Skip to main content

2 posts tagged with "Integration"

View All Tags

· 5 min read
Sebastian Lim

Getting Started with HashDit Snaps: A Step-by-Step Guide

Introduction

Meet HashDit Snaps, a revolutionary MetaMask extension designed to dramatically boost your security when interacting with smart contracts. HashDit snap aims to protect users by screening transactions before they are executed through transaction insights. This include warnings against interactions with:

  • Ponzi Schemes
  • Risky Smart Contract Interactions
  • Phishing Websites and Addresses
  • Scam Websites and Addresses

HashDit snap also provides clear details about the function and arguments invoked during a smart contract interaction.

Installation

Installing MetaMask

As a pre-requisite, MetaMask must be installed on your browser before installing HashDit Snaps.

Metamask Installation Link

MetaMask Snaps is currently only supported on the browser version, and not the mobile version.

Installing The Snap On the HashDit Snap website, start the installation process by clicking the Add to MetaMask button.

Installing The Snap

On the HashDit Snap website, start the installation process by clicking the Add to MetaMask button.

IMG-1

Permissions Continue through the install and accept the requested permissions. The requested permissions are required to allow HashDit Snap to work properly.

  • Access the internet: Allow HashDit Snap to access the internet. This is used to both send and receive data with the HashDit API.
  • Access the Ethereum provider: Allow HashDit Snap to communicate with MetaMask directly, in order for it to read data from the blockchain and suggest messages and transactions.
  • Allow websites to communicate directly with HashDit Security: Allow websites to send messages to HashDit Security and receive a response from HashDit Security.
  • Fetch and display transaction insights: Allow HashDit Snap to decode transactions and show insights within the MetaMask UI. This is used for all the security features.
  • See the origins of websites that suggest transactions: Allow HashDit Security to see the origin (URL) of websites that suggest transactions. This is used by the URL screening feature.
  • Store and manage its data on your device: Allow HashDit Security to store, update, and retrieve data securely with encryption. Other snaps cannot access this information. The only data stored is the signed hash of the security message (see below).

The HashDit snap does not have access to the user's private keys. Furthermore, the only transaction initiated by the Snap is a signature request dispatched during installation.

Signature Request

Upon completion of the installation process, the user will be prompted to sign a security message. Note that this is only used to authenticate the HashDit API. Rejecting the signature request will prevent HashDit's features from working.

IMG-2

If the signature request is rejected, it can be re-prompted by just reinstalling the snap.

If you attempt to use HashDit snap without signing the security message, an error screen will be displayed.

IMG-3

Reinstalling the snap will resolve this issue.

Reinstalling The Snap

To update the snap or re-sign the signature request, users simply need to click the 'Reconnect' button, which triggers a new installation prompt.

IMG-4

How To Use HashDit Snap

Using HashDit Snap is simple! Once the HashDit Snap is installed, the security features are entirely automatic. The HashDit Snap will provide transaction insights before a transaction is executed by a user. In the transaction screen, a user can switch to the HashDit Security tab to view the risks involved with their transaction.

IMG-5

The features of HashDit Snap are currently supported on the Binance Smart Chain Mainnet and Ethereum Mainnet. Other networks will only support URL screening.

Features

Transaction Screening and Destination Screening

Transaction Screening

The Transaction Screening insight offers a risk assessment before interacting with a smart contract. This assessment provides users with three values that shed light on potential risks associated with their transaction: Overall Risk - The overall risk level of the transaction, which can be one of three levels · Low Risk · Medium Risk · High Risk Risk Overview - The recommended action Risk Details - Details explaining the output of the overall risk

IMG-6

Destination Screening

The Destination Screening insight scans a transaction's destination address against HashDit's database of blacklisted and whitelisted addresses. This database encompasses known scamming, phishing, and trusted addresses. This assessment provides users with three values that shed light on potential risks of interaction:

Overall Risk - The overall risk level of the transaction can be one of three levels · Low Risk · Medium Risk · High Risk Risk Overview - The recommended action Risk Details - Details explaining the output of the overall risk

IMG-7

URL Screening

The URL Screening insight scans the website origin of the transaction and compares it against HashDit's database of whitelisted and blacklisted URLs. Our database includes sites flagged as scams, deemed high-risk, and whitelisted. The insight will provide users with a risk level, ranging from -1 to 4.

