Dot.alert()
  • Welcome!
  • Content
    • 1.Acquisition
      • Existential Deposits
      • Address Formats
      • Transaction Explorers
    • 2.Storage
      • Seed/Secret Phrases
      • JSON Backups
      • Browser Extension Wallets
      • Mobile Wallets
      • Air-gapped Signers
      • Cold Storage Devices
      • Recovery Setups
      • Anti-phishing Features
    • 3.Operations
      • Bidding
        • Kappa Sigma Mu (KΣM) Membership
        • Parachain Slot Lease
      • Voting
        • Direct Democracy
        • Democracy Delegation
      • Crowdfunding
        • Treasury Spends
        • DAO Incubators
        • Initial DEX Offerings
      • Staking
        • Nominating
        • Validating
      • Swapping
        • Token Swaps
        • Portfolio Management
      • Borrowing
        • Collateralisation
        • Liquidation
      • Lending
        • Liquidity Provision
        • Derivatives Markets
      • NFT Trading
        • Data Management
        • Marketplace Activities
      • Auto-compounded Staking
      • LBP Listing
      • Gaming
        • Game Assets
        • Game Development
      • Community Building
        • Crypto Communities
        • Crypto Payments
      • Coretime Sales
    • 4.Support
      • Docs
      • GitHub
      • Polkassembly
      • Discord
      • Twitter
      • Reddit
      • Telegram
      • Youtube
      • Polkaverse
      • Grill
    • 5.Regulations
      • Networks
        • Infrastructure
        • Participation
        • Privacy
      • Platforms
        • Services
        • Licensing
        • Compliance
      • Investments
        • Issuance
        • Insurance
        • Taxation
  • Community
    • Careers
      • Blockchain education
      • Community building
      • Technical collaboration
    • Ebooks
      • On the DOT - First edition
      • On the DOT - Special edition
    • Blog
      • World of Web3
      • Working in Web3
      • Web3 Reports
  • About
    • Our Mission
    • Our Platform
  • Legal
    • Cookie Policy
    • Open Source License
Powered by GitBook
On this page
  • Polkadot Phishing Repository
  • Dapp Authorizations Management
  • Anti-phishing Libraries
  1. Content
  2. 2.Storage

Anti-phishing Features

Protecting your assets across the Polkadot ecosystem with Polkadot-JS Anti-phishing features.

PreviousRecovery SetupsNext3.Operations

Last updated 28 days ago

This is a guest article from Tim Janssen, who is a member of the Polkadot Anti-Scam team.

As the popularity of cryptocurrencies continues to grow, so does the threat of phishing attacks. Phishing is a form of cyber attack where scammers try to trick users into giving up their sensitive information, such as , , or crypto-related credentials, by impersonating a legitimate entity. To combat this threat, the Polkadot-JS extension and other ecosystem wallets built on top of it have implemented several anti-phishing features. In this article, I will explain what these features are and how they can help protect your crypto.

Polkadot Phishing Repository

One of the key features of the Polkadot-JS extension is its implementation of the phishing repository. This feature is designed to detect and prevent phishing attacks by analyzing the website or application being accessed and comparing it to a list of known phishing sites and addresses. When a user attempts to visit a site or to an address on the blacklist, the extension will display a warning message, alerting the user of the potential danger.

The Polkadot-JS phishing repository is community-driven and maintained by the Polkadot Anti-scam team. This repository contains a list of known phishing sites and addresses, which is regularly updated to ensure that users are protected against the latest threats.

Dapp Authorizations Management

The Polkadot-JS extension allows users to manage these authorizations, giving them full control over which Dapps can access their wallet and for how long. This helps prevent unauthorized access to your wallet and reduces the risk of phishing attacks.

Anti-phishing Libraries

The anti-phishing library is a JSON file hosted in an open source public GitHub repository. Any junior developer on their first day can easily integrate the code with an import request using python.

Several wallets that are built on top of the Polkadot-JS extension and have integrated these anti-phishing libraries. Among these wallets are Talisman, Subwallet, Nova wallet, and Fearless wallet.

Another important anti-phishing feature of the Polkadot-JS extension is its ability to manage Dapp authorizations. A Dapp, or decentralized application, is a type of software that runs on a blockchain network. To interact with a Dapp, users need to give it permission to access their wallet and read their account information such , tokens, balances, etc.

addresses
Seed/Secret phrases
JSON backup files
send crypto
Information about how to contribute to anti-phishing initiatives in the Polkadot ecosystem.
Key steps for supporting Polkadot anti-phishing initiatives.
A list of reported scams on Polkadot Phishing website.
The website logs all reported dishonest platforms.
Polkadot Phishing