- Topic
8k Popularity
96k Popularity
125k Popularity
6k Popularity
2k Popularity
- Pin
- 🎉 Hey Gate Square friends! Non-stop perks and endless excitement—our hottest posting reward events are ongoing now! The more you post, the more you win. Don’t miss your exclusive goodies! 🚀
🆘 #Gate 2025 Semi-Year Community Gala# | Square Content Creator TOP 10
Only 1 day left! Your favorite creator is one vote away from TOP 10. Interact on Square to earn Votes—boost them and enter the prize draw. Prizes: iPhone 16 Pro Max, Golden Bull sculpture, Futures Vouchers!
Details 👉 https://www.gate.com/activities/community-vote
1️⃣ #Show My Alpha Points# | Share your Alpha points & gains
Post your - 🚀 ETH jumped to $4,600 this morning, up 8.69% in 24h!
Just shy of the $4,891 ATH—think it breaks through?
📍 Follow Gate_Square, vote and drop your reason.
🎁 4 winners split $100 Futures Voucher! - 📢 Exclusive on Gate Square — #PROVE Creative Contest# is Now Live!
CandyDrop × Succinct (PROVE) — Trade to share 200,000 PROVE 👉 https://www.gate.com/announcements/article/46469
Futures Lucky Draw Challenge: Guaranteed 1 PROVE Airdrop per User 👉 https://www.gate.com/announcements/article/46491
🎁 Endless creativity · Rewards keep coming — Post to share 300 PROVE!
📅 Event PeriodAugust 12, 2025, 04:00 – August 17, 2025, 16:00 UTC
📌 How to Participate
1.Publish original content on Gate Square related to PROVE or the above activities (minimum 100 words; any format: analysis, tutorial, creativ - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re - 🎉 The #CandyDrop Futures Challenge# is live — join now to share a 6 BTC prize pool!
📢 Post your futures trading experience on Gate Square with the event hashtag — $25 × 20 rewards are waiting!
🎁 $500 in futures trial vouchers up for grabs — 20 standout posts will win!
📅 Event Period: August 1, 2025, 15:00 – August 15, 2025, 19:00 (UTC+8)
👉 Event Link: https://www.gate.com/candy-drop/detail/BTC-98
Dare to trade. Dare to win.
A Complete Analysis of Web3 Signature Phishing: Principles and Prevention Strategies
Signature Phishing in Web3: Principles Analysis and Preventive Measures
Recently, "signature phishing" has become one of the most favored scam methods among Web3 hackers. Despite ongoing awareness efforts by security experts and wallet companies, many users still fall victim every day. One of the main reasons for this phenomenon is that most people lack an understanding of the underlying logic of wallet interactions, and the learning curve is quite high for non-technical individuals.
In order to help more people understand this issue, this article will explain the underlying logic of signature phishing in an easy-to-understand way.
Two Ways to Operate a Wallet
When using a Web3 wallet, we mainly have two operations: "signature" and "interaction."
Signing is usually used for authentication, such as logging into a wallet or connecting to a DApp. This process does not affect blockchain data, so there is no need to pay a fee.
Interaction involves actual blockchain operations. For example, when exchanging tokens on a certain DEX, you first need to authorize (approve) the smart contract to use your tokens, and then execute the actual exchange operation. Both steps require paying Gas fees.
Common Phishing Methods
1. Authorized Phishing
This is a traditional Web3 phishing technique. Hackers create a seemingly legitimate website to lure users into authorizing actions. When users click on buttons like "Claim Airdrop," they are actually authorizing the hacker's address to use their tokens.
2. Permit signature phishing
Permit is an extended feature of the ERC-20 standard that allows users to approve others to use their tokens through a signature. Hackers can induce users to sign such permits and then use the signature to transfer the user's assets.
3. Permit2 signature phishing
Permit2 is a feature launched by a certain DEX to simplify user operations. It allows users to authorize a large amount at once, after which they only need to sign to make transactions. However, if a user has previously used that DEX and granted unlimited authorization, a hacker could exploit this mechanism to transfer the user's assets.
Preventive Measures
Cultivate security awareness: Carefully check the operations you are performing each time you conduct wallet operations.
Asset separation: Separate large funds from the wallet used for daily transactions to reduce potential losses.
Learn to recognize the signature formats of Permit and Permit2: Be wary of signature requests that contain the following fields:
By understanding the principles of these phishing methods and taking appropriate preventive measures, users can better protect the security of their digital assets. In the Web3 world, staying vigilant and continuously learning is crucial.