DApp wallet security flaw grants smart contracts complete fund access

sign slippery wet caution

Crypto wallets firm ZenGo has developed a testnet to exhibit a common DApp wallet security flaw. According to an article published by the crypto wallets firm on March 23, this DApp wallet security flaw will accord full access to the user’s tokens reserved in the wallet.


According to ZenGo, almost all DApps have demonstrated the weakness that makes users unknowingly grant DApp smart contracts full power over their assets. To fully exhibit this weakness, the crypto wallets firm has created a public testnet that has a “rogue” token interchanging decentralized app called baDAPProve:


“As a result, if the DApp is vulnerable to a security issue or is rogue to begin with, attackers can abuse these highly excessive privileges to steal ALL of the DApp’s users holdings (in the approved tokens) without any further user consent. They can do so at any point in the future, even if the user no longer uses the DApp.”

DApp wallets security flaw demonstrated

When a DApp wallet user sanctions a distinct amount of FTR tokens on the system, baDAPProve clears out all the FTR tokens in the user’s wallet. The demo stresses the threats posed by the fragility of the wallets.


At the moment, ZenGo is developing a solution to this security threat. The DApp wallets security flaw was unearthed some years back, but ZenGo believes that the developers are not creating enough awareness of the dangers posed by the security flaw.


The crypto wallets provider pinpointed Opera, Imtoken and Trust wallet among the wallet providers who hesitate to caution users of the security flaw. Trust Wallet revealed it would revamp its network following a consultation by ZenGo.

Coinbase among firms that caution users

Furthermore, ZenGo discovered that Brave and Metamask wallets both issue users with advanced adjustments that regulate the amount accessible by DApps. On the other hand, Coinbase gives prior caution to users about the danger posed by the security flaw.


Arnold Kirimi

Arnold Kirimi

Arnold is a crypto and blockchain enthusiast. A communications expert with interest in hard-hitting journalism, he is always on the hunt for the latest events in the cryptocurrency world. He is inspired by what Bill Gates said, “Bitcoin is a technological tour de force.”

Related News

Hot Stories

How to Stake Spell Token: Earn up to 20% APY
Gala is announcing a partnership with Stick Figure Productions to distribute Four Down on the Blockchain
Ethereum price analysis: ETH briefly breaks $1,900, ready to retrace?
BlackRock launches spot BTC private trust
Solana price analysis: SOL shows slight declining dynamics at $43.5

Follow Us

Industry News

BlackRock launches spot BTC private trust
Tornado Cash few accounts unblocked as dYdX affirms it adhered to Treasury’s ban
Renbridge Used by Cybercriminals to Launder $540M by Chain Hopping
Hotbit halts trading activities on its platform
Coinbase records $1 billion loss in Q2