🛡 Protect yourself from crypto scams online

Related tags

Learning resource ethereum browser-extension allowance
Overview

Revoke.cash Browser Extension

In many cases, phishing websites try to make you sign a token allowance while they pretend to be an NFT mint or other legitimate use cases. When these phishing scams happen, it is recommended to use the Revoke.cash website to mitigate the damage, but it is even better to prevent the scam in the first place.

This is where the Revoke.cash Browser Extension comes in. The extension pops up whenever you are about to sign an allowance and will inform you of the allowance details. This can help you prevent signing malicious allowances.

The extension also informs you when you are about to list an item for sale on OpenSea (outside of expected websites such as OpenSea, Genie and Gem), as this is also a common scam. These warnings can be configured in the extension settings.

The Revoke.cash browser extension works with every EVM-based network such as Ethereum, Avalanche or Polygon.

Development

Prerequisites

Contributing to the Revoke.cash extension requires Node.js v16+ and Yarn.

Running locally

To continuously build the application using webpack you can run yarn dev:chrome or yarn dev:firefox. This will make sure that the dist/ directory is always up to date. From there you can import the generated directory into your browser (e.g. through chrome://extensions).

Building for publication

To build and package the extension for publication you can run yarn build && yarn zip. This will generate zip files for every supported platform that can be submitted to their respective extension stores.

Credits

The Revoke.cash browser extension was created by Rosco Kalis after discussing the idea with Merwane Drai and Dries Steenberghe while working on Chaingrep in 2022.

Comments
  • 🙌 Wrong warning message when listing on unemeta.com

    🙌 Wrong warning message when listing on unemeta.com

    Our website is not in AllowList, and, our nft listing logic matched this code, It causes the error message displayed on ui, which makes users feel quite confused. I also check this #12, Hope to add support for unemeta.com

    image
    opened by 3lang3 4
  • Not working correctly on Unstoppable Auth login page

    Not working correctly on Unstoppable Auth login page

    When trying to connect wallet on Unstoppable Domains Auth Dashboard, Revoke pops up, then Metamask pops up, and we are able to log the result in the extension code. But for some reason the page doesn't do anything with that result. When disabling the extension, that website works again. Relevant: they use the deprecated ethereum.send(method, args) method.

    https://dashboard.auth.unstoppabledomains.com/

    opened by rkalis 1
  • Fix non-persistent background script

    Fix non-persistent background script

    In Manifest v2 it was possible to have a persistent background script. With Manifest v3 that's not possible any more, so we'll have to resort to dirty hacks.

    https://stackoverflow.com/questions/66618136/persistent-service-worker-in-chrome-extension

    opened by rkalis 1
  • Show a popup when the page tries to circumvent the extension

    Show a popup when the page tries to circumvent the extension

    If they communicate with Metamask through means outside of the regular window.ethereum flow, they might not get a popup. But we should be able to detect when this happens by snooping on Metamask's extension messaging.

    opened by rkalis 1
  • Restructure entire repo

    Restructure entire repo

    • Restructure utils.ts into separate files
    • Merge all confirm_xxx.tsx pages into one confirm.tsx page
    • Move async fetches (e.g. token data) client side so popup is snappier
    • Add full typings for all previously any types
    • Make code DRYer
    opened by rkalis 0
  • Move allowlist checks to background script

    Move allowlist checks to background script

    In general I want all the complex logic to happen in the background script so it's easier to understand what is happening. So allowlist checks should be included in that. This means that we need to pass hostname from the content-script to the background script.

    opened by rkalis 0
  • Fix issues when multiple extensions and/or wallets are installed

    Fix issues when multiple extensions and/or wallets are installed

    Combinations that have been tested and are fully working as of v0.2.6:

    • Revoke.cash + MetaMask + Rabby (+ Pocket Universe)
    • Revoke.cash + MetaMask + Tally Ho
    • Revoke.cash + MetaMask + Coinbase Wallet
    • Revoke.cash + MetaMask + Liquality
    • Revoke.cash + Brave Wallet + MetaMask
    • Revoke.cash + Frame (+ Pocket Universe)
    • Revoke.cash + Frame + Coinbase Wallet

    Combinations that are not working as of v0.2.6 (unrelated to Revoke.cash):

    • MetaMask + Frame (Cannot connect to MM, issue likely on Frame's side)
    • Tally Ho + Rabby (Nothing works, issue likely on Tally Ho's side - maybe on Rabby's side)
    • MetaMask + Rabby + Pocket Universe (When switched to MM, no popups, when switched to Rabby, throws error when using sendAsync, issue likely on PU's side)
    • MetaMask + Tally Ho + Pocket Universe (Nothing works, issue likely on PU's side)
    • MetaMask + Coinbase Wallet + Pocket Universe (When connected to MM, PU pops up twice, issue on PU's side)
    opened by rkalis 1
Releases(v0.3.4)
Owner
Revoke.cash
Revoke.cash
GitHub https://revoke.cash/extension
This repo was made to bring to light all discord scams, and show how to tell if you are being scammed and how to remove malware from scams

DMV (Discord Malware Variants) is a repository made to bring light to harmful programs used by bad actors in order to steal sensitive information from

opsec-bot 26 Sep 5, 2022
Decentralized Social Network Money Frauds/Scams including BitClout, Twetch, Steemit, PeakD

Decentralized Social Network Money Frauds and DAOs: BitClout, Twetch, PeakD, Steemit ... Updates 4/29/2021 https://www.coindesk.com/wyoming-dao-llc-la

Scott Stirling 29 Nov 27, 2022
Hasbik is a community based social token and the new paradigm in the crypto space. With the goal to build a community around a crypto token.

