Recommendations to Enhance Security in the Cryptocurrency Wallet “Send” Process

Feature Requests
1

Description:
My name is William Bardwell and I recently lost over $48,000 when I initiated a Send crypto wallet transaction even though I used a crypto hardware device for security.

As a leading provider of cryptocurrency wallet services, your platform plays a pivotal role in ensuring the safety and security of users’ digital assets. Considering the growing concerns about fraudulent transactions, user errors i.e.) copy/paste, and malicious activities, I am writing to suggest a few measures in priority order that could significantly improve the security of the “Send” process within your wallet application.

Vendors can improve the guardrails of their crypto wallet Send process by:

  • Including a warning message to be displayed along with the final Send confirmation message such as “Please ensure the accuracy of the SEND address since money transfers are irreversible. For large transactions, it is highly recommended that a test transaction for a small monetary amount be Sent and verified prior to initiating the final transaction”.
  • Allowing users to select the following, recommended security option: if the Send transaction amount is greater than, for example, $1000.00, first Send a test transaction for $50, for example, prior to proceeding with the Send for the remaining transaction amount. In this case, you would ask the user to verify that the $50 transaction was received by the Send address prior to proceeding with the final Send transaction.
  • Posting confirmation email messages to users following all Send, Receive and other transactions.
  • Displaying warnings for addresses with invalid checksum values, reducing the risk of typos or malicious modifications.
  • Providing warnings when users attempt to send funds to addresses associated with known scams or high-risk activities.
  • Allowing users to approve and save trusted addresses for frequent transactions.
  • Providing users with clear, accessible instructions for reporting suspicious activity or errors during transactions.

Conclusion

Implementing these measures, particularly the “top 3”, can significantly reduce the risks associated with sending cryptocurrency and reinforce user trust in your platform. As the cryptocurrency space continues to evolve, security will remain a critical factor in user adoption and retention. I am confident that these recommendations, if adopted, will further enhance your standing as a trusted leader in the crypto wallet industry.

Thank you for your time and for considering these suggestions. I would be happy to discuss these ideas further or provide additional insights.

Sincerely,

William E. Bardwell, MBA, Software Developer

Purpose:
Recommendations to Enhance Security in the Cryptocurrency Wallet “Send” Process

Extension/Mobile/Both:
Both

Images/Attachments:

2

Thank you for your feature request :slight_smile:

This is a public forum, so it is best not to share your full name here, especially when also mentioning the amount of crypto that you have lost.

1 Like
3

I definitely agree with you. It’s actually shocking that MetaMask still hasn’t secured their wallets enough against hackers, sweeperbots etc.

My solution is to add extra confirmation(s) when depositting and especially(!) withdrawings. When withdrawing tokens, you receive an email or SMS with a code that must be entered before the tokens are sent. Or just use an authenticator such as Google.

With this you’ll help thousands if not hundred of thousands. The sweeperbot cannot withdraw anything without the code you’ll receive in your email or SMS. Other platforms already have this such as Binance and KuCoin.

A simple addition with a significant impact. Hope MetaMask will do something with it.