Using L2 now is really worry-free and cost-effective, but my conclusions over these few times are quite simple: for small amounts and high-frequency transactions, just drop L2; if you’re planning to hold long-term and have many authorizations, it’s still more reliable to store on the mainnet cold storage. Gas may be expensive, but buying a sense of “don’t bother me” peace of mind is worth it.

I usually take this compromise approach: only keep enough balance on L2, and when I see the authorization page, I stop first; if I can use a one-time authorization, I avoid unlimited permissions. A couple of days ago, I almost accidentally signed a strange permit, but luckily I habitually checked the simulation first, which showed I needed to authorize all of my USDC at 0x7c…3a, so I immediately closed the page… Anyway, I’d rather be slow.

As for the tagging system of on-chain data tools, I don’t trust it as much anymore; I’ve seen it update slowly or mislead people. If I really want to verify whether an address is clean or not, I look more at the transaction paths and the interacting contracts, and less at phrases like “it’s written as safe.” That’s it for now—security is built bit by bit by myself.