What attacks can Harpie prevent?
Read more on the various web3 attacks that Harpie is built to protect you against.
Below is a list of many (but not all) of the types of attacks that Harpie can prevent.
$570k was stolen in just a few hours because of the Curve.fi attack
This attack is almost unavoidable. By hijacking a trusted website, attackers can trick users of the site into signing their money away.
This OpenSea phishing link was a single email campaign that caused $1.7 million in damages.
These types of attacks impersonate a trustworthy party. Attackers use this misplaced trust to trick victims into signing malicious smart contracts designed to steal their money.
These attacks use a clean, well-designed website to trick victims into trusting the site. Afterwards, victims are asked to sign malicious smart contracts or send over their private keys to the attacker as part of a "user onboarding" process.
Private key theft is being phased out in favor of smart-contract-based attacks, like the attacks described above. That being said, ownership of a wallet's private key allows an attacker to freely transact with the assets inside.
Because private key theft gives an attacker complete control over your wallet and its assets, see Disclosures & Risks for edge cases where Harpie would not be able to protect your wallet from private key thieves.
Misspelling one of the 40 characters in an Ethereum address during a transfer can cause a victim to lose access to those assets permanently. Harpie stops accidental transfers from occurring, since your trusted network will not include that misspelled address.