Staying Safe

How to stay safe before sending tokens or using smart contracts

Vaulta is a powerful blockchain built for high-speed, scalable applications. It’s permissionless and irreversible—which means once you send tokens or sign a transaction, you can’t undo it.

Bad actors can deploy malicious smart contracts or impersonate known projects. Your best defense? Know what you’re interacting with.

  • Vaulta transactions are instant and irreversible

  • Never trust random token airdrops in your wallet

  • Always verify before you sign

Identifying Scams

Scams, hacks, and failed projects are common, so due diligence is your first line of defense before sending tokens, interacting with smart contracts, or investing in a project. A list of common scams can be seen in the table below.

Risk Type
Description

Fake Smart Contracts

Scam dApps that mimic trusted projects

Phishing Links

Wallet-draining links in chats or emails

Airdrop Scams

Fake token drops asking for permissions

Malicious dApps

dApps requesting excessive authority

Spoofed Accounts

Accounts using lookalike names (e.g. eos.io vs eosio)

Due Diligence Before Engaging with a New Project

Before engaging with a crypto project check the following:

Project Fundamentals

  • Official website & whitepaper

  • Tokenomics - Review token supply, distribution, and vesting.

  • Roadmap - Look for clear, achievable goals.

  • Consensus Mechanism - Understand how blocks are produced (PoW, PoS, DPoS, etc.).

  • Governance model - Is it transparent and community-driven?

Team & Background

  • Research founders & core team on LinkedIn and past projects.

  • Speak to the team if possible—look for professionalism and clarity.

  • Avoid anonymous or unverifiable teams unless the project is open-source with active contributions.

Audit & Security

  • Check if the smart contracts are audited by reputable firms.

  • Read audit reports when available.

  • Use trusted block explorers to verify contract addresses.

Business Model & ICO Health

  • Understand how the project plans to make money.

  • Avoid ICOs with vague terms or long-running fundraisers.

  • Be cautious of unrealistic claims or sudden token pumps.

Reputation & KYC

  • Look for KYC-verified platforms (e.g., eosrespect.io).

  • Check for community feedback on platforms like Discord, Reddit, X (Twitter), and Telegram.

Due Diligence Before Connecting to a Smart Contract

Before connecting to a smart contract always do the following:

Verify the Contract or Account You’re Interacting With

Why it matters: Scammers often create fake contracts or spoof real account names (e.g., eos1o.token instead of eosio.token).

How to do it:

  • Use a trusted block explorer like Unicove

  • Check information like account creation date, account history

  • Double-check contract names against the official project site or documentation

Never Approve Permissions You Don’t Understand

Why it matters: Giving a dApp access to your active or owner permission—or blindly signing multi-step transactions—can result in total wallet drain.

How to do it:

  • Use trusted wallets like Anchor

  • Review every transaction prompt carefully

  • When in doubt, don't sign it. Never give a dApp permission to transfer your tokens unless you 100% trust it.

Avoid Clicking Unknown Links or Tokens in Your Wallet

Why it matters: Fake airdrops and phishing links are two of the most common entry points for scams. Interacting with a malicious token or site can expose your keys or trigger an exploit.

How to do it:

  • Don’t click on links from DMs or random Telegram/X replies

  • Don’t touch random tokens that show up in your wallet

  • Always go directly to a project’s verified website or community channel

PreviousVaulta Brand GuidelinesNextCommon Scams to Avoid

Last updated