As a community, we’ve grown accustomed to hearing about yet another one of our friends getting hacked and losing their NFTs. We’ve seen community Discords being compromised, and we’ve seen malicious links getting passed around. As it so happens, most of these hacks occur at the smart contract level, and it comes from users (wait for it) not doing their due diligence! Let’s take a look at a new Metamask feature in development that hopes to protect users from signing over their NFTs.
The Current State of Affairs
First, let’s get the nitty gritty out of the way: Do products like Metamask and OpenSea have a responsibility to protect users’ assets? No. Security starts with you. Decentralization and the freedom that is afforded to all users can be a double-edge sword. We have to be the ones to take personal responsibility, remain vigilant, and protect ourselves against potential scams. We recently put together a piece on how to secure your NFTs, so you should go ahead and check it out.
That being said, do products like Metamask and OpenSea benefit from refining their systems so that they are as secure as possible and can alert users to potentially malicious actions? Yes! As more people come into our space, the products that ultimately win are those which are accessible. Mass adoption requires a frictionless experience, and we know based on the amount of people being scammed that there’s a huge gap in education and best practices when it comes to securing your assets.
A common way that scammers have been stealing NFTs has been by abusing the
setApprovalForAll function. One of the issues here is that users don’t really know what it is they’re signing or what permissions they’re granting. Last month KennedyBaird , a user within the Metamask community, brought up the same point and said that if we want users to come into our space, we need to do better.
He highlighted the current problem below:
As you can see in the UI above, Sending/Transferring ETH is much clearer than a
setApprovalForAll transaction which, theoretically, could be transferring just as much value depending on the NFTs a user is holding.
Working On Solutions
The proposal suggested by KennedyBaird involves creating clearer messages prior to the confirmation of a
As you can see, there are additional confirmation prompts with highlighted warnings. KennyBaird stated that a more prudent approach would be having the Confirm button act differently. So in practice:
- If transaction =
setApprovalForAll, the Confirm button is visually different from the normal blue Confirm button we usually see
- On first click, the user will see a pop-up message that the user is about to sign a
- The button is toggled to the normal blue Confirm button, and the second click will send the transaction as per normal
All of the above being taken into account, the proposal for the change received a lot of attention. It’s likely that the Metamask team saw it and got to work on a solution.
Now when a user is about to confirm a
setApprovalForAll transaction, it would look something like this:
You can read more about how the new feature will be handled here
We’re Getting Somewhere!
So is it a perfect change? No.
Will users likely still skip past all of this and still click the button anyways? Probably.
But it’s small changes like these that help protect users in the long-run. Just remember, if you take the time to learn how to secure your NFTs and protect yourself online, you can avoid the vast majority of scams that are out there.