Perpblock

✦ Wallet defense

Perpblock signs nothing dangerous.

Five coordinated defenses for the attacks that actually drained wallets in 2024-25: malicious approvals that hand over your funds, three flavors of address poisoning, fake wallet extensions, and abuse of auto-trading keys. Built into the signing flow. On by default.

5 coordinated defensesTransaction simulationWeekly approval scanVerified-wallet check
Wallet defense · status
01

Transaction simulation

Wave 2
02

Approval scanner

Wave 2
03

Address poisoning defense

Wave 2
04

Wallet authenticity check

Wave 1
05

Session-key hardening

Wave 3
Coordinated. On by default.

The problem

The dominant 2024-25 attack wasn't an exchange hack.

It was a signature you gave voluntarily. A single approval that quietly let a contract move all of one token (a Permit2 “unlimited approval”). A blanket “approve this whole NFT collection” grant. Transaction-history poisoning that planted a fake recipient in your wallet's display. Loss data from MetaMask, ScamSniffer, and Wallet Guard tracks $20K-$200K per victim, with reported losses across the category in the hundreds of millions per year.

MetaMask added basic simulation in late 2024 — optional, often disabled, doesn't cover every signature type. Most platforms hand you a transaction modal that says "Approve" with no explanation of what you're approving. We took the opposite view: defending the signing surface is the platform's job, not the wallet vendor's.

Five defenses. Coordinated. On by default.

Defense 1

See what happens before it happens.

Every transaction — and every signature request your wallet shows you — gets tested against the live blockchain before you sign. You see in plain English what it will actually do, in dollars.

A risk check runs on every preview. Unlimited spending approval — dangerous. A recipient that isn't in your address book — caution. Assets leaving your wallet with nothing coming back — dangerous. Dangerous results block the transaction with an explicit warning you have to consciously override to proceed.

Previews run through two independent providers (Tenderly and Alchemy) and are cross-checked. When both are unreachable, the result defaults to "caution" rather than "safe." The platform doesn't pretend it knows what you don't.

You see the trade in your wallet's language and ours. If they don't match, you don't sign.

Transaction simulation · before signing
Simulating against live chain state...
Danger classifier running...
Result: UNLIMITED APPROVAL DETECTED
Approval scanner · weekly
4 findings
USDCHIGH

0x3Fc9...8b2d (unknown contract)

MAX_UINT256 · 187 days ago

WETHMED

Uniswap V3 Router (verified)

MAX_UINT256 · 92 days ago

BAYCHIGH

0x7a4c...f3e1 (unknown contract)

setApprovalForAll · 341 days ago

DAILOW

Aave V3 Pool (verified)

10,000.00 · 14 days ago

Defense 2

Old approvals are the slow leak.

The risky approval you signed six months ago is still active. The blanket spending permission you forgot about. The “approve this whole NFT collection” grant you clicked once. Old approvals are the biggest standing risk in self-custody — a clean wallet today is a drained wallet tomorrow because one old approval gets exploited by a new contract.

After you connect a wallet, and every Sunday morning, the scanner checks every connected wallet for approvals you never revoked — unlimited token spend limits, blanket Permit2 allowances, and “approve entire NFT collection” grants — across every chain. Each finding gets a risk score. One-click revoke builds the cancel transaction through the same defended flow.

You don't have to remember every approval you ever signed. We do.

Defense 3

All three flavors defended.

Address poisoning isn't one attack — it's three. Each needs a different defense. A naive defense (warn on every new recipient) creates warning fatigue and stops working in week one. A real defense surfaces only the dangerous case while staying quiet for normal use.

History poisoning

An attacker sends you a $0 transaction from a look-alike address — one crafted to match the first and last few characters of an address you've paid before. You copy it from your history and send the real funds to them.

Defense

Our detector flags any recipient that matches the start and end of a saved address but differs in the middle. A confirmation step forces you to review the full address.

Clipboard malware

Malware on your device watches your clipboard for wallet addresses and silently swaps in an attacker's address the moment you paste.

Defense

Before you sign, we always show the recipient's full address alongside its saved nickname. If there's no nickname, it's flagged as a "NEW recipient" with a unique icon you can eyeball.

ENS and token spoofing

Look-alike ENS names (the human-readable .eth names) built from visually identical foreign-alphabet characters. Or tokens labeled "USDC" that aren't the real, verified contract.

Defense

We warn on any unusual character in an ENS name. Token addresses are checked against a trusted registry (CoinGecko, CoinMarketCap, and chain-verified contracts) and shown as "USDC (verified)" or "USDC (UNVERIFIED)".

The address book is the precondition. The detectors do the work. Normal use stays quiet.

Defense 4

Fingerprint at connect time.

Fake wallet extensions routinely impersonate the real thing — copying a trusted wallet's name, icon, and on-screen behavior so they look identical to the genuine software. Then they steal your seed phrase the first time you use them.

When you connect a wallet, we check it against a registry of known-genuine wallets: MetaMask, Phantom, Rabby, Coinbase Wallet, Frame, Safe. A clone gets flagged with an explicit warning before the connection completes. You acknowledge the warning or you don't connect.

The check runs once when you connect, then it's remembered. Zero ongoing friction.

Wallet authenticity check · connect-time

MetaMask

14/14 checks passed

VERIFIED

Rabby

14/14 checks passed

VERIFIED

Unknown extension

3/14 checks passed

CLONE DETECTED

Runs once at connect time · zero ongoing friction

Defense 5

Constraints before convenience.

Auto-approve mode is a convenience win and a security trap. It works by issuing a “session key” — a temporary key that signs trades for you so you don't approve each one by hand. Most setups make that key all-access: no spending limit, and no restriction on which contracts it can touch. If the key is stolen, the wallet is drained.

When this feature ships: every session key is locked down from day one. A cap per transaction. A cap per session. A time limit. A fixed list of contracts it can touch — only the trading venues we've vetted. Never an unlimited approval. Revocable instantly. Expires on its own.

STATUS: Not yet shipped. Shipping with auto-approve mode — Wave 3.

Convenience without constraints is the same as no defense at all.

Threat model

What we're defending against.

Addressed

Malicious approvals — the permission types attackers trick you into signing (Permit, Permit2, "approve entire collection" grants, and disguised signed messages).

Address-substitution attacks — history poisoning, clipboard malware, ENS and token spoofing.

Fake wallet extensions — clones impersonating known wallets to steal your seed phrase.

Old, forgotten approvals — malicious contracts exploiting permissions you granted long ago.

Auto-trading key abuse — stolen session keys used to drain wallets in auto-approve mode.

Not addressed

Seed-phrase compromise. We never see your seed. If your seed is compromised outside Perpblock, our defenses don't apply.

Custodial-platform failure. A different threat class, handled by our non-custodial design — not here.

Bugs in the outside protocols we route to. Those exploits are upstream of our control.

Out-of-band social engineering. Our anti-phishing policy covers our channels, not other platforms.

We defend what we can defend. We don't claim more.

Timeline

What's live, what's next.

Live today

API-key vault hardening — bank-grade AES-256 encryption, a unique salt per key

Read-only API access enforced

On-chain anchoring of every trade

Wave 1 — next 60 days

Wallet authenticity check

Public anti-phishing policy and channel registry

Wave 2 — 60-180 days

Transaction simulation before signing

Approval scanner with one-click revoke

Address book and three-variant poisoning defense

Wave 3 — with auto-approve mode

Locked-down auto-trading keys

Common questions

What technical users ask.

Get started

Defend the signing surface.

Most platforms protect the venue. We protect the surface where the attacks actually happen.

Non-custodial. Defense on by default. Cancel anytime.