Project Description We are looking for a highly skilled Web3 developer to assist with a crucial security research project. The goal is to build a controlled, non-malicious testing environment to simulate and understand a specific type of decentralized application (DApp) phishing attack known as a "wallet drainer" or "unlimited approval" exploit. The developed environment must be safe, completely contained, and intended for security analysis only. No real funds, private keys, or mainnet transactions will be used. Testing will be conducted exclusively on a private or designated test network (e.g., Tron Shasta, Ethereum Sepolia) and locally. Scope of Work & Deliverables The primary goal is to integrate all components necessary to simulate the full user experience, from clicking a QR code to initiating a transaction request. DApp Front-end Development: Implement the provided HTML/CSS mockups (e.g., phishing_dapp_simulator.html) into a functional web application. Ensure the interface is fully responsive and looks convincing, especially on mobile, as it will be accessed via a deep link. Wallet Connection Integration: Implement WalletConnect (or a similar standard connector) to link the DApp to a test wallet (like Trust Wallet or MetaMask in DApp mode). Set up the connection to target a specific test network (e.g., Tron Shasta or Sepolia/Goerli if using an EVM chain for the deep link). Deep Link Handling: Help configure the environment to correctly process the trust://open_url?... deep link structure, ensuring the DApp loads correctly within the test wallet's browser. Smart Contract Interaction Logic (Safe Simulation): Implement the front-end logic to perform two key functions: Token Approval: Call the standard ERC-20/TRC-20 approve(spender, amount) function. This must be configured to request an effectively unlimited allowance on the test token address. Drain Execution Logic: Implement the code to call the transferFrom(owner, recipient, amount) function, which the back-end bot would execute after the approval is granted. This must be callable for testing and observation. Documentation: Provide clear, concise documentation on setting up the test environment, connecting to the chosen test net, and executing both the approve and transferFrom calls.