AnishDe12020
commented
1 year ago A very basic implementation (#2557) but I am basically checking if the native amount in balanceChanges is greater than 30% of the the native amount available in the user's wallet and logging if it is dangerous or not
(lol i do have very less sol in my wallet)
In the final version, I plan to approach it like this -
- find the total value of the transaction (first multiply the amount of a token being transferred and multiply it with its price, then add up all these products for each token with a negative change)
- find the total value of the wallet in a similar way (i think this can be cached)
- check if the total value of the transaction is greater than 30% of the total value of the wallet
- if yes, then display the big red warning message and maybe disable the approve button for 3 seconds or make the user click approve twice or both
- if not, then it will stay like how approving a transaction works right now
Background: approved a scam transaction by mistake on Glow wallet yesterday (was on mobile, tired, didn't see the result of the transaction simulation and clicked approve), my wallet got drained. Yes it is my mistake but I have thought of a way to prevent (or at least lower the chances) of someone approving a scam transaction
So, Backpack already simulates the transactions, so what if we implement a check where backpack checks if a transaction can potentially drain a wallet (maybe, according to the simulation, all the tokens will be sent or even 30% of the wallet's worth is going to be sent). A big red warning message can then be shown to the user saying "triple-check the website and the transaction you are approving as the transaction may potentially drain your wallet". We can also add something like a dual confirmation for such transactions (alternatively disable the approve tx button for like 3 or 5 seconds so that the user actually gets a chance to see this message and looks at the tx simulation)