More tagged CrimeEnjoyor contracts, retail wallet breakdowns, and an all-time high in delegations on our EIP-7702 dashboard We’ve made several updates to our @Dune dashboard to improve accuracy, expand contract tracking, and surface clearer adoption patterns ↓ 🧩 Clarification on reporting around our EIP-7702 findings After we released the last update, some headlines misrepresented the core message. Here’s what’s actually happening: EIP-7702 is not flawed, and it is safe to use in retail wallets. The mechanism itself works as intended. The spike in delegations comes from multiple malicious contracts that share identical bytecode. These are not part of legitimate wallet infrastructure. In fact, it is not possible for users of trusted wallets to authorize these contracts, as wallets only delegate to their own audited contracts. These malicious contracts act as sweepers. They are deployed after a private key has already been leaked, and are used to automatically redirect any funds sent to the compromised EOA. Attackers are quick to adopt any new mechanism that allows them to do bad things. That doesn’t mean EIP-7702 is unsafe in general. We did not build detection tools. What we did was verify and label the most reused malicious contract so its intent is transparent, traceable, and easy to flag in tooling and dashboards. 🔐 New contract tracking CrimeEnjoyor2 and AdvancedCrimerEnjoyor are new highly reused sweeper contracts that have been now fully verified. Together with HardcodedCrimeEnjoyor, these contracts account for a large portion of new malicious delegation behavior. 📈 All-time high in daily delegations + multichain expansion Last Friday marked a new ATH in EIP-7702 delegation activity, once again driven primarily by sweeper contracts. Since then, sweeper usage has expanded Ethereum to @unichain and @gnosischain. 🧹 New “Sweeps activity on Ethereum” section We’ve added a dedicated view to track malicious delegation behavior tied to the ‘Crime’ category of delegate contracts. This section analyzes sweeps activity from authorized addresses that delegated to malicious contracts, and includes: ‣ Recent sweep transactions ‣ Total ETH swept, with breakdown by contract type ‣ Gas usage distribution by contract category ‣ Total ETH used for authorizations ‣ Leaderboard of authorizations from compromised EOAs ‣ Count of unique addresses authorized by crime-tagged contracts 🛠️ Improved data accuracy Some authorization logic isn’t fully captured by Dune’s native functionality yet, especially around authorization validity and authority recovery. To support more precise analysis, we pre-processed this data ourselves and published a public dataset. →→→ Search in our dashboard: `dune.wintermute_research.dataset_pectra_authorizations` We’ll be updating it regularly, and welcome others to use it in their own dashboards and queries. This dataset now powers several new views in our dashboard: ‣ Daily breakdown of valid vs. invalid authorizations ‣ Distribution of valid/invalid authorizations and unique authorized addresses ‣ Cumulative and categorical charts based on valid-only authorizations ‣ Recent authorizations list with authority and validity flags (updates with delay) 👛 Retail Wallets section enhancements ‣ Daily and cumulative delegation charts now include breakdowns by retail wallet ‣ New pie chart shows delegation volume split across supported wallets → Currently includes @MetaMask, @wallet, @AmbireWallet, @Uniswap, and others → Improves visibility into actual user adoption across wallet flows With more verified contracts, cleaner delegation data, and ongoing support from you, we’re making EIP-7702 adoption more visible, auditable, and understandable. 🔗 Explore the updated dashboard: h/t @FrankResearcher @emparedad0 @0xf4d3 for constantly improving our EIP-7702 dashboard