All articles

Malicious smart contracts

Interacting with a dodgy or malicious smart contract can be a concerning situation, as it can potentially put your coins at risk. A smart contract is a self-executing contract with the terms of the agreement written directly into code. When you interact with a smart contract, you may give it permission to access or spend your tokens. If the contract is malicious, it may be able to spend your tokens without your knowledge or approval.

It is important to note that interacting with a malicious smart contract does not put your other cryptocurrencies, such as Bitcoin, at risk. Therefore, it is not necessary to transfer your entire portfolio to a new seed. Instead, you should take immediate action to revoke the allowance for the malicious contract. This can be done by using a website such as, which allows you to check all the smart contracts you are interacting with and what your allowance is for each of them.

For added security, you can also transfer your tokens from the used ETH address to a new one. Since an ETH receiving address represents an entire account, you can create a new ETH account in Trezor Suite and transfer the tokens there.

It is important to be vigilant when interacting with smart contracts, and to take steps to protect your coins if you suspect that you have interacted with a malicious contract. Regularly checking your allowances and revoking them for any suspicious contracts can help to ensure the safety of your tokens.

For more information about potential malicious contract scams check out this article from MetaMask here.
If you require further assistance, please contact us via our chatbot Hal who will help resolve your issue.
a part of SatoshiLabs Group
Copyright belongs to Trezor company s.r.o. All rights reserved.