Is it possible to add a type of flashbot functionality to MetaMask for wallets that are compromised by a sweeper bot? Flashbots are already being utilized, but I think this could be a significant step in helping wallets with sweeper bot issues.
For example, imagine you have claimable tokens on a website or dashboard of a new project. The idea is to add a security feature that, when you connect your wallet to the website, MetaMask prompts you to confirm that you actually want to claim these tokens (via 2FA or a similar mechanism). However, in the same pop-up notification, you could also have the option to directly transfer these tokens to another secure wallet. This way, the tokens never directly enter your wallet, preventing the sweeper bot from stealing them. You could for example add the wallet to your hacked wallet, the sweeperbot cannot hack the new one cause it doesn’t have the key phrase.
It’s essentially a flashbot-like method designed specifically for wallets that have a sweeper bot on their address. This allows you to bypass the sweeper bot and directly forward the claimed tokens to a safe address.
Users could fill out a form on MetaMask’s official website to enable this feature if their wallet has been compromised. This would not be a default feature but rather an opt-in solution. Even if MetaMask charged a small fee per transaction for using this method, the main goal would be ensuring that claimable tokens are securely transferred within a single block (or two blocks) to a safe address.
We cannot give hackers the opportunity to exploit these situations without consequences.