Crypto wallet signature scams#

A wallet signature can authorize a transfer, approval, trade, or account permission even when no password or recovery phrase is requested. Signature scams trick you into approving an action that benefits the attacker, often through a cloned site, fake claim, urgent warning, or support message.

How signature scams work#

Wallet requests fall into several broad categories:

• Transactions: onchain calls that can transfer CTN, move tokens, approve a spender, authorize an NFT operator, or change a smart account.
• Message signatures: offchain signatures that may prove account ownership, accept terms, create an order, or authorize a later onchain action.
• Typed-data signatures: structured messages intended to be more readable, but still capable of granting valuable authority.
• Smart-account permissions: session keys, modules, delegates, or batched calls that can remain active after the first interaction.

A request showing zero CTN value is not automatically safe. It can still grant a contract permission to transfer CRC-20 tokens or NFTs later.

Common attack patterns#

Attackers often use:

• Fake token claims, refunds, migrations, or security checks.
• Search ads leading to cloned CenturionDEX pages.
• Direct messages from fake Centurion Labs staff.
• QR codes that open a signing page.
• A harmless-looking sign-in followed by a broad approval.
• Wallet-drainer pages that select the most valuable permission available.
• A batch that hides an approval among ordinary-looking calls.

Modern wallets may simulate outcomes, but simulation can be incomplete when contracts are upgradeable, state changes before execution, or the request uses an unfamiliar signature format.

Step-by-step before signing#

1. Confirm that you reached the site through a current official Centurion source.
2. Verify the wallet is on Centurion and the intended chain ID.
3. Read whether the request is a transaction or message.
4. Inspect token contracts, spender or operator, allowance amount, recipient, and expiry.
5. Expand every action in a batch or smart-account permission.
6. Cancel if the wallet cannot explain the effect or the request does not match the action you initiated.
7. Use a separate low-value account for unfamiliar applications.

If you already signed#

1. Stop interacting with the site and preserve the URL, screenshots, and transaction hashes.
2. Review CRC-20 allowances, NFT operator approvals, and smart-account permissions on the affected network.
3. Remove malicious permissions through a trusted Centurion-compatible tool.
4. If a private key or recovery phrase was exposed, create a new wallet on a clean device and move remaining assets.
5. Report the incident through official Centurion channels and appropriate authorities.

Disconnecting the site is not enough because onchain permissions remain until revoked or exhausted.

Stay safe#

Never share a recovery phrase, private key, password, or hardware-wallet code. Verify every signature, even when the request appears to come from support or promises a benefit. No legitimate CenturionDEX recovery process requires a surprise wallet approval.

Related#

• What is an approval transaction?
• Impersonation scams
• Reporting scams
• Centurion Protocol security