Long story short, the wallet that is tied to a ENS address I own has been compromised. No funds can be added to this wallet. That said, it costs ETH to transfer my ENS name to a new wallet, but that ETH has to be paid using the compromised wallet. Any possible way around this or am I beat as far as ownership of this ENS address? Thank you for the help and advice!
You should be able to update the TXT record on your DNS domain so that it points to the new address, and then you can Sync that domain on ENS from the new address. I’m not sure if that sync transaction (which is another proveAndClaimWithResolver) would incur the same high gas costs though…
Thanks, I’ll give it a shot.
I just realized I wrote DNS mistakenly in my post which probably had you misunderstand it. Apologies.
Simply put, I bought an ENS address on ens.domains and that ENS address is tied to a compromised MetaMask wallet. To transfer control of this ENS domain I need to pay a small fee in ETH but I cannot put funds in that MetaMask wallet to pay. How can I possibly change the Registrant with this happening?
Gotcha, in that case yeah the only way to transfer that .eth name NFT is from the actual owner address. You would need to send in some ETH and then transfer the Registrant as quickly as you can, hopefully beating any bot.
There are also tools like flashbots, but you would need an expert on that to help you. Their team has a form you can fill out for enlisting their help, but I don’t think they will help unless it involves a large sum of money: NotionForms
Ok I gotcha. Yeah unfortunately I don’t think it’s going to work. I tried to transfer some ETH from another wallet into it and the ETH never wasn’t in the wallet for even 1 minute. Oh well guess I’m beat.
Thanks for your help!
Maybe you can try waiting for a while, like weeks later, and maybe they’ll forget about the account and/or have the bot deactivated. Like if a bot is running on some serverless architecture, sometimes there is a “warmup” period of a couple minutes if the script hasn’t been used in a while. AWS Lambda is like that.
And maybe in the future, people will build safe and easy-to-use tools on top of flashbots’ work so that the average person can recover their NFTs when this happens!
Of course, as a last resort you could just let the name expire, and then re-register it after it exits the grace period. If it’s not a desirable/common name then hopefully you’d be able to just register it after the auction premium declines to $0 after the 28 days.
I very much appreciate the info. Thank you, Serenae!
Is there a possible workaround involving having the compromised account sign a message sent to a smart contract in a function called by a second account, so the second account pays the gas fee for the tx? (The contract could be previously deployed by either that second account or anybody else.)
Put it up for sale on a private auction to a new clean wallet
Make sure the sell price is small as you will be losing this
Buy name
Now it’s in your clean wallet
It is a red flag buying from yourself, but there is a reason, so document it in case you get audited
try this on Open Zeppelin
or on Gelato Network
Wouldn’t putting it up for auction generally require gas?
On ENS Vision it is free, the fee comes out of the selling price