Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Notification for Users to verify domain is app.anchorprotocol.com #313

Open
ghost opened this issue Apr 2, 2022 · 5 comments
Open

Comments

@ghost
Copy link

ghost commented Apr 2, 2022

Many users on the forums and discord have reported having funds drained due to scam websites. In addition to this scam websites have been posting google adds to get people to click on their domain. These websites pull Anchor front end and disguise themselves as the official protocol. Once users interact with these sites their funds are drained with no way of recovery. A simple notification or pop up on the screen of the web app would help users to ensure they are on the correct site and save a lot of trouble for novice users who will end up loosing their funds without it. This has been implemented on many dapps as scammers are getting sophisticated with their attacks. Anchor would benefit from the same.

Here is an example on olympus's website:

https://app.olympusdao.finance/#/dashboard

I can do this on my time if nobody else is interested and close issue once its ready for pull.

@cosullivan
Copy link
Contributor

How does Olympus DAO display the message though?

If its just a message that is included in the app, then it too can also be easily modified.

@ghost
Copy link
Author

ghost commented Apr 3, 2022

I think it is just a message included in the app. Even if it can be modified it still gets people to double check, I don't think scammers would want people checking the domain at all so I think most would not implement it.

It would be great if there was a way we could make it unchangeable. Or kinda like the anti piracy in games where if someone copy's the UI then when the message is displayed it checks the domain and pops up that the site is a scam. I think it would be harder to implement however? I think i can do it in JavaScript but scammers who are willing to duplicate the message will just mimic all of that as well...

@ghost
Copy link
Author

ghost commented Apr 10, 2022

I'm seeing a lot more people have their balances drained. Scammers are getting more sophisticated and are draining LP balances now, I think we should pull this ASAP even if it can be easily modified it will help remind people using Anchor to constantly check the URL.

Even then what I'm seeing looks more like a bad node for the DNS. But maybe adding a message to use a VPN and access through google dns or a trusted DNS versus the stock internet provider one could go a long way in helping people.

If you guys want to assign this to me I can pull it and work on it in my spare time it shouldn't take too long. It's just a small popup that gets users to check the domain, no reason to not have it on site.

@cosullivan
Copy link
Contributor

@frozencode yes, please go ahead and create a pull request and we will review it.

Thanks, Cain.

@ghost
Copy link
Author

ghost commented Apr 18, 2022

Will get this done this week, thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant