Newsletter #87

>>> FOLLOW LAZY.COM ON TWITTER, INSTAGRAM AND TIKTOK <<<

This week’s featured collection: Illestrater

There is something deeply satisfying about browsing an extremely large collection of NFTs. That is why this week’s featured collector is Illestrater, whose Ethereum NFT collection is extensive and includes many big name projects along with new ones worth discovering. Have fun looking through their collection at lazy.com/illestrater

If you enjoy reading our newsletter, show some love by sharing this post. Thank you!

Share

Learning to “Delegate” could be the most important new skill for NFT collectors in 2023. Here’s how delegation can keep your NFTs safe.

A few of weeks ago, an extremely sophisticated scammer stole over a million dollars worth of NFTs from a Bored Apes collector. Although hacks are common, this particular scam attracted a lot of attention due to its complexity.

In brief, the scammer contacted the victim and claimed they wanted to license their Bored Ape for an upcoming film. When the collector went to sign the paperwork, they were asked to login to a web3 site. The site requested their signature and their Apes were instantly stolen.

Image

Signing this signature request allows the scammer to steal your NFTs. Most users probably don’t know that!

Many people assume that signing a transaction is harmless, after all it is how we sometimes login to web3 sites. However, these scammers exploited a feature of OpenSea’s marketplace that allows the creation of private auctions using signatures. In other words, if you sign the wrong transaction it can be used to steal your NFTs. Scary!

For a full analysis of the scam, check out this thread.

One of the best ways to protect against getting scammed is to delegate your NFTs.

There are a few different delegation systems. The most well known is delegate.cash. Others, such as the one announced by Punk6529, will be released soon.

The way they work is simple:

  1. You, the collector, store your NFTs in a cold wallet

  2. You use a delegation system to link your cold wallet to a hot wallet

  3. When a site wants to check if you own a specific NFT, it queries your hot wallet address instead of your cold wallet.

In other words, websites and smart contracts interact with your hot wallet (which does not contain any NFTs) instead of your cold wallet. And because your hot wallet is empty, nothing can be stolen.

It is an elegant solution. However, it does require NFT projects to upgrade their smart contracts and/or websites to support delegation. The best way to encourage that process is for collectors to make delegation a core part of their strategy for staying safe in 2023.

Thanks for reading! We wish you a wonderful end to 2022!

Thank you for reading Lazy.com’s Newsletter. Was this post helpful? Show some love by sharing.

Share

👉🏼 Lazy.com is seeking a web3 front-end developer with React experience. 👀

Tens of thousands of collectors use Lazy.com to display their NFTs. Help us shape what they see. Apply now by sending a sample of your work.

We ❤️ Feedback

We would love to hear from you as we continue to build out new features for Lazy! Love the site? Have an idea on how we can improve it? Drop us a line at info@lazy.com