MetaMask Adding New Design to Help Prevent NFT Hacks and Scams
MetaMask is adding a new design feature that will make it more clear when a smart contract is asking for permission to access all of a wallet's NFTs, according to a recent github post.
The cryptocurrency and NFT software wallet company hopes this will lessen the total number of hacks and scams that result from user confusion.
The solution is not ideal, but it is being rushed out due to increased demand for security and safety following Bored Ape Yacht Club, PREMINT, and other NFT hacks and scams.
"I've further parameterized the confirm-approve component to provide specific verbiage for this method (both granting and revoking approval)," adonesky1 wrote on github. "This is not the way I would do it with more time, but the timeline has been compressed and there is some urgency to get something out there since this method is so commonly used."
The new design makes it more apparent that the contract is attempting to access all NFTs in a user's collection, rather than just one. Previously, the verbiage was small and easy to skip over. Now, that verbiage has been translated into common language and made bigger to become more noticable.