|
Title: Renounced Contract Is a Trap Post by: KiranKBS on July 30, 2023, 06:45:32 AM Renounced is just a stupid buzz word! Never fall into trap by just hearing this.
Deployer can still run functions and do scam. For example, you often come across function `manualSwap`. All they need is external function without onlyOwner scope Lol! Either take help of contract analyzers or any developers can read the contract out for you! This is latest trend scammers are following! Have Safe Trading! Edit: Sorry for not being comprehensive as you all pointed out in comments. So in a nutshell, contracts can have functions like below and can run such functions to rug pull even after Renounced. function manualSend() external { require(_msgSender() == _taxWallet); sendETHToFee(address(this).balance); } function manualSendToken() external { require(_msgSender() == _taxWallet); IERC20(address(this)).transfer(msg.sender, balanceOf(address(this))); } Above function converts tokens available in the contract to eth and send eth to deployer wallet. These days contracts are releasing approx 25% in it or 10% in contract. These functions allow us to pull plug softly in different way Functions no need to be like above, it can be literally with any name. Hence, Renounce is just buzz word and should be careful! Title: Re: Renounced Contract Is a Trap Post by: KiranKBS on July 31, 2023, 08:18:02 PM I believe this is very useful insight so just replying but not to inflate topic!
Title: Re: Renounced Contract Is a Trap Post by: vv181 on August 01, 2023, 03:59:10 PM Can you give examples of such contracts?
As far as I know, renouncing the contract ownership is mainly done to make the community trust the dev could not toy around with the project. The issue you raises is something new for me. Executing a swap function without `owner` control seems theoretically possible. So if you could share some examples, it would be good. After all, there is no short amount of scam methods involving a smart contract, a programmable contract, which some layman surely does not comprehend what it actually does or the possibility of the scheme. So it is essential to refrain from gambling around with some obscure and unknown token. Title: Re: Renounced Contract Is a Trap Post by: Cryptoababe on August 01, 2023, 08:38:10 PM Can you give examples of such contracts? As far as I know, renouncing the contract ownership is mainly done to make the community trust the dev could not toy around with the project. The issue you raises is something new for me. Executing a swap function without `owner` control seems theoretically possible. So if you could share some examples, it would be good. Do you know that some newbies didn't know that dev can still remove liquidity after contract has been renounced? Have seen a lot like this. Contract is renounced, then people start buying, then dev remove liquidity. Title: Re: Renounced Contract Is a Trap Post by: nelson4lov on August 01, 2023, 10:49:54 PM Shitcoin devs constantly looking for new ways to get away with protocol funding. These days I don't blindly trust smart contracts until I have thoroughly gone through the contract code especially if it has been verified in an explorer.
After all, there is no short amount of scam methods involving a smart contract, a programmable contract, which some layman surely does not comprehend what it actually does or the possibility of the scheme. So it is essential to refrain from gambling around with some obscure and unknown token. Malicious devs like that often take advantage of the fact that most users don't know the technical details about how most of the smart contract functions work. So they use it to their advantage. Access control vulnerabilities are some of the most common I've seen. If I come across any of such contracts in the future, I'd be sure to share them. Title: Re: Renounced Contract Is a Trap Post by: Wahyuihib on August 01, 2023, 11:09:06 PM I don't understand what you're trying to explain... or maybe my understanding isn't quite right. maybe it's better if you want to explain something, also include examples and so on. so that we as readers do not guess what you mean
Title: Re: Renounced Contract Is a Trap Post by: kamvreto on August 01, 2023, 11:19:25 PM What are you talking about like trapping new DAaps connecting and exploiting those connected addresses?
I also don't understand what your real purpose is for creating this thread, but as far as I understand there are many users who have been stuck with fake Daaps that will exploit the connected swallow and the thing to do is to revoke it so the connection is disconnected. Title: Re: Renounced Contract Is a Trap Post by: vv181 on August 02, 2023, 11:15:09 AM Can you give examples of such contracts? As far as I know, renouncing the contract ownership is mainly done to make the community trust the dev could not toy around with the project. The issue you raises is something new for me. Executing a swap function without `owner` control seems theoretically possible. So if you could share some examples, it would be good. Do you know that some newbies didn't know that dev can still remove liquidity after contract has been renounced? Have seen a lot like this. Contract is renounced, then people start buying, then dev remove liquidity. Shitcoin devs constantly looking for new ways to get away with protocol funding. These days I don't blindly trust smart contracts until I have thoroughly gone through the contract code especially if it has been verified in an explorer. Besides the users did not understand the technical detail, mostly they also did not aware of the possibility of the technical capability, which is my main point. So surely it is blissful for the scammer to make a handy improvement to their scamming scheme technique. Since it is programmable, I'm sure it will keep evolving by maximising the flexibility of the contract function and any idea of improvement technique.After all, there is no short amount of scam methods involving a smart contract, a programmable contract, which some layman surely does not comprehend what it actually does or the possibility of the scheme. So it is essential to refrain from gambling around with some obscure and unknown token. Malicious devs like that often take advantage of the fact that most users don't know the technical details about how most of the smart contract functions work. So they use it to their advantage. Access control vulnerabilities are some of the most common I've seen. If I come across any of such contracts in the future, I'd be sure to share them. Title: Re: Renounced Contract Is a Trap Post by: KiranKBS on August 03, 2023, 06:14:12 AM Can you give examples of such contracts? So if you could share some examples, it would be good. Sorry sir for not being comprehensive! I updated post by including example. Title: Re: Renounced Contract Is a Trap Post by: KiranKBS on August 03, 2023, 06:43:02 AM Can you give examples of such contracts? As far as I know, renouncing the contract ownership is mainly done to make the community trust the dev could not toy around with the project. The issue you raises is something new for me. Executing a swap function without `owner` control seems theoretically possible. So if you could share some examples, it would be good. Do you know that some newbies didn't know that dev can still remove liquidity after contract has been renounced? Have seen a lot like this. Contract is renounced, then people start buying, then dev remove liquidity. Yes! Renounced != LP Burnt/Locked even after that Deployer can dump either reserved tokens from his wallet or tokens kept in Contract using the function i was referring in the post. |