[technion]

Nothing stops a person making a new wallet with limited assets for interaction with less reputable websites. Web3 culture has made this quite difficult in practice. For example, it's quite normalised to say "new exciting nft project, only available to existing owners of expensive nfts". This sort of thing is considered an ownership perk. And it's why those discord hacks were so damaging, a statement like that was made and it did not sound out of character. So in order to use this service, you must be using the wallet with your expensive nfts, so ownership can be verified, but also because it's a phishing site.

Edit: and if you wanted to routinely transfer small funds to a hot wallet, gas fees will put a stop to the idea.

[gowld]

Why is the MetaMask UI so dumb that it can't say "This transacation is sending your NFT to address X. Address X has [reputation stats of some sort]. Is that what you want?"

[brutusborn]

Surely attackers could just make new wallet as soon as they are added to the blacklist? Unless making a new wallet and updating the script is difficult / expensive, a blacklist system would have pretty low benefit:cost.

[tornato7]

Wouldn’t be a backlist but a reputation score based on the team, audits, popularity of the contract, open sourced code, etc etc

[renewiltord]

Thanks for explaining. To you, and peer commenters.