1inch dApp and 1inch Wallet user protection

In this post, we'll explore how 1inch leverages the most advanced tools to ensure the security and integrity of the 1inch dApp.

For 1inch, security is not just another feature - it’s central to our commitment to fostering trust and confidence in decentralized finance. In this article, we’ll explore how 1inch employs multiple front- and back-end security tools to provide robust protection against manipulation, fraud, and other threats — and ensure a safe experience for every user navigating the 1inch dApp:

1. Security Checks and Surveillance – Explore the mechanisms in place to mitigate browser and APIs call data manipulation and ensure 1inch dApp integrity.
2. Advanced Wallet Screening Processes – Discover how 1inch uses real-time tools and our super-database to leverage multiple independent sources and methods, including manual blacklists, to prevent malicious activities with infinite hops.
3. dApp Scan, Transaction Simulation and Validation for 1inch Wallet – Learn how 1inch helps users identify risks before signing transactions.
4. Geofence and VPN Detection – Understand how unauthorized jurisdictions and VPN usage are restricted to maintain a secure environment.

Let’s dive into these measures and uncover how they contribute to a safer 1inch dApp user experience.

Security Checks and Surveillance

The decentralized nature of Web3 platforms makes them susceptible to manipulation through web browser developer tools, for example by modifying network traffic or API call data responses. Recognizing these vulnerabilities, 1inch has implemented robust front- and back-end security protocols.

Legacy Mode Security. Legacy mode (classic swap) is more susceptible to manipulation by bad actors who attempt to rewrite or override web browser or routing content. To mitigate this risk, stricter validation measures have been implemented. Every user interaction, request, or data submission undergoes meticulous validation at the front- and back-end level. This approach minimizes the risks posed by browser-based overrides through developer tools, ensuring manipulative attempts cannot compromise the integrity of the 1inch dApp user experience.

Moreover, as detailed in a previous post, 1inch employs a suite of AML screening tools for Web3 security, including 1inch Blacklist, TRM Labs, Etherscan, Blockaid, Hypernative, ZeroShadow and others. 1inch handles it as a super-database to leverage multiple internal and independent sources and methods under continuous development. When any internal or third-party database detects a risk to a swap or limit order originating from a suspicious wallet address, the system immediately prevents the former or removes the latter. .

Fusion Mode: Security By Design. Fusion mode and Fusion+ (cross-chain swap) are inherently secure by design, as resolvers and market makers control the execution of transactions, making it impossible for users to manipulate web browser or API call data.

Swap Surveillance. To secure 1inch Swap (Legacy and Fusion), we created 1inch RabbitHole to prevent users from running market manipulations. 1inch Fusion solves the problem of DeFi risks, front-running, sandwich attacks, and other market manipulation techniques.

Advanced Wallet Screening Processes

In previous posts, we discussed the AML screening tools we use, including 1inch Blacklist, TRM Labs, Etherscan, Blockaid, Hypernative, ZeroShadow and others, which play a key role in wallet screening. Building on these measures, 1inch continuously explores new third-party database integrations and refines its internal processes and systems to enhance security and detection capabilities.

Risk Engine. A security-driven risk engine is designed to evaluate the risk level of each user’s wallet. This assessment is based on:

●  Transaction History: identifying unusual patterns or behaviors.

●  Wallet Behavior: detecting anomalies that indicate potential threats.

●  External Data: cross-referencing blacklists, sanctions, and other compliance data.

The risk engine screens every 1inch dApp user request against known threats, such as phishing attempts, scams, sanctioned wallets and many others.

Custom Blacklists. To further strengthen security, 1inch continuously refines its internal blacklisting processes. Newly-identified threats are promptly addressed and incorporated into a custom internal blacklist, ensuring an adaptive and proactive security framework.

1inch’s custom internal blacklist is built by integrating trusted industry databases from independent and reputable sources. This approach enables the creation of a robust database that leverages multiple methods and data streams to monitor wallet activities comprehensively. The overlapping information from these diverse sources allows more precise identification of bad actors while minimizing opportunities for malicious entities to exploit the 1inch dApp. This multi-faceted approach also contributes to stronger protection across the whole DeFi ecosystem.

In addition, trusted entities and law enforcement agencies can directly add wallet addresses to the 1inch Blacklist. This ensures the ability to proactively block wallets involved in suspicious activities, such as fraud or illicit transactions, before they can interact with the 1inch dApp.

dApp Scan, Transaction Simulation and Validation for 1inch Wallet

Leveraging multiple Blockaid APIs, 1inch provides users with robust protection against risks related to transaction execution, dApp usage, and token interactions, serving as the Web3 equivalent of antivirus software. Here’s how:

1inch dApp Scanning. 1inch Wallet users benefit from Blockaid’s dApp Scanning API, which finds and scans malicious dApps and warns the user before interacting with potentially harmful websites. This feature also flags messages containing malicious domains, offering protection similar to email spam filters.

Transaction Simulation and Validation. Transaction simulations and validations are powerful tools that help 1inch Wallet users fully understand the outcomes of their actions before signing a transaction. With these features, users can see a detailed preview of the functions the smart contract will execute and what permissions they are granting. For example, users are shown which assets will be withdrawn from or deposited into their wallet. In the validation process, the transaction is then assessed and categorized as malicious or benign.

Any potential risks are flagged immediately, such as unauthorized withdrawals or unexpected asset transfers. These warnings are displayed prominently in the user interface, empowering users to halt potentially harmful actions before they are finalized. By offering real-time insights, this feature helps users make well-informed decisions and navigate the complexities of Web3 safely.

Malicious Token Detection. Blockaid’s Malicious Token Detection API distinguishes between spam and legitimate tokens. Spam tokens are automatically hidden from the user, while suspicious ones are flagged.

Geofence and VPN Detection

Finally, 1inch also employs robust measures to detect and restrict unauthorized use including VPN usage.

Geofencing: 1inch takes compliance with international sanctions and local regulations seriously. As part of our ongoing efforts to prevent unauthorized access to our platform, we have implemented geofencing measures to restrict access from sanctioned jurisdictions and the United States. These measures are designed to ensure compliance with global AML/CTF regulations and prevent misuse of 1inch.

These efforts are supported by monitoring tools that identify and block VPNs and proxy-based access attempts (as defined below), ensuring stricter adherence to geofencing policies.

VPN Checks. Strict backend protocols actively detect and block users attempting to access 1inch products via VPNs. By conducting these checks, 1inch ensures that restrictions cannot be bypassed through IP manipulation or other circumvention tactics.

These measures are designed to identify and limit access for users engaging in suspicious behaviors, such as attempting to mask their location, ensuring a more secure and transparent environment.

Stay tuned for more updates on 1inch’s security features!