以最謙卑的眼看世界

I noticed a lot wallet drain scam happened. They usually use mint token or nft, and then transfer all your token or nft. So I read source code form some scam's mint website. It would scan your wallet first, and you think clicked mint for token but it call transfer or approve function,some even don't have smart contract.

web3.eth.sendTransaction({
from: walletAddress,
to: address,
value: web3.utils.toWei(amount, "ether"),
})

And website javascript encryption let you difficult to read it.

if you sign for mint, you would see the sing detail only mint fee and gas fee.

But if wallet drain scam mint, it would show transfer or approve detail message when sign.

So if you like enjoy web 3.0 world, you need check message detail when sign it.