Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable eth_sign by default #17491

Closed
holantonela opened this issue Jan 30, 2023 · 0 comments · Fixed by #17308
Closed

Disable eth_sign by default #17491

holantonela opened this issue Jan 30, 2023 · 0 comments · Fixed by #17308
Assignees
@409H
Labels
area-signatures team-confirmations-secure-ux DEPRECATED: please use "team-confirmations" label instead type-security

Comments

@holantonela
Copy link

holantonela commented Jan 30, 2023
edited
Loading

Background

After looking at various phishing kits (and de-obfuscating), there are enormous trends between different kits that they all abuse eth_sign to ask users to inadvertently sign a transaction (as MetaMask UI is opaque to an on-chain transaction being signed). You can read more about the attack here.

@409H'd estimate that the abuse of eth_sign is near equal to the abuse of Wyvern and Seaport contracts in a manner to steal NFTs through creating orders for 0 eth to a specific beneficiary.

In short: eth_sign has been consistently abused by phishers/scammers to steal funds and the case may be that only power-users who use very legacy dapps may need to still use eth_sign.

  • Disable eth_sign by default - throw an ethErrors.rpc.methodNotFound exception
  • Allow the user to enable eth_sign through "Advanced Settings"

RPC Method preferences are stored within rpcMethodPreferences in the store state, allow for us to develop this further if someone wants to lock down rpc calls into MetaMask.
@holantonela holantonela added type-security team-confirmations-secure-ux DEPRECATED: please use "team-confirmations" label instead labels Jan 30, 2023
@holantonela holantonela changed the title Disable _eth_sign_ by default Disable eth_sign by default Jan 30, 2023
@holantonela holantonela mentioned this issue Jan 30, 2023
Merged
8 tasks
@holantonela holantonela linked a pull request Jan 30, 2023 that will close this issue
Disable eth_sign by default, allow users to toggle it back on #17308
Merged
8 tasks
This was referenced Feb 9, 2023
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@409H 409H

Labels
area-signatures team-confirmations-secure-ux DEPRECATED: please use "team-confirmations" label instead type-security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Disable eth_sign by default, allow users to toggle it back on 409H/metamask-extension
3 participants
@409H @bschorchit @holantonela