前几天,我看到我的metamask钱包的一个账号里多出来685GRT,价值大约400美刀,我还纳闷呢,然后想到我曾经拿600多个GRT去delegate过,但是才抵押了一个月,怎么会有这么多回馈呢?我也没多想,以为自己搞错了抵押奖励机制。 还思索着以后去多抵押一些,这也太合算了。 一个月100%回报率,哪里去找这样的投资呢?
今天早晨,杯具了,发现那个账号的GRT被清空了,我大吃一惊,赶紧去ethscan上查看,大家看看这条记录:
https://etherscan.io/token/0xc944e90c64b2c07662a292be6244bdf05cda44a7?a=0x8e6ae70eab3e420d066f18c0fceca788085f8826
这人从账号“0x8e6ae70eab3e420d066f18c0fceca788085f8826” 转入转出,如入无人之境:
最令我惊讶的是,这笔交易居然没有手续费(gas):
账号被黑,我可以理解,我自己做了傻事,我写了个智能合约放到github上了,然后这个代码里有我的私钥和公钥。但是transfer不收交易费,我就纳闷了。我把这个事情放到discord里去问,然后就有人回答了:
Unfortunately, it looks like your wallet was compromised. A transaction was confirmed coming from your account interacting with the contract, and a transaction originating from an account has to be signed by the associated private key for the block to be accepted by the network.
As for the no transaction fee, either the thief is a miner, or uses a service where you pay and send your transaction to miners directly instead of paying on the blockchain.
[1:01 PM]
Sorry that this happened to you. It really sucks :/
居然还有这种操作,可以把gas费直接给矿工?矿工不是要竞争才能打包区块吗,然后才能拿到交易费吗?于是我又问了:
one more question I just thought, miners will compete to pack block then get transaction fee, how could people pay a miner upfront ?
然后又得到了回答,太让我震惊了,不是我不明白,这世界变化快:
I'm not sure exactly how it works, but I know for sure such options exist. They are mostly for frontrunning bots and whales avoiding frontrunning bots as far as I know
有具体明白的大侠望回帖解释下。谢谢。
这个教训就是:以后一定要把开发用的钱包跟实际要使用的钱包分离开来,不要随便动用实际使用的mainnet上钱包。