Security researcher flags dangerous default settings
On February 27, 2026, SlowMist’s Chief Information Security Officer took to social media platform X to highlight what I think are two pretty serious problems with Bitget Wallet. The issues might sound technical at first, but their impact is straightforward: users could lose money without even realizing what’s happening.
According to the post, the first issue revolves around something called a “swap deadline.” When users exchange one cryptocurrency for another, the transaction gets a time limit. Bitget Wallet sets this to 10 minutes by default, which honestly seems like a long time when you consider how quickly crypto prices can move.
The 10-minute window problem
Here’s the thing about that 10-minute window. Crypto markets are volatile, sometimes extremely so. Tokens can jump or crash in seconds. If a user’s transaction has to wait up to 10 minutes to complete, the price they end up paying might be completely different from what they expected.
But perhaps more concerning is what this long window enables. Attackers can monitor pending transactions and manipulate prices before they go through. It’s a tactic known as front-running or sandwich attacks. Basically, someone cuts in line and changes the price right before your turn. Popular platforms like Uniswap and 1inch avoid this by keeping deadlines much shorter, usually around 1 to 2 minutes.
Optional security checks create risks
The second issue SlowMist pointed out is, in my view, even more serious. Bitget Wallet offers a tool to scan tokens before users buy them. This scan can detect risky or malicious tokens. The problem? It’s completely optional. Users can skip it and trade anyway.
This opens the door to honeypot scams. These are fake tokens that let you buy them easily, but when you try to sell, you can’t. Your money gets stuck. These scams are more common than people realize. According to Chainalysis data, users lost over $500 million in 2025 alone to such traps.
Because these security scans aren’t enforced, many users—especially beginners—might not even know about the risks. They could be trading dangerous tokens without any warning. SlowMist suggests the wallet should force users to run a scan before trading, or at least show clear warnings. Even a simple checkbox could prevent significant losses.
Room for improvement in popular wallet
Bitget Wallet is part of the larger Bitget ecosystem, serving millions of users globally. The platform promotes itself as secure, but these gaps show there’s still work to be done. Security shouldn’t be optional, especially when dealing with people’s money.
What strikes me is how these issues combine. A long transaction window plus optional security checks creates a perfect storm for potential losses. Users might pay more than expected due to price manipulation, or they might buy tokens they can’t later sell.
The researcher’s suggestions seem reasonable. Shortening the default swap deadline to 60-120 seconds would align with industry standards. Making security scans mandatory, or at least harder to skip, would protect users from obvious scams.
It’s worth noting that these vulnerabilities affect everyday users, not just technical experts. That’s what makes them particularly concerning. When security flaws impact regular people trying to manage their crypto, the stakes are higher. Wallet developers have a responsibility to build safeguards that protect users, even from themselves sometimes.
I’m curious to see how Bitget Wallet responds. Security in crypto wallets is an ongoing challenge, and public scrutiny like this helps push the entire industry toward better practices. After all, trust is hard to earn and easy to lose in this space.
