Sorry, we don't support your browser.  Install a modern browser
This post is closed.

Found a flaw with token gating#30

Here’s the problem:

If you’re on mobile using the rainbow wallet you can load up someone’s public address in a “watching” state. When checks if you own an NFT for gated site access you can just point it to the wallet of the NFT holder via Rainbow wallet in this way and gain access without having to own the NFT yourself.

3 months ago

Thank you for reporting!

2 months ago
Changed the status to
5 days ago