Security and Fraud Mitigation Ideas For Wallets

Hey Everyone,

My original post was made here → https://forum.cardano.org/t/security-and-fraud-mitigation-ideas-for-next-round/ I decided to move it to this forum for a more official exposure to the CIP community and developers.

Motivation

There is always good actors and bad actors in any community. With that said the rise of giveaway scams has been very disheartening. I would like to use this post as a means to post Ideas for securing and mitigating fraud. Since Charles Hoskinson has called upon law enforcement personnel to help and provide ideas. I thought it would be prudent to start a something where ideas can be put into practice. This will either advise IOHK or the Cardano foundation on possible avenues to prevent fraudulent transactions, and help keep people safe. I would Imagine that if the ideas work there could be funding put towards these goals in the next catalyst round.

I’d you would like to see the video where he calls on law enforcement for ideas. Click here → Scams and Misinformation about Cardano - YouTube

Considerations

There should be practices put in place in a wallet that will advise or stop a person from sending funds to a wallet that is known to be bad actor. With that said such a feature should not be something that cannot be turned off. A wallet by design should allow the free flow of funds incoming and outgoing. However, there are times when inexperienced users of the Cardano network should be guided in the network as they learn about Cryptocurrency making sure that their funds are further secured.

Specification and Ideas

Wallet Ideas (w/credit to the authors):

  • There should be a customizable address book that will act as the users whitelist and commonly used addresses. These addresses can be modified by the user to include things like Name, category, and favorites. I.E “Mom” could be in the family category with a gold star and her address is always “addr…”
  • Create a community blacklist where people can submit malicious addresses. These addresses could be either hosted by IOHK or organization.
  • Tie in a backend for the wallet to check against a blacklist of addresses. If the user tries to send funds to an address on the blacklist the user is prompted with a warning that the address could be malicious.
  • Provide a means of submitting an address to the blacklist from the wallet and blockchain explorers.
  • Provide a seperate vault in the wallet that can be secured with a time-lockup feature, and/or 2FA that stops users from sending their crypto in a spontaneous moment. - EuroBlox
  • Of course provide a method in wallet to turn off this feature for advanced users who like to YOLO their assets without any bothersome prompts or warnings.
1 Like

Just saw this awesome site. Maybe this can be integrated into the wallet. “Cardano Fraud Detection Bureau”