Bitcoin Forum>Other>Beginners & Help
Pages:
Author

Topic: Can scammers steal money using smart contracts? - page 2. (Read 341 times)

mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Re: Can scammers steal money using smart contracts?
December 18, 2021, 01:46:13 AM
#4
Quote from: pooya87 on December 18, 2021, 01:34:48 AM
It is worth mentioning that the protocol that is used to build the contract is important too. Some of them are very weak and have many security flaws that can potentially be exploited to steal money from unaware users. You have to be an expert to notice these things though.
DAO on Ethereum comes to mind when we talk about weak protocol and exploits.

This. @OP you better freakin what you're doing if you don't want to get burned. If you want to provide liquidity for the gainz, then you better know what you're using. If you think exchange hacks are bad, DeFi exploits are just as bad. (or probably even worse, because sometimes we don't know if the anonymous developers planted an exploit on purpose)

https://cryptosec.info/defi-hacks/
pooya87
legendary
Activity: 3472
Merit: 10611
Re: Can scammers steal money using smart contracts?
December 18, 2021, 01:34:48 AM
#3
Quote from: mk4 on December 18, 2021, 01:30:16 AM
As for testing the contract, you're highly more likely to be safe if you're executing the contracts through command line, and with you fully knowing what a certain contract actually does. But if you're executing through a front-end UI like a website, then there's not much you can do as far as I know.
It is worth mentioning that the protocol that is used to build the contract is important too. Some of them are very weak and have many security flaws that can potentially be exploited to steal money from unaware users. You have to be an expert to notice these things though.
DAO on Ethereum comes to mind when we talk about weak protocol and exploits.
mk4
legendary
Activity: 2870
Merit: 3873
Paldo.io 🤖
Re: Can scammers steal money using smart contracts?
December 18, 2021, 01:30:16 AM
#2
Quote from: btcrevolution on December 18, 2021, 12:27:14 AM
For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds?
Yes, they can. If you execute a contract without knowing that it was a scam site, then they can steal your funds.

Quote from: btcrevolution on December 18, 2021, 12:27:14 AM
If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?
Always make sure you're in the correct website. And if you're extra paranoid, always check the project's social media accounts so you're updated if there's a recent exploit or whatever.

Quote from: btcrevolution on December 18, 2021, 12:27:14 AM
For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds? If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?
They can, and not even just a specific trading pair.

As for testing the contract, you're highly more likely to be safe if you're executing the contracts through command line, and with you fully knowing what a certain contract actually does. But if you're executing through a front-end UI like a website, then there's not much you can do as far as I know.

Quote from: btcrevolution on December 18, 2021, 12:27:14 AM
On the other hand, what if scammers find exploit in some trusted smart contract which certified by Certik or organization like that? In that case can they steal only staked pairs or all money? How can I protect my wallet from scammers?
A project being audited by Certik or any other auditing company doesn't make a project hack-proof.
btcrevolution
newbie
Activity: 4
Merit: 2
Re: Can scammers steal money using smart contracts?
December 18, 2021, 12:27:14 AM
#1
For example, I accidentally open some scam site similar to Pancake and stake USDT/USDC there using a smart contract. Can scammers steal USDT, USDC and other tokens from my wallet? Can they use a contract which grants access to all my funds? If they can, how can I prevent stealing? Are there exist effective methods to test smart contracts?

On the other hand, what if scammers find exploit in some trusted smart contract which certified by Certik or organization like that? In that case can they steal only staked pairs or all money? How can I protect my wallet from scammers?

I use MetaMask as a hot wallet. This app is very popular and many scammers steal money from MetaMask. Sometimes they steal it without seed phrase, trojans, viruses etc. But users say that they sign some contracts and lose their funds.

Many thanks to all your answers, my crypto friends Smiley!
Pages:
Bitcoin Forum>Other>Beginners & Help
Jump to: