← Back to context

Comment by rkagerer

4 months ago

Thanks for spelling this out, the explanation makes a lot of sense.

You'd think they could at least show a blockie representing the contract, or reputational party who cryptographically vouched for it.

Sometimes you have the right contract, but an attacker is making you pass in different parameters than you think. The most popular hardware wallets don't help you with this; the Ledger Nano S for example just alerts you that you're passing some kind of data to the contract, so you're relying on your computer to show the details. This is a problem when, for example, you're interacting with a token or wallet contract, and you think you're telling it to transfer $ to Alice, but actually it's $$$$ to Bob.

But there are better options with larger screens, which actually display contract parameters on the secure device.