🔐
Vault Sweep
wallet recovery
Tools
Info
Delegation Check
Detect and clear malicious EIP-7702 wallet delegations
Base
Wallet not scanned
Enter a wallet address and click Check Delegation to begin
Network
Select the chain to scan
Required
Wallet Details
Address to inspect and optional key to clear
* Wallet Address
The compromised wallet you want to inspect
Private Key Only needed to clear delegation
Required if you want to remove a malicious delegation. Never sent anywhere.
What is EIP-7702?

EIP-7702 is an Ethereum upgrade that allows a wallet to temporarily delegate control to a smart contract. Attackers exploit this to install a drainer contract — all incoming funds are silently forwarded to the attacker.

⚠ Delegation found
Wallet is controlled by a drainer. Clear it immediately before any token rescue.
✓ No delegation
Wallet is clean. Switch to Airdrop Rescue to claim tokens.
How clearing works
1

Your MetaMask wallet sends a type-4 EIP-7702 transaction — no ETH needed in the compromised wallet

2

The authorization sets the delegation target to the zero address, effectively removing it

3

The drainer contract loses control — your wallet behaves like a normal EOA again

4

Switch to Airdrop Rescue to claim and redirect your tokens safely

Always clear delegations first. Attempting an airdrop rescue on a wallet with an active EIP-7702 delegation will fail — the drainer will intercept any ETH or tokens you send to it.
10%
Service fee
90%
You receive
7
Chains supported
MetaMask wallet
Network
Chain where the airdrop lives
Wallets
Sensitive
* Compromised Private Key
Signs transactions locally. Never transmitted to any server.
* Safe Receiver Address
Your clean wallet. 90% of claimed tokens will be sent here.
Contracts
* Airdrop Claim Contract
* Token Contract (ERC-20)
Claim Hex Data
Auto-decoded on paste
Auto-decode
Amount
Deadline
Expires
Payout Breakdown
Total claim amount
Service fee (10%)
You receive (90%)
rescue log
[READY] Connect MetaMask and fill in all fields to begin
How to get hex data
1

Open the airdrop claim portal in Chrome and press F12 to open DevTools

2

Click the Network tab, then click the Claim button on the portal

3

Find the API request and look for the hex data in the request payload

4

Copy the full hex string starting with 0x5e... and paste above

Rescue execution flow
1

MetaMask sends a small gas budget to your compromised wallet

2

The claim transaction fires using your decoded signature

3

90% of tokens transfer to your safe wallet immediately

4

10% service fee is collected — all 3 transactions fire simultaneously

Check the Delegation tab first. Rescuing from a wallet with an active EIP-7702 delegation will fail — clear it before proceeding here.
Signatures expire quickly (typically 4–5 minutes). Have everything filled in before requesting a new hex from the portal.