Key Points:
According to a blog post published yesterday, Phantom will provide users with necessary information when they interact with decentralized apps (dApps) that adhere to certain security standards for Solana and Ethereum crypto users, such as Sign In With X (CAIP-122) and Sign In With Ethereum (EIP-4361).
By signing a message, these standards enable crypto accounts to securely authenticate with off-chain services. The new feature is an optional addition to Phantom’s range of security services that dApps can choose at their discretion.
Phantom will send a warning to users if a dApp implements a SIW format but contains invalid fields. To prevent signature replay attacks, the wallet will display pop-up fields that request information such as the domain name of the site and the nonce. These types of attacks can occur when an attacker intercepts a digital signature and then utilizes it to gain unauthorized access.
Digital signatures are intended to validate the legitimacy of transactions and messages, but if an attacker obtains one, they can circumvent the authentication procedure and potentially access sensitive data or steal assets.
The decision was made in response to growing concern about the vulnerability of generic sign-in messages, which can be intercepted by phishing attacks. The “Sign In With” standards are designed to remove the confusion in evaluating if a user is vulnerable to such phishing attacks.
Phantom believes that the decentralized web ecosystem will eventually fully embrace SIW standards as a chain-agnostic solution for generic sign-in messages and an alternative to centralized identity providers.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Thana
Coincu News
The SEC is reportedly fast-tracking approval for spot Ethereum ETFs, which would allow ETFs to…
Decentralized social protocol Farcaster raises $150m in a funding round. The funds will help grow…
The SEC is likely to approve listing spot Ethereum ETFs as the SEC asked Nasdaq…
ZkSync token generation will be launched soon, with an airdrop anticipated around June 13.
Majuro, Marshall Islands, May 21st, 2024, ChainwireMultipool, a leading innovator in the blockchain and cryptocurrency…
Grayscale has submitted an updated 19b-4 form for Grayscale Ethereum Mini Trust.
This website uses cookies.