It's a common misconception that just simulating transactions will keep you safe from losing your crypto!

Simulation only works for transactions, not for signatures. Most attacks these days are happening through Seaport signatures and it will only get worse with Uniswap permit2.

co-founder stelo.com. theoretical cs phd dropout. into math, music, ml, macro, markets, surfing, writing amandhesi.net

Signatures should have explicit domain field as in siwe 

Then wallets can show warning if there’s mismatch

Cofounder thred.ai | prev. skywatcher (acq.) artathecanadian.twitter

I think wallets should definitely be keeping tabs on signatures and displaying active ones to users to mitigate this

Bias Research Ltd. • Okaos Magick Druglord (OMD) •
De-di-designer, autodidact. 🗿 • /antimeme

I don't think you can blame seaport solely. Gasless signatures is where the whole space seems to be moving with erc20 permit and uniswap permit2

If it’s seaport that’s a main cause, then the solution is to abandon ship on OpenSea once in for all.

Risk @Stripe prev: wallets @bitski, search @airbnb | https://www.castsense.xyz/ 

💯is bitski working on this? we're happy to help

tablestakes for wallets to explain whatever you’re doing (transactions/ signature) and flag suspicious patterns

1. use a cold-storage vault for all valuable assets
2. revoke open approvals using revoke.cash
3. use stelo or one of the other browser extensions (personally i'd only consider ones that are open source)

advice for how to stay safe? (besides using stelo)