Slow Fog: All parties need to pay attention to the new risks brought by the new features after the Ethereum Pectra upgrade

ChainCatcher news, security company Slow Mist stated on platform X that the Ethereum Pectra upgrade (EIP-7702) is now live------this is a significant leap, but the new features also bring new risks. Here are some points that users, wallet providers, developers, and exchanges should pay attention to:

• For users: Private key protection should always be a top priority; be aware that the same contract address on different chains may not always have the same contract code; understand the details of the delegation target before proceeding with operations.
• For wallet providers: Check if the delegation chain matches the current network; remind users of the risks associated with delegation signatures that have a chainID of 0, as these signatures may be replayed on different chains; display the target contract when users sign the delegation to reduce the risk of phishing attacks.
• For developers: Ensure permission checks are performed during wallet initialization (e.g., verify the signature address through Ecrecover); follow the namespace formula proposed in ERC-7201 to mitigate storage conflicts; do not assume Tx.Origin is always an externally owned account (EOA), using Msg.Sender == Tx.Origin as a defense against reentrancy attacks will no longer be effective; ensure that the target contract of user delegation implements the necessary callback functions to ensure compatibility with mainstream tokens.
• For centralized exchanges (CEXs): Conduct tracking checks on deposits to reduce the risk of false deposits from smart contracts.