[Security] Crypto Address Whitelisting

Crypto Address Whitelisting
(IP whitelisting might be useful too!)

If your phone is compromised, reduces chance of hackers being able to withdraw your funds.

Only allow sending to white listed addresses
Or outgoing transaction requests from certain IPs.

(To change address whitelist settings, require your password or even a hardware key like Yubikey)

Like or reply to this thread if you’d like to see this added!

Then why not just use a hardware cold wallet to completely prevent the private key from being connected to the Internet, but use a hot wallet where the private key may be stolen by hackers?
If your assets are not worth your protection with cold wallets, the loss of hot wallets will not be too great.


Well not everyone has a hardware wallet

Also some people use crypto actively such as defi users, so need to be able to sign transactions easily.

This extra security will just make hacker’s life harder and is a strong preventative measure already on centralised exchanges.


You might as well directly suggest that MM launch a cold wallet version, separate the hot and cold ends, and sign transactions through a QR code, which is safer than anything else.

This is because these people don’t think their digital assets are worth keeping safe with a few hundred dollars of equipment.
Or for newcomers to digital currency, they simply do not understand the difference between hot and cold wallets.

Compared with using MM to sign transactions only by connecting MM to sign transactions to defi, the hardware wallet only has two more steps to connect to MM. Is it more troublesome to insert the computer and connect the MM than using the hot wallet alone?

Those who need security have long chosen a safe method. People who don’t care about safety will not buy a Yubikey device at all even if they change the MM to use Yubikey authentication. They will only use wallets like ronin that don’t need Yubikey instead of MM.


This product idea wasn’t so much about giving yubikey support,

It’s about giving the option to whitelist withdrawn addresses, especially for larger transactions.

But in order to change those settings, it would be good if you could only do so with a hardware wallet (or a yubikey), and the alternative and weaker would be by a separate password for adjusting sensitive settings.

Yes you are right hardware key is the most secure option, but hardware keys also suck in their UX and functionality still (especially if you use many many wallets)
It helps to give lots of options to users. More options = a better Product.

1 Like

How to add a personal transfer whitelist? Password protected. How does MM know if the password is correct? Because there is an encrypted backup of the password in the local data (which can be obtained by hackers by cracking the hash).
A software, the more functions you add, the more likely you are to have bugs.
Where is the whitelist kept? local database. How to prevent hackers from directly importing their addresses into the database?
Instead of adding so many features that are not 100% secure, it is better to make the current features more perfect.
The pop-up page for connecting to the hardware wallet, if written in obvious red: If you don’t know what the passphrase means, don’t fill in anything.
A simple change can prevent tens of thousands of rookies who don’t read the manual from losing their assets.
As far as I know, because this prompt is not in place, there are more than 15,000 people (only counting trezor users) who have created hidden wallets and their assets cannot be recovered.


Security is not a matter of 0 or 1, it is about adding layers of security than make it more and more difficult for attackers. There is no one perfect solution.

You store passwords and sensitive information in your phone already right? They are encrypted in your phone’s secure databases.

You way of thinking to have a simple app means less attack vectors, is not wrong at all, but I disagree that adding some security features can help some MM users with different setups from being jeopardized.

IP whitelisting is extremely effective in CEX.

Any update on this?

Whitelisting is a bread and butter security option in CEX, it will be extremely valuable to users to help lock down their funds being funneled out to an attacker’s address.

Hey @bafubafu, we can wait and see if this thread gains any traction and more votes.

Additionally, this feature can also be developed as a Snaps plug-in in MetaMask Flask.

You can learn more about MetaMask Flask here:


So… I shared my seed phrase to a scammer.
He drained my metamask wallet.
I still have funds - he has no access - linked by smartcontract to this wallet.
I’m afraid they’ll be stolen too if I try to get them back.

Can developers add an option in Metamask - to help people like me - in the near future:
create a whitelist of cryptocurrency withdrawal addresses that users define as trustworthy ?
There is something like this on Binance.

Educate users… .

Make password more useful.


Hello, for the sake of security, you can re create a new metaamsk wallet, and then you can create multiple addresses in the metamask wallet, so you can click “transfer between my accounts” during transfer to avoid errors. Of course, when transferring to an external address, you need to carefully check the correctness of the address, but you can also scan the QR code for transfer, This will avoid input errors and wish you a happy life. :innocent:

I’m sorry to hear that…
Yes… if TW had address whitelisting it would have protected you…

We all make mistakes, we need more ways to reduce the impact of those mistakes.