merkle-distribution icon indicating copy to clipboard operation
merkle-distribution copied to clipboard

Published 20 hours ago verified publisher icon 1inch

How does signature-based drop prevent MEV stealing?

Open robertu7 opened this issue 2 years ago • 3 comments

Signature-based drop

Each entry of the drop contains private key which is used to sign the address of the receiver. This is done to safely distribute the drop and prevent MEV stealing.

In my understanding, though claim of CumulativeMerkleDrop is an external function that anyone can call, its receiver can receive drop tokens without any harm?

Could you explain more about how signature-based drop prevents MEV stealing? Thanks!

robertu7 avatar May 14 '22 09:05 robertu7

@robertu7 QR code contains Private Key, this PK is used to create signature which is argument of the method.

k06a avatar May 14 '22 18:05 k06a

To steal this drop you have to know this Private Key. You can’t fake it’s signature.

k06a avatar May 14 '22 18:05 k06a

But it's not related to MEV right? This method can protect anyone who doesn't know the private key.

QR code contains Private Key, this PK is used to create signature which is argument of the method.

I am really curious how QR code works, is the private key append as a query string to a claiming website URL, so we can do the rest on client-side? Any demo we can try?

robertu7 avatar May 15 '22 03:05 robertu7