collectiblemarkethub
commented
2 weeks ago @409H can you help me?
Closed collectiblemarkethub closed 1 week ago
collectiblemarkethub
commented
2 weeks ago @409H can you help me?
collectiblemarkethub
commented
1 week ago @deshvin | @409H
I hope this message finds you well. I’m writing to follow up on the issue regarding my website, *.collectiblemarkethub.com, being flagged as illegitimate by your phishing detection system. I previously provided a detailed explanation of the situation and the steps I have taken to ensure that my site operates transparently and securely.
To recap:
Removed MetaMask Login: I have temporarily disabled the MetaMask login feature, leaving only the email and password login options available. Stopped Wallet Generation: I have ceased generating internal wallets for users to hold NFTs, with the option to transfer them to external wallets. Additionally, I requested clarification on whether it would be permissible to reinstate the MetaMask login for nonce verification and to continue generating internal wallets as part of my service.
I want to stress that this matter is extremely critical, as my platform is currently undergoing validation with payment processors. It is vital that this issue is resolved as soon as possible to avoid any potential disruptions that could negatively impact this process.
Could you please provide an update on the status of this review? If there are any additional steps I should take to resolve this matter, I would greatly appreciate your guidance.
Thank you for your prompt attention to this matter. I look forward to your response.
Best regards
AlexHerman1
commented
1 week ago does this site have any social media presence or other indicators of legitimacy?
collectiblemarkethub
commented
4 days ago We are launching right now, for now we have X and Discord.
You can see our Terms of Service
If you need any additional information you can request it.
collectiblemarkethub
commented
3 days ago Hi team, any news?
domain: *.collectiblemarkethub.com
I am writing to address the recent detection of my website as illegitimate by your phishing detection system. I want to clarify the situation and the steps I have taken to ensure my site operates transparently and securely.
Background: Login with MetaMask: Previously, my website offered a login with MetaMask feature. This feature was implemented solely to request a nonce, which would then be verified on the server to authenticate the user.
Wallet Generation: For users registering via Web3, I used to generate a wallet on the server and store the credentials securely. This wallet was intended to be a “wallet-of-my-website” where users could hold their NFTs. Users had the option to transfer these NFTs to an external wallet at any time.
NFT Services: My website offers a service where users can generate NFTs for a fee of $5, which can then be sent to any wallet of their choice.
Actions Taken: Removed MetaMask Login: To address the phishing alert, I have temporarily removed the MetaMask login option, leaving only the email and password login method available.
Stopped Wallet Generation: I have ceased generating wallets for users. Previously, this was done to provide users with a dedicated wallet within my platform for holding NFTs, which could then be transferred to an external wallet.
Clarifications and Questions: MetaMask Login: I would like to inquire whether it is permissible to reinstate the MetaMask login feature. The sole purpose of this feature is to obtain a nonce and verify it on the server for user authentication. This functionality is critical for users who prefer Web3 login.
Internal Wallet Generation: I would also like to ask if it is acceptable to continue generating wallets internally for users, as part of my service. These wallets would be part of my website, allowing users to hold NFTs temporarily, with the option to transfer them to their own external wallets.
Future Intentions: My immediate priority is to ensure compliance with all relevant guidelines, as I am undergoing validation with payment processors and want to avoid any irregularities. My business model revolves around generating NFTs for users and sending them to the wallet of their choice for a fee.
I have made the above changes to address the phishing detection, and I kindly request the removal of the false positive alert from my site. Please let me know if there are any additional steps I should take or if there are any specific guidelines I should follow to avoid such issues in the future.
Thank you for your time and assistance.