ETHGlobal Prague 2025 featured 10 groundbreaking finalist projects selected from over 200 entries, highlighting the ecosystem’s growth even amid increasing security concerns. At the same time, Ethereum’s latest upgrade—Pectra, designed to improve wallet usability—has raised red flags due to misuse of its core feature, EIP-7702.
According to an investigation covered by The Crypto Information, new analysis from Wintermute reveals that over 80% of EIP-7702 delegations are being abused in wallet-draining scams. This highlights the constant struggle between rapid innovation and the need for robust security within the Ethereum ecosystem.
ETHGlobal Prague Spotlights Emerging Web3 Projects
As reported by The Crypto Information, ETHGlobal spotlighted ten innovative projects that are expanding the practical use of Web3 technologies. Among them:
- Yetris utilizes Yellow state channels to post verified high scores on-chain, with a transferable NFT trophy.
- DUST.OPS enables secure cross-chain asset transfers by leveraging Railgun’s privacy infrastructure.
- Wrld Map authenticates travel activity using zero-knowledge proofs linked to real purchase data.
Other finalists included:
- Karma Proof, which rewards real-world behavior with soulbound NFTs and on-chain karma points.
- Detox-Hook, a protocol boosting LP earnings by redirecting MEV profits using Uniswap V4 and Pyth.
- 0xCollateral, which allows users to take out uncollateralized loans based on Web2 credit signals—no KYC required.
Additional standout entries:
- MCPay.fun integrates HTTP 402 to create stablecoin-powered pay-per-use APIs without logins.
- Pomodoki gamifies focus sessions through Flow blockchain-based pet care and staking mechanics.
- Conduct.chat and Decycle are tackling AI collaboration and on-chain data cleanup, respectively.
EIP-7702: A Feature With Dangerous Loopholes
Despite Ethereum’s push toward smoother user experiences, EIP-7702 has become a major security concern. The feature—proposed by Vitalik Buterin—allows wallets to temporarily behave like smart contracts, enabling gasless transactions and flexible controls.
Unfortunately, this has opened doors for attackers. The Crypto Information confirms that Wintermute recently flagged a malicious script called “CrimeEnjoyor”, responsible for executing automated wallet-draining attacks via EIP-7702 delegations.
This malicious code is now behind the majority of wallet-drain operations. In a notable incident, a phishing scam linked to Inferno Drainer—a scam-as-a-service toolkit—caused one wallet to lose $150,000.
The Path Forward: Innovation With Security
As Ethereum’s ecosystem matures, it must strike a careful balance between innovation and safety. Developers are urged to apply stricter testing and safeguards before deploying high-risk features. At the same time, user education is key to protecting assets from phishing and delegation abuse.
The Crypto Information will continue tracking how Ethereum’s developers, protocols, and users respond to these evolving threats—and how innovation can thrive safely in Web3’s next chapter.
