Tutorial title

Part 1: "Detect UI Spoofing Attacks: Decoding Ethereum Calldata with Python", Part 2: "Prevent UI Spoofing: Simulating Ethereum Transactions with Foundry & Python"

Tutorial description

Tutorial Description

This two-part series equips developers with tools to protect users from UI spoofing, while also providing protocol teams and advanced users with actionable methods to verify transactions.

Part 1:

What You’ll Learn:

• What UI spoofing attacks are (e.g., fake ERC-20 approvals)
• How Ethereum calldata works and its structure
• How to decode transactions to detect malicious intent

Goal: Decode Ethereum calldata to detect UI spoofing attacks (e.g., malicious ERC-20 approvals) using Python.

Outcome: Users will extract transaction parameters (recipient, amount) from raw calldata using Python, enabling pre-signing verification.

Part 2:

Goal: Extend Part 1 by simulating transactions on a local mainnet fork (via Foundry’s Anvil) to verify on-chain behavior.

Outcome: Users will compare wallet-provided calldata with simulated results to catch discrepancies before signing a transaction, preventing spoofing attacks in real time.

By: Valentina Rivas.

Tutorial tags

foundry, security, frontend, python, web3.py, smart contracts, transactions, testing

Skill level

Intermediate

Hosted on ethereum.org or hosted elsewhere?

Hosted elsewhere

For tutorials to be hosted on Ethereum.org: Tutorial Content

No response

For tutorials hosted elsewhere: URL to tutorial

https://www.cyfrin.io/blog/secure-dapps-against-ui-spoofing-part-1-decoding-transactions, https://www.cyfrin.io/blog/secure-dapps-against-ui-spoofing-part-2-simulating-transactions

Would you like to work on this issue?

• Yes
• No