage protection: Set a reasonable slippage tolerance on the trading platform to prevent price deviations in transactions. Setting a too high slippage tolerance increases the risk of MEV attacks, while setting it too low may result in transaction failures. Adjust the slippage tolerance according to market conditions to achieve the best protection effect.
7. Continuously monitor and adjust strategies:
• Transaction monitoring: Continuously monitor your transaction activities to detect and address potential MEV attacks promptly. Use analytical tools and monitoring services to track transaction execution and market responses.
• Adjust strategies: Based on transaction monitoring results and market changes, promptly adjust transaction strategies and protection measures to ensure transactions remain secure.
OKX Web3 Wallet Security Team: We have distilled several key points, including:
1. Pay attention to transaction depth and set slippage: Monitor transaction depth, split large transactions into smaller ones, execute multiple times, and set slippage protection to reduce the risk of attacks.
2. Use privacy-protected nodes: Choose RBC nodes with privacy protection features to prevent transactions from being public, such as Flashbots’ privacy RPC nodes.
3. Choose trusted wallets and applications: Use reputable wallets and applications that provide MEV protection (such as the native DAPP of OKX Wallet) to avoid using unknown or unverified services.
In the event of a user’s wallet assets being stolen, how to remedy the situation?
GoPlus Security Team: Many users, upon discovering that their wallet assets have suddenly disappeared, often lack the experience or knowledge to handle the situation properly, leading to the potential loss of assets that could have been recovered. To help users take swift and correct action after their assets are stolen, here are key remedial measures:
Step One: Transfer remaining tokens in the wallet
• Create a new wallet: Immediately create a new wallet address, ensuring that the new wallet address and private key are secure and not leaked.
• Transfer assets: Quickly transfer the remaining tokens in the wallet to the newly created wallet to prevent further asset theft.
• Revoke authorization: Use authorization management tools to revoke all unnecessary smart contract authorizations in the old wallet, further protecting remaining assets.
• Use recovery tools: When necessary, use recovery tools and services to quickly recover losses. These services can help prioritize asset transfers to avoid hackers’ monitoring programs and the automatic transfer of assets requiring Gas.
Step Two: Identify the root cause of the theft
1. Check devices and accounts
• Device security check: Inspect the device used to access the wallet to ensure there is no malicious software, viruses, or spyware. Conduct a comprehensive scan using trusted antivirus software.
• Account security check: Check associated accounts, such as trading platforms, emails, etc., to ensure they have not been compromised by hackers.
2. Determine the theft reason
• Stolen private key: If the private key is stolen, hackers can gain full control of the wallet and transfer all assets. If an EVM wallet’s private key is leaked, hackers can transfer assets on multiple EVM-compatible chains. Check for signs of private key or mnemonic leakage, such as entering them on phishing websites.
• Deceived authorization: Check whether malicious smart contracts were authorized unknowingly. Use Etherscan or other blockchain explorers to view authorization history and identify abnormal authorizations.
• Malicious signatures: Confirm whether malicious transactions or information were signed. Particularly verify operations signed through DApps or other services for unidentified or suspicious signatures.
3. Review transaction records:
• Analyze transaction history: Use blockchain explorers (such as Etherscan, BscScan) to view the wallet’s transaction records and identify suspicious transactions and unclear fund movements.
• Collect evidence: Record detailed information about suspicious transactions, including transaction IDs, timestamps, counterparty addresses, etc., to provide evidence for subsequent reporting and investigation.
Step Three: Report and file a complaint
1. Report to the authorities
• Contact local law enforcement: Immediately contact local law enforcement agencies to report the wallet asset theft incident. Provide detailed transaction records and evidence to help authorities understand the case.
• Initiate an investigation: Fill out necessary forms and documents as requested by law enforcement to ensure the case is officially filed. Provide as many clues and evidence as possible to assist authorities in their investigation.
2. Maintain communication
• Regularly follow up: Stay in touch with law enforcement regularly to track the progress of the case and provide any new leads or information.
• Assist in the investigation: Actively cooperate with law enforcement’s investigative work, providing any necessary information and support.
Step Four: Seek assistance from professional security organizations and request relevant exchanges to freeze the stolen funds
1. Contact professional security organizations
• Professional assistance: Contact blockchain security companies or professional security organizations to request their help. Professional organizations can provide technical support to track and analyze the flow of stolen funds.
• Fund tracing: Utilize professional blockchain analysis tools to trace the flow of stolen funds, identify the exchanges where the funds were transferred, and the final receiving addresses.
2. Request exchanges to freeze funds
• Contact exchanges: Reach out to exchanges related to the flow of stolen funds, provide detailed transaction records and evidence, and request their cooperation in freezing the stolen funds.
• Provide evidence: Submit evidence such as the police report, transaction records, and analysis reports to exchanges to prove that the funds are stolen assets, and request their cooperation in freezing the funds.
• Follow-up: Maintain communication with exchanges, regularly follow up on the progress of freezing funds, ensuring the swift recovery of stolen assets.
OKX Web3 Wallet Security Team: When a blockchain user’s wallet assets are stolen, remedial measures may be limited due to the decentralized and immutable nature of the blockchain, making it challenging to reverse transactions once confirmed. Here are some possible remedial measures:
Immediate action
1. Analyze the theft reasons
• If authorized to a hacker’s address, immediately revoke authorization on the authorization platform.
• If a private key is leaked, conduct a comprehensive security check, identify the cause of the private key leak, reinstall the system, and change the wallet.
2. Asset recovery
• If there are remaining assets in the wallet or assets in DeFi projects, attempt asset recovery to minimize losses.
3. Trace fund movements
• Monitor fund movements with white hat hackers or security community members. If funds are traced to an exchange, request the freezing of the account.
Report to relevant authorities
1. Report the issue to wallet customer service
2. File a police report, reporting the theft incident to the authorities with all related information. This information can help users freeze exchange accounts if funds are traced to them.
Seek help from the blockchain community
1. Post announcements on blockchain social media platforms like Twitter to seek assistance in tracking and stopping the flow of stolen funds.
2. Offer rewards to incentivize white hat hackers or community members to help recover assets.
Prevention
1. Educate yourself through training and learning more about how to protect yourself from future attacks.
2. Use cold wallets to store the majority of assets offline.
3. Securely backup keys.
In conclusion, while the characteristics of blockchain technology make recovering stolen assets challenging, taking swift action and implementing various remedial measures can help minimize losses and mitigate future risks.
Finally, thank you for reading the 6th issue of the OKX Web3 Wallet “Security Special” column. We will summarize the content of the “Security Special” series in the final issue, featuring real cases, risk identification, and practical security operations. Stay tuned!
Disclaimer:
This article is for reference only and does not intend to provide (i) investment advice or recommendations; (ii) offers or solicitations to buy, sell, or hold digital assets; or (iii) financial, accounting, legal, or tax advice. Holding digital assets (including stablecoins and NFTs) involves high risks and may experience significant volatility, potentially resulting in worthlessness. You should carefully consider whether trading or holding digital assets is suitable for you based on your financial situation. Please take responsibility for understanding and complying with applicable local laws and regulations.
