KEKKAI is a wallet Security product create an environment where all users can enjoy Web3 with ease and secure.
PRODUCT
logo
Alpha Network
AI
logo
Dashboard/Revoke
Revoke dangerous signatures
SERVICE
logo
KEKKAI Labs
Web3 Security Service For Enterprise
KEKKAI Audit
NEW
Product Penetration Test
SOON
Wallet Security Solution
SOON
logo
KEKKAI University
logo
KEKKAI Shop
logo
KEKKAI&Astar Dapp Staking
COMPANY
Company Info
Join Us
Media Kit
SUPPORT
Handbook
Update History
Contact us
English
日本語
ENTER THE AI ERA
How To Stay Safe
Aware, Prevent & Liberate of the Danger
To safely enjoy the Web 3.0 world, we should be familiar with some key smart contracts and be aware of the danger of each type of possible scam. KEKKAI is here for you to tell you how to identify the contracts you signed, intentionally or by being scammed, and teach you how to solve the problem if you accidentally signed the scam contract.
image
Dangers that
still could be fixed
Set Approval For All
Grant a third party the ability to transfer all of the tokens you own for a given collection.
Learn more
Giving Approval
Giving approval to the contract address for transferring ownership of your assets.
Learn more
Gasless/Offline Transaction (Seaport Signature)
It usually looks like a normal marketplace listing signature. However, its complex signature allows a potential scammer to make an inexperienced user sign a malicious listing through a phishing website.
Learn more
Exploit on the Old OpenSea Contract ("Upgrade to")
This attack is mainly aimed at users who have used the old Opensea protocol (before Seaport) to place orders and have not canceled authorization. Please be aware that it will usually be shown as "Upgrade to" in the contract.
Learn more
Potential risks that
you should be aware of
ETH_SIGN
One of the most risky signatures you could sign is because you cannot see any details of the contract, which is usually adopted by the scamer. We strongly advise you to cancel this. It allows signing an arbitrary hash, which means it can be used to sign transactions, or any other data, making it a dangerous phishing risk.
Learn more
Honeypot

Smart contracts that look vulnerable but actually are not. It makes users believe that they can benefit from this contract, while in reality only the creator can retrieve them. For example, buying NFTs/tokens that cannot be sold or wash trading.

※ Please be informed that the soulbound tokens (SBT) cannot be sold either. If you are buying this token, KEKKAI will also pop up the warnings, you can just ignore.

Learn more
"Security Update"
A "payable" function masked as a security update that is hidden in the phishing contract.
Learn more
Fake Token
The exploiters use similar URLs/photos/SNS to trick users into buying fake assets like NFT or cryptocurrency that aren't from the official channel.
Learn more