ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "The OpenSea NFT Phishing Hack"
Episode Synopsis
In the last few days about $1.7 million in NFTs were stolen from OpenSea users, and there is quite a bit of confusion about how it was done.
In this episode I talk about a number of "design decisions" in the Ethereum space, and their security issues. These include: token approvals, off-chain signing, how NFT decentralized exchanges work, and there is a bit about phishing emails thrown in for good measure.
In summary, it doesn't look like OpenSea was to blame in this case, but just as we've been trying to hammer home the "don't share your seed phrase with anyone" security mantra, it appears that "take extra care when signing requests" needs to be emphasized too.
In this episode I talk about a number of "design decisions" in the Ethereum space, and their security issues. These include: token approvals, off-chain signing, how NFT decentralized exchanges work, and there is a bit about phishing emails thrown in for good measure.
In summary, it doesn't look like OpenSea was to blame in this case, but just as we've been trying to hammer home the "don't share your seed phrase with anyone" security mantra, it appears that "take extra care when signing requests" needs to be emphasized too.
More episodes of the podcast BlockchainGandalf
Computer security: more carrots, less sticks
11/08/2023
Xen and Sybil Attacks
19/10/2022
Revenue streams for P2E games
07/10/2022
The zeroth law of P2E games
07/10/2022
On the sustainability of P2E games
05/10/2022
Blockchains are not immutable
30/09/2022
Staking in Crypto
12/09/2022
Defining the Metaverse
12/09/2022
In God we trust