Some one sent me celo token and immediately it entered my wallet, it was transferred to unknown address. The only balance on the address that received it was just the token that was sent to me. What is the possible cause of this problem and how do I recover the token.
This is the celo explorer for my address
Welcome to the forum.
How are you managing your private keys? What wallet and/or application are you using? Perhaps your private keys are exposed.
I’m using the wallet for development using hardhat and metamask browser extension. The recent project I did was using web3modal with wallet connect with wagmi package.
What baffles me is that there is no other transaction on the wallet that stole the fund except the 10 celo that was stolen.
How did you generate the mnemonic? If you’re using one of the default development networks in Hardhat, with the mnemonic “test test … junk”, this mnemonic is almost certainly permanently monitored by bots on all the networks to sweep any accidental deposits.
Did you ever expose the private key or mnemonic publicly? Even a temporary commit a public repository would have been scraped and exploited instantly.
While testing on Celo you can use Alfajores or Baklava testnet CELO tokens which have no real-world value and you can get generally get many of them if you ask around in the Discord.
I created the wallet from metamask. The mnemonic is excluded from version control through .gitignore, So I’m shocked at this incidence. For the testnet I’m using alfajores. But I was ready to deploy to the mainet and decided to send real 10 celo token to the wallet and this happened. I think henceforth I will be using a different wallet for deployment to mainet.