Transaction Simulation w/ Dedaub, Tenderly, Wallet Guard, and ChainSafer 

Crypto natives know the power of data. Sleuths use data to trace criminals, analysts use data to find alpha, and devs use data to inform product decisions. Tools like Transaction Simulators can even make predictions about crypto transactions and keep web3 enthusiasts safe from scammers and criminals. 

Figure 1-2 Metamask’s now deprecated ‘Data Tab’ a.k.a. Transaction insights

One of the tools wallet builders used was Metamask’s Data Tab (aka Transaction Insights) which is now gone! While deprecating it, Metamask decided to open the playing field to the market by calling developers to build their own plugins within the wallet. Metamask calls its plugins ‘Snaps’.

In this article we are going to test the current transaction simulation ‘Snaps’ to find out which best nails the balance between being easy to use and providing protection by empowering the user with the right amount of data at a glance. But first, what is a Metamask Snap? Taken from Metamask Snaps FAQ page:
 

“Metamask Snaps allows users to add features and functionality to their Metamask wallet. Individual Snaps are features created by third-party developers that Metamask users can install directly into their wallet.”

Metamask Snap's Limitations

It is important to reiterate that Metamask Snaps are not a replacement for Wallet Security Extensions, but are a great addition to any transaction ritual. There are several important limitations to be aware of for Metamask Snap’s security and UI/UX:

1. Snaps do not support signatures
   We estimate that signature issues are involved in over 75% of high value NFT and crypto hacks. The Snaps mentioned in this article are not a replacement for general knowledge about signatures, or for Wallet Security Extensions like Pocket Universe, Fire, or Wallet Guard.
    
2. Hidden away in a tab 
   Because Snaps are another tab in the wallet, they cannot “pop up” like Wallet Security Extensions; they aren’t a proactive security tool, but rather a tool each user must deliberately “double check” when transacting.
    
3. Plaintext Only 
   Snaps can only use standard emojis and plaintext to convey information. This is a UI/UX challenge compared to other security extensions which can use images, gifs, links, and other ways of presenting information to users!

With those limitations in mind, let's put these Snaps to the test. We will compare each Snap against three uniform transaction types as follows:

1. NFT Transfer
   Transferring HV-MTL NFT #10185 from Mrbayc.eth to  Feld4014.eth using Opensea
2. Token Swap
   Performing a swap of ETH to USDC on Uniswap
3. Reward Claim
   Claiming ApeCoin staking rewards on apestake.io

With this process, we hope to find which Snap gives us the most accurate, succinct, and useful transaction details, and which one can truly serve to be the Data Tab’s successor when you need to double check a transaction!

Dedaub

Dedaub has done some amazing work; we even include their bytecode decompiler in our Web3 Security 102 class. But does their Snap add practical value for average users? Let’s put it to the test!
 

Figure 1-3 Dedaub transaction insights using the Dedaub Metamask Snap

NFT Transfer: 
As we can see from the simulation, Dedaub knew something was happening with the HV-MTL token, but couldn’t tell us what. Its Snap description specifically states that it helps users with “financial” transactions, so it seems designed for ERC-20 transactions instead. Although it does know that an asset left our wallet, it doesn’t tell us which one!  

Token Swap: 
This simulation worked out as well. Since it was a swap with ETH to a common ERC-20 token, I expected this to perform well! 

Reward Claim: 
Dedaub nailed it in this output, and even more detailed in their simulation.

Tenderly

Tenderly is typically called the gold standard by developers for transaction emulation, but how does their Metamask Snap perform? The downside to this Snap is that you’ll need a Tenderly account to use it. Although Tenderly is free to use, it does require a bit of setup. 

Note: I had a bit of trouble with this one, as it often would spin endlessly. I had to try a bunch of different things until eventually I found that queueing up multiple transactions and then canceling one of them got the simulation to display properly. It might be just a temporary bug, but another contributor, WiiMee, had the same issue.

Figure 1-4 Tenderly transaction insights using the Tenderly Metamask Snap

NFT Transfer: 
Tenderly knows the NFT is leaving the wallet, but doesn’t tell us where it is going unless we check the simulation. I would feel great recommending Tenderly if it just showed the information below in the Snap and changed “Receiver” to “Contract” in cases where it is a contract interaction. This would easily be the best of the four!

Figure 1-5 Tenderly Transaction Simulation on their website

Token Swap: 
Not accounting for gas, this showed the proper tokens in and out. The simulation was quite interesting and reminded me of the thoroughness of the Phalcon block explorer that we cover in our Sleuthing Class because it showed the exact route the swap took. That level of detail is probably overkill for the Snap itself, so overall I was satisfied with the result here.

Reward Claim: 
The Metamask Snap displays literally nothing other than a ‘Success’ result, but the simulation is golden. Again, if the Snap showed us this breakdown in a snazzy way, I’d be a happy guy! 

ChainSafer

This Snap, made by IT Security powerhouse Trend Micro, was a complete unknown for me before testing their Snap. 

Figure 1-6 Chainsafer transaction insights using the Chainsafer Metamask Snap

NFT Transfer: 
ChainSafer knows that the HV-MTL NFT is leaving my wallet, but it doesn’t tell me where it's going.Instead it seems to think I’m “Paying” it and not getting anything back. At least it knows the result of my wallet though, right?

Token Swap: 
Again, the UI detracts from the experience here. It says that I get the 223 USDC on one section but “Balance Changes” just reflects the ETH difference below it. It’s overall a strange layout. At least it was correct with this transaction, if you can adjust to the interface.

Reward Claim: 
It correctly displays that I’m getting some ApeCoin, but with no balance changes . I guess it isn’t including the ETH spent on gas in the transaction simulation as part of the balance change. Makes sense from a technical perspective, but some users may get surprised.

Wallet Guard

Most folks know Wallet Guard for their Wallet Security Chrome extension, but they have been building out an entire suite of tools! This Metamask Snap is just another one in the arsenal. Let’s see how it stacks up with these three transactions!

Figure 1-7 WalletGuard transaction insights using the WalletGuard Metamask Snap

NFT Transfer: 
Again, it doesn’t say where the NFT is going, but I love the minimalist design! It even gives us a gas estimation, which is a nice touch!

Token Swap: 
Nailed it here. All the details and info I want. None that I don’t. 

Reward Claim: 
Shows the rewards in, and a gas spent estimation. No complaints!

Final Thoughts

Again, these Metamask Snaps are not a replacement for Wallet Security Extensions. That said, they can provide quick insights into transactions. I’m bullish on so many different security companies iterating in crypto, and am excited to review the 10+ other security-related Snaps in the future! 

As for my favorite of these Snaps? Wallet Guard’s Snap was the clear winner with its succinctness and clear UI, and serves as a great replacement for those that became reliant on Metamask’s built-in Data Tab as part of their security routine. Though Tenderly has a lot of potential given just how robust their simulations are. If the team can successfully streamline their data into a smooth Snap experience, it might end up on the throne!

Lastly, I sort of wish Metamask would give users to select which one of these snaps a user wants to add on wallet installation (like selecting a web browser for your operation system), because most folks aren't getting Wallet Security Extensions, and these snaps provide great additional information on your transaction that your base wallet may not give you.

Have any questions or want to learn more about web3 security and stay up to date on the most current security information, scams, and tactics? Join us in our discord at https://discord.gg/boringsecurity .