Skip to content

The demonstration of a fake EIP2612 signature for stealing ERC20 tokens with Permit2

Notifications You must be signed in to change notification settings

sonkeydotcom/Permit-Phishing

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Permit-Phishing

This is the implementation of the fake signature scam that is potentially could be used by hackers to steal ERC20 tokens. Exclusivelly for my article: link (click)

This is only for educational purposes!!

Permit1

The first scam is the fake EIP2612 signature that is working with ERC20 tokens that have Permit functionality implemented in their smart-contract. Here's the full list of ERC20 tokens that could be stolen with that code: full list (click)

Permit2

This scam is created for the new Uniswap's smart-contract: Permit2 With the code you can find in permit2 folder, you can steal any ERC20 token that is approved to the Permit2 smart-contract

The implementation is really basic because it's a quick demo that I made for my article. However I think that scammers will create a much better solution in the near future.

Have any questions?

If you don't understand something about the implementation or how to run it on your own machine, go see the article or reach me out in telegram: @romanrakhlin

Hope you like this repo and my article. I would really appreciate if you leave a start on this repo!

About

The demonstration of a fake EIP2612 signature for stealing ERC20 tokens with Permit2

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 82.7%
  • HTML 17.3%