Closed doschott closed 2 years ago
We're in the same boat. You can check why your site is blocked here and both trinity.moe (my domain) and trinity.art (yours) are blocked for "similarity to dfinity.org, a historical phishing target". I think it's that all three sites match the regex ..inity\.*
or something.
Checking this out (as you can probably see from all my comments on related issues). Looks like dfinity.org was added to a list of domains for which to fuzzy-match to detect phishing in commit 045b1c5f569d6f5b35cb898d221e7f4618980830 from 2018.
This fuzzy matching works by stripping 'www.' from the domain being visited, removing the top-level domain, and calculating the Levenshtein distance between it and any of the domains on the "fuzzylist". The default tolerance is a Levenshtein distance of 3, so when sites are under the threshold PhishingDetector.check
will return { type: 'fuzzy', result: true, match }
.
The issue with dfinity.org
being added to the fuzzylist is that a number of words have a Levenshtein distance equal to or less than 3 from dfinity
. Just check a Scrabble word finder for any words that end in inity
and then look at the words at or under 8 characters. Not to mention words that don't yet exist that use the suffix -inity
.
Some issues that currently deal with this specific problem, besides the ones in which I commented a link to this issue, are:
But I'm sure there are many more.
commenting here in case it will speed up your process: we are processing PRs faster than we are processing Issues. If you'd like to streamline getting your domains on the allowlist
, a PR will go a long ways :)
cc @devenblake
I'll submit a PR sometime soon, when I have time. However further action should be taken as there are so many false positives for dfinity.
Continued in #6720.
When I visit my new website https://www.Trinity.art , the browser page "Ethereum Phishing Detection" comes up.
This is a new website that has no known issues and is simply a Global Christian Art Marketplace. Why is this site included in a phishing list? How can this be corrected? I accept crypto so I don't want all of the browsers with metamask to get this message when visiting www.trinity.art
Thank You, Daniel Schott