Using Remix Safely
It is dangerous to send transactions on contracts you donβt understand (even if itβs a get rich quick scheme that youβve copied & pasted from a Discord DM or a youtube video and you really really want to get rich).
Check our article on a current scam promoting βliquidity front runner botsβ.
Always check that you are loading Remix over HTTPS unless you have a specific reason for accessing it with HTTP (e.g. for using Remix locally or for a connection you trust).
Make sure all your imports include the version number otherwise you donβt know what version of files you are getting and the builds are not reproducible.
So do not use an import like this:
import "@openzeppelin/contracts/token/ERC20/ERC20.sol";
Rather, use one like this:
import "@openzeppelin/contracts@4.7.3/token/ERC20/ERC20.sol";
When connecting a contract to an existing deployment, ensure that the thing you are connecting to is correct AND is the correct version.
Always be sure to address or understand every warning.
Remix is a subdomain of ethereum.org - so the only valid Remix urls are:
remix.ethereum.org
remix-alpha.ethereum.org
remix-beta.ethereum.org
If you are directed to some site that looks like Remix but has a similar but different URL - it is NOT Remix and is likely a scam.
Remixβs ease makes its users a targetο
Because Remix has no setup, it has a large community of noobies to smart contract development. This is great, but it provides a target audience for scammers exploit. Without Remix, the scammers would first need to instruct victims to set up a local dev environment, which would severely limit the success rate of the scam.
Scams lose their effectiveness when potential victims are educated about scams and about how to read and understand code. Learn Solidity and learn it well!
For Solidity Tutorials in Remix, go to the LearnEth plugin.
Last updated