Staying Safe
How to stay safe before sending tokens or using smart contracts
Vaulta is a powerful blockchain built for high-speed, scalable applications. It’s permissionless and irreversible—which means once you send tokens or sign a transaction, you can’t undo it.
Bad actors can deploy malicious smart contracts or impersonate known projects. Your best defense? Know what you’re interacting with.
Vaulta transactions are instant and irreversible
Never trust random token airdrops in your wallet
Always verify before you sign
Identifying Scams
Scams, hacks, and failed projects are common, so due diligence is your first line of defense before sending tokens, interacting with smart contracts, or investing in a project. A list of common scams can be seen in the table below.
Fake Smart Contracts
Scam dApps that mimic trusted projects
Phishing Links
Wallet-draining links in chats or emails
Airdrop Scams
Fake token drops asking for permissions
Malicious dApps
dApps requesting excessive authority
Spoofed Accounts
Accounts using lookalike names (e.g. eos.io vs eosio)
Due Diligence Before Engaging with a New Project
Before engaging with a crypto project check the following:
Project Fundamentals
Official website & whitepaper
Tokenomics - Review token supply, distribution, and vesting.
Roadmap - Look for clear, achievable goals.
Consensus Mechanism - Understand how blocks are produced (PoW, PoS, DPoS, etc.).
Governance model - Is it transparent and community-driven?
Team & Background
Research founders & core team on LinkedIn and past projects.
Speak to the team if possible—look for professionalism and clarity.
Avoid anonymous or unverifiable teams unless the project is open-source with active contributions.
Audit & Security
Check if the smart contracts are audited by reputable firms.
Read audit reports when available.
Use trusted block explorers to verify contract addresses.
Business Model & ICO Health
Understand how the project plans to make money.
Avoid ICOs with vague terms or long-running fundraisers.
Be cautious of unrealistic claims or sudden token pumps.
Reputation & KYC
Check for community feedback on platforms like Discord, Reddit, X (Twitter), and Telegram.
Due Diligence Before Connecting to a Smart Contract
Before connecting to a smart contract always do the following:
Verify the Contract or Account You’re Interacting With
Why it matters: Scammers often create fake contracts or spoof real account names (e.g., eos1o.token instead of eosio.token).
How to do it:
Check information like account creation date, account history
Double-check contract names against the official project site or documentation
Never Approve Permissions You Don’t Understand
Why it matters: Giving a dApp access to your active or owner permission—or blindly signing multi-step transactions—can result in total wallet drain.
How to do it:
Use trusted wallets like Anchor
Review every transaction prompt carefully
When in doubt, don't sign it. Never give a dApp permission to transfer your tokens unless you 100% trust it.
Avoid Clicking Unknown Links or Tokens in Your Wallet
Why it matters: Fake airdrops and phishing links are two of the most common entry points for scams. Interacting with a malicious token or site can expose your keys or trigger an exploit.
How to do it:
Don’t click on links from DMs or random Telegram/X replies
Don’t touch random tokens that show up in your wallet
Always go directly to a project’s verified website or community channel
Last updated