M

MetaMask Snap "Check the contract"

MetaMask Snap which allows user to see additional security oriented information before the contract function call (check if contract was audited, if contract is upgradable and more)

M

MetaMask Snap "Check the contract"

MetaMask Snap which allows user to see additional security oriented information before the contract function call (check if contract was audited, if contract is upgradable and more)

The problem MetaMask Snap "Check the contract" solves

It allows an average user to get more information about the contract and avoid interactions with suspicions, untrusted, hacked or even fraud contracts

Challenges we ran into

One of the key idea is to show users if the contract was audited and by which companies, but most of the audit reports do not have the addresses of the deployed contracts (most likely links to the repo, sometimes even private), also there is no universal tool which allows to get/scrape audits data from different companies.
This requires to input data by hand, which is not only a boring routine thing, but also leads to the redundant centralization around the input controller entity.
It would be nice if auditing companies provide any kind of public API with the list of audits, this opens the way to upgrade current idea to a more decentralized solution based on oracles.

Discussion