In the ever-evolving world of crypto, digital wallet security is a top priority for every user. Recently, the popular bridging protocol Relay Protocol issued a public service announcement (PSA) via an X post on September 14, 2025 regarding a new threat known as Malicious EIP-7702 Delegations.

This warning highlights how Ethereum’s innovative feature has been exploited by attackers to drain user funds. In this article, we will cover what this warning means, why it was issued, related issues in the past two months, and practical steps you can take to revoke delegations to keep your wallet safe after transacting on any platform.

What Are Malicious EIP-7702 Delegations?

Relay Protocol’s post highlights the dangers of malicious EIP-7702 delegations.

EIP-7702 is part of the Ethereum Pectra upgrade launched in May 2025. This feature allows externally owned accounts (EOAs) such as MetaMask or Trust Wallet to temporarily behave like smart contracts. It supports batch transactions, gas delegation, and more flexible access controls, aiming to improve user experience (UX) in the DeFi ecosystem.

However, attackers have found ways to exploit it. They trick users into signing approvals on fake websites disguised as free minting sites, giveaways, or even legitimate-looking DeFi frontends like Uniswap. Once approved, the malicious contract can:

• Automatically drain wallet funds as soon as deposits arrive.
• Use fallback functions to forward native tokens (such as ETH) to the attacker’s wallet in the same block, without additional transactions.

The post included an image showing a wallet notification with a suspicious contract address and a “Disconnect” option, reminding users to review and revoke dangerous delegations immediately.

Why Did Relay Protocol Issue This Warning?

Relay Protocol, known as a secure and efficient bridging protocol, issued this warning for several critical reasons:

• Major Reported Losses: Data shows phishing attacks leveraging EIP-7702 caused over $12 million in losses in August 2025, affecting more than 15,000 wallets. Three large wallets accounted for nearly half of the losses. Being a popular protocol, Relay risked being blamed by users whose funds disappeared after using their services.
• Misdirected Accusations: Some users wrongly assumed Relay was the cause of their losses because their last transactions involved Relay before their funds were stolen. This mirrored a March 2025 incident where Relay had to prove losses came from external compromises.
• Community Commitment: As a project that emphasizes transparency and security, Relay felt responsible to educate users about this new attack vector, especially since they support EIP-7702 technology.

Relay Protocol-Related Issues in the Last 1–2 Months

Between July and September 2025, Relay Protocol faced several challenges:

• August 2025 Phishing Incident: EIP-7702-based phishing surged. Analysts such as Scam Sniffer reported that over 80% of delegation contracts showed signs of abuse. Users like 0xfarmor accused Relay, but Relay clarified they have no access to private keys.
• September 2025 npm Supply Chain Attack: In early September, an npm supply chain attack compromised JavaScript packages with over 2 billion downloads, allowing malware to replace wallet addresses. Relay confirmed their app remained safe, but the incident raised tension in the DeFi community.
• Proactive Response: Relay introduced new security features such as real-time detection, pre-transaction alerts, and partnerships with ChainPatrol to combat phishing.

How to Revoke Delegations to Keep Your Wallet Safe After Transactions

After using any platform, practicing proper wallet hygiene by revoking unnecessary approvals or delegations is crucial. Here are practical steps using different tools:

1. Use Revoke.cash

Steps:

• Visit Revoke.cash.
• Click “Connect Wallet” at the top right or manually enter your wallet address.
• Select a network (e.g., Ethereum, Arbitrum) and review the list of approvals/delegations.
• Revoke suspicious or unused approvals by clicking “Revoke” (gas fee required).
   Note: Supports over 100 networks, effective for stopping malicious contract access.

2. Revoke via MetaMask

Steps:

• Open MetaMask and ensure you’re on the correct network.
• Click your profile icon → “Accounts” → “Details” → select your account.
• Scroll to the “Smart Account” section to view active delegations.
• Toggle “Disable” to revoke delegation (transaction + gas fee required).
   Note: Useful for MetaMask users with EIP-7702 enabled.

3. Use Rabby Wallet

Steps:

• Open Rabby Wallet and go to the “Approvals” tab.
• Select the relevant network and review delegations.
• Click “Revoke” on unwanted delegations.
   Note: Rabby provides a user-friendly interface for monitoring approvals.

4. Use Community Delegation Checkers

Steps:

• Visit sites such as Delegation Checker by Jeff Wentworth or Crypto_Zh0u (no wallet connection required for safety).
• Enter your wallet address to view active delegations.
• If suspicious delegations are found, proceed to Revoke.cash or MetaMask to revoke them.
   Note: These tools are only for inspection, not revocation.

5. Use Sponsored Transactions for Compromised Wallets (Zun’s Tool)

If your wallet has a sweeper bot draining gas fees:

• Visit Zun’s tool.
• Create a temporary wallet, fund it with gas, and use it to sponsor a revocation transaction.
• Withdraw remaining gas afterward.
   Note: Useful if your main wallet cannot pay gas fees due to compromise.

Extra Security Tips

• Only approve delegations from trusted apps.
• Read every signature request carefully.
• Be wary of free minting or “too good to be true” offers.
• Use hardware wallets (e.g., Ledger) for large funds.
• Double-check URLs before connecting your wallet.

Conclusion

Relay Protocol’s warning about Malicious EIP-7702 Delegations is an important reminder of the ongoing need for security in the fast-growing DeFi space. While Relay is not directly responsible for user losses, their proactive stance shows their commitment to protecting the community through education and security innovation.

By following the steps above to revoke delegations and practicing good wallet hygiene, you can safeguard your wallet from similar threats, regardless of the platform you use.

If you encounter issues or need more assistance, don’t hesitate to reach out to your platform’s support team or consult a trusted crypto community. Stay safe and happy transacting!