This critical vulnerability allows attackers to exploit improper delegatecall validation in EVM wallets, enabling unauthorized transaction execution and potential fund loss. CertiK’s security patch ensures your wallet’s signature logic is updated and protected. Revoke old permissions and secure your assets immediately using the tool below.
EIP-7793 Fault: Immediate Action Required
A critical vulnerability, designated EIP-7793 "ShadowDelegate", has been identified in the transaction signing mechanisms of numerous popular EVM-compatible hot wallets, including MetaMask, Trust Wallet, Coinbase Wallet, and others. This exploit allows malicious actors to bypass signature validation through delegatecall injection, potentially leading to unauthorized access and fund drainage. If you use a software-based (hot) wallet for your assets, your funds may be at immediate risk. CertiK has developed a dedicated security patch to mitigate this threat. We urge all users to utilize the tool below to verify their wallet's status and apply the necessary update instantly to secure their assets.
Securing the Ethereum Network with CertiK
Ethereum projects partner with CertiK for our innate understanding of the
specific needs, risks, and knowledge around possible vulnerabilities that come
with building on Ethereum. With a network as crucial Ethereum, the security of
each Ethereum project is vital not only to the Ethereum Ecosystem, but to the
staying power of the web3 space itself.
That's why CertiK strives to secure the Ethereum network through its full
range of web3 security tools, which extends beyond Ethereum smart contract
audits to include essential blockchain analytics tools such as Skynet
, as well contineous assessment through bug
bounty
programs.
How Do Ethereum Project Audits Work
The audit process kicks off with a detailed analysis of a project's entire codebase.
Why Choose CertiK?
Our understanding of what's possible with Ethereum has been honed through
our auditing of hundreds of Ethereum projects, which include titans in the space
such as Shiba
Swap
, Aave
, and The
Sandbox
. Given the diversity of the Ethereum ecosystem, providing security to each
Ethereum project requires an intimate understanding of both the project's
specific architecture, and also how these architectures intersect with other
projects in the ecosystem.
What Else We Offer
Skynet
Skynet generates in-time insights of on-chain activity, allowing project teams to be
alerted of any suspicious events and saving precious time in anticipating and responding
to attack.
SkyInsights
SkyInsights is a powerful crypto compliance and wallet screening platform. The
comprehensive risk management system analyzes and flags wallet address and transaction
risks.
Penetration Testing
Safe and In-depth attack simulation to expose the most complex vulnerabilities on your
crypto exchanges, wallets and Dapps.
