The proposal, presented on January 14th by a developer known as Morsy at X, opens the door to recovering funds from hacked Ethereum wallets. bot It will automatically eject them immediately.
The purpose of this tool is to Perform rescue operations atomically It is based on Ethereum Improvement Proposal 7702 (EIP-7702).
The goal is to solve one of the most frequent problems after a private key is compromised. Once an address is compromised, the attacker typicallysweeper bot‘: program They monitor your wallet and automatically steal any new assets that come in.Even before the user reacts.
This automatic drain reaches the funds sent to pay network fees and rewards. air drop or assets released after a process like Unstakein fact, victims will not be able to move their funds.
As the developer explained, his tool is This drainage can be avoided By executing the ransom “in a single transaction, without giving the attacker any room for intervention.”
This means that all necessary actions (authorizing the use of a compromised wallet, claiming assets, and transferring them to a secure address) are performed simultaneously and atomically. as a single atomic operation that is committed all at once. This includes: bot of the attacker.
This proposal takes on special relevance considering that Ethereum was the largest network from which funds were stolen in 2025, as explained by CriptoNoticias.
What problem is this tool trying to solve?
In the creator’s own words: “Once an address is compromised, an attacker can obtain the private key and bot Instantly steal the ETH or tokens you receive. This is actually A hacked wallet becomes uselessEven if they still contain recoverable assets.
If you try to transfer funds you will have to pay a fee (gas) and it will be bot. « In any case, air drop Or unlocking will trigger the drain before the victim can blink. ”He explained.
This proposal is Approve and execute transactions From a compromised account.
How does the recovery mechanism work?
tool It is based on a technical proposal known as EIP-7702.implemented in the Pectra update, allows control of external accounts (EOAs) to be temporarily delegated to smart contracts.
Simply put, users Grant permission for collection agreement Move funds from a compromised wallet without the address issuing its own transactions.
The following screenshot is taken from a video published by Morsy and reflects the beginning of the process.
The process works like this:
- Users sign an authorization offline to delegate their hacked wallets to a recovery agreement.
- The “sponsored” wallet (an external address subject to payment of network fees) pays transaction fees.
- The contract executes the request for funds atomically ( air drop) Transfer them to your new secure wallet.
A process runs in a single transaction. “Compromised wallets do not output anything, so Drainbot cannot intercept operations,” the developer said.
According to the developer, after “countless trials and errors”, initial testing was successfully conducted on the Sepolia test network. The next step is to deploy the tool to your main network and test it in a real-world scenario. bot assets.
The authors themselves admit that the important point of preventing third parties from proceeding with sponsored transactions still needs to be resolved (front line). “We’ll fix it and update when it’s ready,” he said.
Although it is still a proof of concept, this proposal represents a fundamental change. In the future, Ethereum will be able to natively mitigate one of the most destructive effects of hacking.
(Tag translation) Blockchain
