Listen, my friend, there's a story that happened around Ethereum — you know, the very blockchain system that runs on a bunch of smart contracts and NFTs. They recently rolled out an update called Pectra, and it included one cool, seemingly cool feature — EIP-7702. This improvement allows a regular wallet to temporarily behave like a smart contract. In theory, it should have made life much easier.: For example, you can combine several actions into one transaction, pay the commission in another way, or set spending limits — isn't that convenient?
There's just one problem: hackers have started actively using it.
According to the cryptotrading company Wintermute, more than 80% of all EIP-7702 delegation leads to copies of the same malicious contract. They called him "CrimeEnjoyer" — he simply and effectively cleans wallets with leaked keys, and all the contents go to the hacker's address. And there are plenty of such copies of the contract.
Another company, Scam Sniffer, found a case where a person lost almost $150,000 through a batch transaction related to the Inferno Drainer service — this is such a fraudulent "custom-made" tool. And SlowMist, which deals with blockchain security, urges wallet developers to be more careful and show the user where and why he is delegating authority.
Now, attention: the problem is not so much in the EIP-7702 itself. According to security expert Taylor Monaghan, the main risk is the leakage of private keys. That is, if someone gets your private key, that's it, your funds are at risk. And the new feature just makes attacks more effective.
So, it turns out that Ethereum seems to make technology more accessible, but at the same time it substitutes its own users. The functions are becoming more powerful, and people's protection remains weak.
Well, I have a question for you: do you think it's worth updating wallets and trying new chips at all, if there is such a lottery with security?
