Wallet drainer killer
Dave
hey Brondo, thanks for sharing this idea! The truth is it's a bit more complicated than this. If you approve a mint site to transact with your wallet, then the damage is already done. The same goes with using a ledger device or any other wallet. Adding a 2nd factor of authentication "might" help more for local thefts, say if a device is compromised/lost/stolen.
We are def. working on adding more security features, and look forward to sharing them with you as they become available.
B
Brondo
Dave: Yeah. I hear you saying its “complicated”, but not impossible. It’s certainly possible. Its just how much do you want to put into it. It should not be possible to drain a entire wallet because you approve 1 transaction. This should be at the top of your list of things to fix. People have lost thousands of $$. Thanks anyway..
Dave
Brondo: So you're right it is possible to add 2fa like solutions into the wallet but the reality is it would not help with mint sites draining your wallet. Think of the wallet like the wallet in your pocket. If you buy something, hand the person $100 and then get home and realize you meant to give them $1, this is essentially the same thing. Phantom shows you what you will get in return for X amount of funds but if you consent to it, there is little more the wallet can do. Custody of your own assets requires additional responsibility to the user to not interact with bad actors.
All that said we have and continue to implement more features to protect users and provide them more information so they can make informed decisions before they consent to an interaction with a smart contract.
B
Brondo
Dave: Never mind, Dave. I will continue to use my ledger. Your completely wrong and your laziness is pissing me off.
Dave
Brondo: I understand your frustration but I just want you to understand, your ledger only helps protect you from device level attacks (malware, viruses, etc.). You wrote earlier: This would prevent fake mint sites from draining everything .
The truth is if you sign a transaction on a fake mint site with your ledger, you will lose everything on your ledger.
The good news is, we have transaction simulation which warns you what the transaction will do before you approve it. The point is, you have ultimate control over your funds, these protections won't help if you are willingly trying to interact and approve a nefarious transaction. 2FA doesn't help if you approve the transaction with the 2FA code. Hope this makes sense, and thanks again for being a Phantom user!
4Alpha2Hunt0
Seriously phatom LFG u got this !!!
Ento Saurus (Jan)
Very needed!