increaseAllowances allows a token holder to increase the spending limit of another address on their tokens. This signature type involves approving another address to spend more tokens from the holder's account.
If the wallet fails to correctly identify anomalies in the increaseAllowances signature data initiated by the Dapp, it may pose a phishing risk.
Click the "Connect Wallet" button to connect your wallet. This test applies to the Polygon network. If the blank box below does not show "Polygon Mainnet (Chain ID: 137)" after connecting your wallet, click the "Switch to Polygon Mainnet" button to change the network.
Test by clicking the "approve(address,uint256) 128" button and other buttons such as "126", "126+Blank", etc. The number 128 represents a normal length, while "126" and "126+Blank" are abnormal lengths. If the wallet does not correctly identify the signature type or detect risks after the signature is triggered, a vulnerability is present.
The wallet should correctly identify different signature data lengths for the increaseAllowances signature type.
ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
}]
});ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
}]
});ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 112233445566"
}]
});ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00"
}]
});ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
}]
});ethereum.request({
"method": "eth_sendTransaction",
"params": [{
"from": accounts[0],
"to": "0xd89d98d5764787098050354fba1ce9279c448786",
"gasPrice": "0x09184e72a000",
"gas": "0xe4f3",
"data": "0x395093510000000000000000000000009197ee309722a7658934796f0c4bfde85774dd2800000000000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
}]
});