Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Address poisoning attack: Label unverified token transactions in TX detail #8434

Closed
mnuky opened this issue May 11, 2023 · 3 comments · Fixed by #11318
Closed

Address poisoning attack: Label unverified token transactions in TX detail #8434

mnuky opened this issue May 11, 2023 · 3 comments · Fixed by #11318
Assignees
@PeKne
Labels
mobile Suite Lite issues and PRs release-native Has to be included in the upcoming release.

Comments

@mnuky
Copy link

mnuky commented May 11, 2023

Related to preventions done by Desktop Suite: #8119

BACKGROUND
Related to #7278

Scammers employ a similar logic to that of zero-value transactions by utilizing unverified tokens that hold no fiat value but still carry a positive number of units in the transaction.

Example of the token: https://etherscan.io/token/0x8744dab2fa43055130a85c70d6b0676a82ae4704
Transaction example: https://etherscan.io/tx/0xfd7788d4ac55a9b1024d39a5d124f9e2012fc2dca197daa10c12e178d50b26ec

PROPOSED CHANGES
Check the token contract address against Ethereum definitions
If the contract address is not in Ethereum definitions label tx in the tx history
Design remains as it is
@mnuky mnuky converted this from a draft issue May 11, 2023
@mnuky mnuky added the mobile Suite Lite issues and PRs label May 11, 2023
@mnuky mnuky removed this from Issues Suite May 11, 2023
@mnuky mnuky moved this to 🎯 To do in Suite Mobile Jul 10, 2023
@mnuky mnuky removed the status in Suite Mobile Dec 21, 2023
@mnuky mnuky self-assigned this Jan 12, 2024
@sime
Copy link
Contributor

sime commented Feb 20, 2024

@matejkriz Do we have the logic on mobile for this detection?

@vytick
Copy link
Contributor

vytick commented Feb 20, 2024

@sime We utilise isZeroValuePhishing from suite-common for txn labeling. Afaik nothing else

@sime sime moved this to 🎯 To do in Suite Mobile Feb 20, 2024
@matejkriz
Copy link
Member

This is about integrating tokens definitions redux from this #10034 to suite-native and replacing isZeroValuPhishing by more general isPhishingTransaction.

@matejkriz matejkriz assigned PeKne and unassigned mnuky Feb 21, 2024
@matejkriz matejkriz added the release-native Has to be included in the upcoming release. label Feb 21, 2024
@PeKne PeKne moved this from 🎯 To do to 🏃‍♀️ In progress in Suite Mobile Feb 21, 2024
PeKne added a commit that referenced this issue Feb 22, 2024
@PeKne
feat(suite-native): token definitions state
b57687f 
Closes #8434
@matejkriz matejkriz mentioned this issue Feb 22, 2024
Closed
PeKne added a commit that referenced this issue Feb 23, 2024
@PeKne
feat(suite-native): token definitions redux logic
01a5caa 
Closes #8434
@PeKne PeKne mentioned this issue Feb 23, 2024
Merged
@PeKne PeKne moved this from 🏃‍♀️ In progress to 🔎 Needs review in Suite Mobile Feb 23, 2024
PeKne added a commit that referenced this issue Feb 26, 2024
@PeKne
feat(suite-native): token definitions redux logic
ed01969 
Closes #8434
trezor-ci pushed a commit that referenced this issue Feb 27, 2024
@PeKne
feat(suite-native): token definitions redux logic
7b523ea 
Closes #8434
@github-project-automation github-project-automation bot moved this from 🔎 Needs review to 🤝 Needs QA in Suite Mobile Feb 27, 2024
PeKne added a commit that referenced this issue Feb 27, 2024
@PeKne
feat(suite-native): token definitions redux logic (#11318)
7e77f60 
Closes #8434
@bosomt bosomt moved this from 🤝 Needs QA to ✅ Approved in Suite Mobile Mar 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@PeKne PeKne

Labels
mobile Suite Lite issues and PRs release-native Has to be included in the upcoming release.
Projects
Suite Mobile
Status: ✅ Approved
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(suite-native): token definitions redux logic trezor/trezor-suite
5 participants
@sime @vytick @matejkriz @PeKne @mnuky