Risk LevelRisk Explanation
-1Unknown Risk
0No Risk
1Low Risk
2Medium Risk - Suspicious Website
3Medium Risk - Dangerous Website
4High Risk - Dangerous Website

IMG-8

Function Call Information

The Function Call insight provides clear and explicit details about the function and arguments invoked during a smart contract interaction. The aim is to offer more readable parameters than Metamask's current 'Hex' tab. This is achieved by displaying each function argument, its type, and its corresponding value.

IMG-9 IMG-10

Official Website: https://www.hashdit.io/en/snap

Documentation and FAQ: https://hashdit.gitbook.io/hashdit-snap

GitHub Repo: https://github.com/hashdit/metamask-snap

MetaMask Snap Page: https://snaps.metamask.io/snap/npm/hashdit-snap-security/

· 3 min read
Sebastian Lim

HashDit API Integration

What Is HashDit?

HashDit is a Web3 Security Firm dedicated to providing completely free security solutions to both end users and protocol developers on the BNB Chain. Our central objective is to furnish crucial threat intelligence to empower day-to-day DeFi investors in making well-informed decisions. Navigating this DeFi intricate landscape poses challenges even for seasoned investors, let alone newcomers. HashDit aims to bridge this knowledge gap by offering timely and comprehensive threat intelligence on DeFi projects. HashDit's API integration extends its influence to numerous prominent applications, anchoring active measures to safeguard users from the clutches of fraudulent activities. Hashdit typical clients include but are not limited to the following protocols.

1.TrustWallet

HashDit's API takes center stage within TrustWallet, an industry vanguard Web3 Wallet. Serving as a protective layer within the user experience, HashDit's threat intelligence suite preempts elevated risks by promptly notifying users before they connect to the dApp or execute transactions. This proactive approach ensures users operate with heightened vigilance, fortifying their engagement within the dynamic DeFi landscape.

In 2023, HashDit API continually safeguarded assets on TrustWallet and prevented 584k of 630k risky BSC transactions, that's a 93% coverage, preventing users from transferring nearly $169m to scammers!

2.PancakeSwap

This leading DEX on the BNBChain, with a substantial $1.3 billion in TVL, seamlessly incorporates HashDit's solution. Automated scans of tokens within the PancakeSwap framework offer users discernible risk scores. This feature empowers users with real-time insights into potential transactional risks, bolstering informed decision-making amid their DeFi interactions.

3.BscScan

A prime example of HashDit's impact unfolds through its collaboration with blockchain explorers, most notably BscScan. Integrating risk alerts within the explorer's interface bolsters user prudence and caution. Users are empowered to tread warily when engaging with projects or addresses displaying suspicious or high-risk attributes. This measured approach fosters an environment of cautious exploration, preventing undue exposure to potential risks.

Integrate HashDit API With 3 Steps

  • Step1: Apply for access by sending a request with following information to support@hashdit.com.
    • Project name
    • Project description & main products
    • Estimated chains
    • Estimated QPS
      • Query Per Second, the HashDit Security API rate limit is 1200 calls/minute. If you require a higher limit than the available plans, please input correct QPS info.
    • Scenario (see more details in “Security Scanner Scenario” below)
      • DeFi Wallet
        • Url Security Scanner
        • Address Security Scanner
      • Dex
        • Token Security Scanner
        • Others (input the description)
    • Release date
  • Step2: HashDit team will review the request and provide the api token and test examples within 5 work days.
  • Step3: You can build up the Security Scanner within your project 🎉.

Security Scanner Scenario

1.Wallet

IMG-1

IMG-2

2.Dex Token Security Scanner

IMG-3