Bug 1: getFullWarnings returned early for contract addresses, skipping
checkEtherscanLabel. Restructured to use isContract flag so the Etherscan
check runs for all addresses (contracts are often the most dangerous).
Bug 2: confirmTx.js only handled 'contract' and 'new-address' warning types,
silently discarding 'etherscan-phishing'. Added confirm-etherscan-warning
HTML element and handler in the async warnings loop.
Style: converted inline style attributes on phishing warning banners
(approve-tx, approve-sign, approve-site) to Tailwind utility classes
(bg-red-100 text-red-800 border-2 border-red-600 rounded-md).
- Add etherscanLabels module: scrapes Etherscan address pages for
phishing/scam labels (Fake_Phishing*, Exploiter, scam warnings).
Integrated as best-effort async check in addressWarnings.
- Add phishingDomains module: fetches MetaMask's eth-phishing-detect
blocklist (~231K domains) at runtime, caches in memory, refreshes
every 24h. Checks hostnames with subdomain matching and whitelist
overrides.
- Integrate domain phishing checks into all approval flows:
connection requests, transaction approvals, and signature requests
show a prominent red warning banner when the requesting site is on
the MetaMask blocklist.
- Add unit tests for both modules (12 tests for etherscanLabels
parsing, 15 tests for phishingDomains matching).
Closes#114
- Refactor address warnings into src/shared/addressWarnings.js module
- getLocalWarnings(address, options): sync checks against local lists
- getFullWarnings(address, provider, options): async local + RPC checks
- Expand scam address list from 652 to 2417 addresses
- Added EtherScamDB (MIT) as additional source
- Update confirmTx.js to use the new addressWarnings module
