Verify if your wallet has been compromised by an ERC-7702 delegation attack
ERC-7702 allows wallets to delegate execution to a smart contract by signing a single authorization. Attackers trick users into signing a delegation that hands full wallet control to a drainer contract. Once active all funds are drained and future deposits are automatically forwarded to the attacker.
This tool calls eth_getCode on your address via public RPC endpoints. Normal wallets return empty code (0x). Compromised wallets return 0xef01 followed by the delegate contract address.
Technical report: MEFAI ERC-7702 Security Analysis