With the evolution of the web and finally tapping into the blockchain-powered web3 space, login methods have been evolving as well.
The wallet login is becoming more and more popular allowing users to interact with a whole lot of web 3.0 in one click.
If you are wondering whether your funds can somehow be stolen just by connecting your wallet?
The answer is: “It’s impossible”
First of all, when you connect your wallet you are only allowing the website to view your public wallet addresses and request actions from the wallet — actions that you, need to accept manually.
Connecting your wallet is a read-only access for the platform, they cannot interact with your funds in any way unless you give them permission to do so.
It is impossible for a website to access your funds unless you give approval.
Though, when you purposely send crypto assets to a smart contract there are risks.
The risks come from interacting with the contract( granting permissions and making transactions)
After granting access the smart contract will withdraw the necessary funds from your wallet and execute the transaction.
But if you grant the app permission to withdraw tokens and automate transactions for you, you are basically giving the smart contract permission to transfer tokens on your behalf.
Only grant authorizations to sites that are legitimate and trustworthy.
Also, some services have infinite approval options as default. So before you grant permission click edit permission and set a custom to spend limit.
Always edit permission to set a spending limit before approving a transaction
Token approvals are a common attack method for both hackers and scammers:
That is how the OpenSea users lost $1.7B worth of tokens in a phishing attack, where users signed orders without validating them.
That is why it’s a good idea to develop a habit of regularly checking your token approvals and revoking the unnecessary ones.
Head to the ‘approval checker’ section of the block explorer for the network you’re using. For example, Etherscan, BscScan, and Polygonscan.
And beware of fake extensions, applications, websites, e-mails, and forms that can be exact copies of the real platforms you are using.
- Secure (encrypted) connection
- Sign off on your activity
- Privacy & Anonymity
- One-click login
Platforms supporting wallet login:
Etherscan.io
opensea.io
time.com
sandbox.game
And many more
Along with the evolution of the digital space, more and more crypto and mainstream platforms will be shifting towards wallet logins. And as new methods get refined to become more user-friendly and smooth your wallet will probably automatically connect to a site whenever needed.
On Zoopr we are using web 3.0 login solely by establishing an encrypted connection with your wallet, without initiating any transactions or permission requests.
By connecting the wallet, Zoopr:
- Creates your Zoopr account
- Displays your transactional history
- Shows your portfolio
- Enables you to review your transactions
Security is our main priority on Zoopr. To keep the user’s identity, data and funds safe we are putting our best efforts into raising digital security awareness in our community.