Kerberus Sentinel3
WebsiteTwitterDiscordExtension
  • Sentinel3
    • 🛡️What is Kerberus Sentinel3?
    • ❔How does it work?
    • ⚠️Alert Types
    • 🕵️‍♂️Active Protection
    • ☂️Coverage
    • ❓Is it open source?
    • ⭐How is it different?
      • 1️⃣Detects scams 1/2
      • 2️⃣Detects scams 2/2
      • 3️⃣Serves you, not companies
      • 4️⃣Built by security experts
      • 5️⃣Designed for everyone
    • 👨‍💻Team
    • 🛠️Installation
    • 💻Browsers and Devices
    • ⛓️Chains
  • FREQUENTLY ASKED QUESTIONS
    • 🖥️Software FAQ
      • Who is Sentinel3 for?
      • Is Sentinel3 a wallet?
      • Is Sentinel3 an antivirus?
      • Do I need to connect my wallet to use Sentinel3?
      • On how many devices/wallets does my license work? Does it work with a VPN?
      • Can Sentinel3 move my crypto/NFTs?
      • Will Sentinel3 slow me down?
      • Does it work on mobile?
      • How do I know if Sentinel3 is working for me?
      • Does Sentinel3 scan every website I visit?
      • Is it good for Sentinel3 to scan every Web3 site?
      • I opened a Web3 site but didn't see Sentinel3 scanning it. Why?
      • I got a red/yellow popup. What should I do?
      • Sentinel3 alerted a site and I believe it shouldn't have
      • I got a red popup and closed the site. What happens if I access it again?
      • Sentinel3 didn't alert me to a malicious site I visited. What should I do?
      • Does Sentinel3 work if I use other Web3 security extensions?
      • Does Sentinel3 work when transacting directly from a contract?
      • If I use Sentinel3, does it mean I'm 100% safe from all scams?
      • What kind of Web3 scams exist, and which ones does Sentinel3 protect me from?
      • Are there any signatures that Sentinel3 doesn't scan?
      • Does a hardware wallet protect me from scams?
      • If I lose my crypto/NFTs because Sentinel3 didn't detect a malicious site, will you reimburse me?
    • 🍁Lifetime License NFT FAQ
      • How can I get one?
      • How do I activate it?
      • What's the market cap?
      • Do I lose access to the license if I sell or transfer the NFT?
Powered by GitBook
On this page
  • Here's how staking on a legitimate site looks like:
  • And here's how the same function looks like on a scam site:
  • There is no visual difference between them. Simulations/translations will also look identical.
  • This is another reason why Web3 security solutions that only simulate/translate transactions will lead to huge losses in the space.
  1. Sentinel3
  2. How is it different?

Detects scams 2/2

PreviousDetects scams 1/2NextServes you, not companies

Last updated 1 year ago

might have been eye-opening for you. Here's a specific scenario that we're positive will happen, where security solutions that only translate/simulate transactions will lead to huge losses for its users.

The function 'setApprovalForAll' assigns or revokes the full approval rights to a given operator.

One of its legitimate uses is to assign it to a contract to stake an NFT.

One of its illegitimate uses is to assign it to a scammer's contract that drains an NFT.

Here's how staking on a legitimate site looks like:

And here's how the same function looks like on a scam site:

There is no visual difference between them. Simulations/translations will also look identical.

The two scenarios above are different; one is on a legitimate site, and another is on a scam site that looks completely different. But what if the scam site looked exactly like the legitimate site?

Here's how that would go down:

A very expensive NFT is about to release staking. All its owners are waiting anxiously to stake. To prepare its users, the project releases the site and a tutorial on how to stake. The site will become active in 24 hours. Suddenly, there is an announcement on Discord. It's out of the original plans and tells people to stake fast for maximum rewards. FOMO kicks in, and users rush to the site. It looks identical to the legitimate one, it works exactly like the tutorial shows, but the URL is different. The Discord has been breached, and scammers have shared a link that drains users' wallets, specifically NFTs from the project. Like the two MetaMask prompts in the previous examples, the wallet request seems legitimate. It asks to 'Allow access to and transfer of all your <expensiveNFT>.' Users without any Web3 security solution that don't realize the URL is malicious lose their expensive NFTs. What about users with a Web3 security solution that simulates/translates the transaction? They will be presented with a simulation/transaction that tells them they are giving permission for their expensive NFT. Nothing will be suspicious about it because the simulation/transaction is correct. They will lose their expensive NFTs.

This is another reason why Web3 security solutions that only simulate/translate transactions will lead to huge losses in the space.

Unfortunately, . Nevertheless, we feel responsible for you who are educating yourself and reading this page. Whatever your decision on Web3 security solutions is moving forward, you now know a critical piece of information that can help you prevent losses of your valuable NFTs.

⭐
2️⃣
sharing this information could lead to scammers applying it to steal NFTs
👍
👎
Part 1