[en] The Ethereum blockchain enables the execution of so-called smart contracts. These are programs that facilitate the automated transfer of funds according to a given business logic without the participants requiring to trust one another. However, recently attackers started using smart contracts to lure users into traps by deploying contracts that pretend to give away funds but in fact contain hidden traps. This new type of scam is commonly referred to as honeypots. In this paper, we propose a system that aims to protect users from falling into these traps. The system consists of a plugin for MetaMask and a back-end service that continuously scans the Ethereum blockchain for honeypots. Whenever a user is about to perform a transaction through MetaMask, our plugin sends a request to the back-end and warns the user if the target contract is a honeypot.
Disciplines :
Computer science
Author, co-author :
FERREIRA TORRES, Christof ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
STEICHEN, Mathis ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
STATE, Radu ; University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT)
External co-authors :
no
Language :
English
Title :
Towards Usable Protection Against Honeypots
Publication date :
2020
Event name :
2nd IEEE International Conference on Blockchain and Cryptocurrency
Event date :
from 03-05-2020 to 06-05-2020
Main work title :
IEEE International Conference on Blockchain and Cryptocurrency, Toronto, Canada 3-6 May 2020