Hasbik is a community based social token and the new paradigm in the crypto space. With the goal to build a community around a crypto token.

null 2 Jan 5, 2022
Crypto-tracker - Get crypto currency data in one click. Followed by a few more clicks.

https://crypto-tracker-ayaanzaveri08.vercel.app/ Crypto Tracker Crypto Tracker tracks crypto with the CoinGecko API. This app uses the React framework

Ayaan Zaveri 0 Apr 30, 2022
🌈 Put a date and a crypto, optionally a quantity of that crypto, to see how much has augmented/increased in dollars & percentage

crypif Put a date and a crypto, optionally a quantity of that crypto, to see how much has augmented/increased in dollars & percentage Figma I still ha

Eliaz Bobadilla 8 Apr 4, 2022
A list of helpful front-end related questions you can use to interview potential candidates, test yourself or completely ignore.

Front-end Developer Interview Questions This repository contains a number of front-end interview questions that can be used when vetting potential can

H5BP 56.1k Jan 4, 2023
Google meet re-joiner when you can't rejoin yourself.

Doreamon(BETA) Product Demo Auto meeting re-joiner for google meet. Supports Google Chrome Opera Edge(not tested) Firefox Installation Guidelines: Ins

Muneeb Ur Rehman 4 Jun 14, 2021
Market Watcher - a blog where you can inform yourself about the latest economic-related news

Market Watcher - a blog where you can inform yourself about the latest economic-related news

Adrien 4 Aug 5, 2022
A lightweight extension to automatically detect and provide verbose warnings for embedded iframe elements in order to protect against Browser-In-The-Browser (BITB) attacks.

Enhanced iFrame Protection - Browser Extension Enhanced iFrame Protection (EIP) is a lightweight extension to automatically detect and provide verbose

odacavo 16 Dec 24, 2022
Adds a notification to hydrate yourself!

Water Break This plugin simply puts a notification in the upper-left of the window. This will alert you to drink some water! Install ipm install water

Andrew Burke 6 Sep 24, 2022
A self-hosted eBooks Library for your family or yourself.

What is BookStairs? BookStairs is an open-source personal EPUB library which was highly inspired by talebook, calibre-web and BookBrowser. It's design

BookStairs 5 Dec 29, 2022
Detect F12 open console, protect web static resources, support redirect, rewrite, callback strategies.

console-ban Detect F12 open browser console. protect web site static resources, support redirect, rewrite, custom callback strategies. Language: Engli

Yingci 623 Dec 26, 2022
🔐 Protect your Smart Contract Proxy from storage collisions upon upgrading, by running this action in a CI on each of your Pull Requests!

?? ??️ Foundry Storage Upgrade Seatbelt Protect your Smart Contract Proxy from storage collisions upon upgrading, by running this action in a CI on ea

Romain Milon 11 Dec 24, 2022
A chat logs online saver for discord bots to save messages history & cleared messages online

Chat Logs NPM package that saves messages online to view it later Useful for bots where users can save messages history & cleared messages online Supp

TARIQ 8 Dec 28, 2022
A super simple and lightweight API to get crypto token live information.

TokenStats ?? ?? A super simple and lightweight API to get crypto token live information. APP URL https://tokenstats.herokuapp.com/ Quick Start To get

Abdulfatai Suleiman 21 Jun 28, 2022
🪙💬 Update a gist to contain a crypto price

crypto-box Update a pinned gist to contain a crypto price ?? ✨ For more pinned-gist projects like this one, check out: matchai/awesome-pinned-gists Se

Austen Stone 3 Nov 30, 2022
Pay Creators to Promote your Product in $CRYPTO

Next.js + Tailwind CSS Example This example shows how to use Tailwind CSS (v3.0) with Next.js. It follows the steps outlined in the official Tailwind

Satyam Kulkarni 1 Feb 7, 2022
An api named Crypto Versus, a multiplayer versus hacking simulator. Project still in the making!

Crypto Versus A Multiplayer Versus Hacking Simulation Inspired by the Steam game Bitburner Table of content Possible ouputs for all endpoints routes /

null 3 Jan 29, 2022
JavaScript library of crypto standards.

crypto-js JavaScript library of crypto standards. Node.js (Install) Requirements: Node.js npm (Node.js package manager) npm install crypto-js Usage ES

Brix 13.8k Jan 1, 2023