Basic Auditing of a Web3 Frontend
Verify the source before you click send on your precious funds
This post is too long for email, please open on the Substack site!
Another significant Web3 hack occurred this week with the ever popular Curve Finance getting their domain records tampered with and a false frontend put it up to steal user funds. This resulted in around half a million dollars being siphoned from users sending funds to an unexpected address that the hacker replaced their own wallet address with. Instead of adding liquidity to a pool your funds were now suddenly gone, whisked away through services such as Fixed Float to hide the attacker. While some of the money was recovered or frozen, it sill does not take the sting away from being cheated. In this article we will talk about methods to protect yourself from these attacks.