d-bis/smom-dbis-138
4
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
409fb5e738d4d6033a09f4e607dd836edb0e4f0e
smom-dbis-138/docs/operations/integrations/METAMASK_SAFETY.md
defiQUG 1fb7266469 Add Oracle Aggregator and CCIP Integration 
- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.
2025-12-12 14:57:48 -08:00

151 lines
5.6 KiB
Markdown
Raw Blame History

# MetaMask Safety Guide for ChainID 138
Security best practices for using ChainID 138 with MetaMask.
## Verifying Network Details
### Official Network Information
- **ChainID**: 138 (0x8a in hex)
- **Chain Name**: DeFi Oracle Meta Mainnet
- **RPC URL**: `https://rpc.d-bis.org`
- **Block Explorer**: `https://explorer.d-bis.org`
- **Domain**: `d-bis.org` (Cloudflare DNS/SSL)
### How to Verify
1. **Check the Domain**: Always verify you're on the official domain (`d-bis.org`)
2. **Verify RPC URL**: Use only the official RPC URLs listed in this documentation
3. **Verify Explorer URL**: Use only the official Blockscout explorer
4. **Check ChainID**: Always verify ChainID is 138 (0x8a) before adding
5. **Verify Token Addresses**: Double-check token contract addresses before adding
## Avoiding Phishing
### Red Flags
- **Unofficial Domains**: Be wary of domains that look similar but are not `d-bis.org`
- **Unofficial RPC URLs**: Only use RPC URLs from official documentation
- **Unofficial Token Addresses**: Verify token addresses on Blockscout
- **Unexpected Requests**: Never approve unexpected network addition requests
- **Suspicious Links**: Don't click on suspicious links or download files from untrusted sources
### Best Practices
1. **Bookmark Official Sites**: Bookmark the official explorer and documentation
2. **Verify Before Adding**: Always verify network details before adding to MetaMask
3. **Use Official Sources**: Only add networks from official sources (Chainlist, official docs)
4. **Check URLs**: Always check URLs in the address bar
5. **Enable Phishing Detection**: Keep MetaMask's phishing detection enabled
## Securing Your Wallet
### MetaMask Security
1. **Use Strong Password**: Use a strong, unique password for MetaMask
2. **Enable 2FA**: Enable two-factor authentication if available
3. **Keep Software Updated**: Keep MetaMask updated to the latest version
4. **Backup Seed Phrase**: Backup your seed phrase in a secure location
5. **Never Share Seed Phrase**: Never share your seed phrase with anyone
### Network Security
1. **Verify Network Details**: Always verify network details before adding
2. **Use Official RPC URLs**: Only use official RPC URLs
3. **Check SSL Certificates**: Verify SSL certificates are valid
4. **Monitor Transactions**: Monitor your transactions on the explorer
5. **Use Hardware Wallets**: Consider using a hardware wallet for large amounts
## Token Safety
### Verifying Tokens
1. **Check Contract Address**: Verify token contract address on Blockscout
2. **Verify Token Metadata**: Check token name, symbol, and decimals
3. **Check Token Logo**: Verify token logo is from official source
4. **Review Token Contract**: Review token contract code if possible
5. **Check Token List**: Prefer tokens from official token lists
### Token Red Flags
- **Unofficial Addresses**: Tokens with addresses not on official lists
- **Suspicious Metadata**: Tokens with suspicious names or symbols
- **Missing Logos**: Tokens without logos or with broken logo URLs
- **Unofficial Sources**: Tokens from unofficial sources
## Transaction Safety
### Before Signing
1. **Verify Recipient**: Double-check recipient address
2. **Verify Amount**: Verify transaction amount
3. **Verify Gas Fees**: Check gas fees are reasonable
4. **Verify Network**: Ensure you're on the correct network
5. **Review Transaction**: Review all transaction details
### After Signing
1. **Monitor Transaction**: Monitor transaction on explorer
2. **Verify Success**: Verify transaction was successful
3. **Check Balance**: Verify balance updates correctly
4. **Report Issues**: Report any issues immediately
## Reporting Issues
### If You Suspect Phishing
1. **Don't Panic**: Stay calm and don't make hasty decisions
2. **Disconnect**: Disconnect from suspicious sites
3. **Report**: Report to MetaMask and project team
4. **Check Accounts**: Check your accounts for unauthorized transactions
5. **Secure Wallet**: Secure your wallet if compromised
### Contact Information
- **MetaMask Support**: [support.metamask.io](https://support.metamask.io)
- **Project Team**: [GitHub Issues](https://github.com/Defi-Oracle-Tooling/smom-dbis-138/issues)
- **Security Issues**: [Security Policy](https://github.com/Defi-Oracle-Tooling/smom-dbis-138/security)
## Additional Resources
- [MetaMask Security](https://support.metamask.io/hc/en-us/articles/360015489591)
- [Phishing Prevention](https://support.metamask.io/hc/en-us/articles/4427602331163)
- [Wallet Security](https://support.metamask.io/hc/en-us/articles/360015489591-Basic-safety-and-security-tips-for-MetaMask)
## Checklist
Before adding ChainID 138 to MetaMask:
- [ ] Verified domain is `d-bis.org`
- [ ] Verified RPC URL is `https://rpc.d-bis.org`
- [ ] Verified explorer URL is `https://explorer.d-bis.org`
- [ ] Verified ChainID is 138 (0x8a)
- [ ] Verified source is official
- [ ] Checked for phishing warnings
- [ ] Reviewed network details
- [ ] Understood risks
Before adding tokens:
- [ ] Verified token address on Blockscout
- [ ] Verified token metadata is correct
- [ ] Verified token is from official source
- [ ] Checked token contract if possible
- [ ] Verified token logo is official
- [ ] Understood token risks
## Emergency Contacts
If you suspect your wallet is compromised:
1. **Immediately**: Disconnect from all sites
2. **Transfer Funds**: Transfer funds to a new wallet if possible
3. **Report**: Report to MetaMask and project team
4. **Secure**: Secure your wallet and accounts
5. **Monitor**: Monitor for unauthorized transactions
## Conclusion
Always prioritize security when using MetaMask. Verify all network details, token addresses, and transactions before approving. When in doubt, don't proceed and contact support.
Reference in New Issue View Git Blame Copy Permalink