Security Researcher Reports Unsafe Default Settings
On February 27, 2026, SlowMist’s Chief Information Security Officer took to social media platform X to highlight what I believe to be two pretty serious issues with Bitget Wallet. The issues may seem technical at first, but their impact is simple: users could lose money without even realizing what’s happening.
According to the post, the first problem revolves around what’s called a “trade delay.” When users exchange one cryptocurrency for another, the transaction is time-limited. Bitget Wallet sets this duration to 10 minutes by default, which honestly seems long considering how quickly cryptocurrency prices can move.
The 10-minute window problem
Here’s the problem with this 10 minute window. Cryptocurrency markets are volatile, sometimes extremely so. Tokens can jump or crash in seconds. If a user’s transaction has to wait up to 10 minutes, the price they end up paying may be completely different than what they expected.
But perhaps more worrying is what this long window allows. Attackers can monitor pending transactions and manipulate prices before they are finalized. This is a tactic known as head-on or sandwich attacks. Basically, someone waits in line and changes the price right before your turn. Popular platforms like Uniswap and 1inch avoid this by keeping timeframes much lower, usually around 1-2 minutes.
Optional security controls create risks
The second problem highlighted by SlowMist is, in my opinion, even more serious. Bitget Wallet offers a tool to analyze tokens before users purchase them. This scan can detect risky or malicious tokens. The problem ? It’s completely optional. Users can ignore it and trade anyway.
This opens the door to honeypot scams. These are fake tokens that make it easy for you to buy them, but when you try to sell, you can’t. Your money remains blocked. These scams are more common than you might think. According to data from Chainalysis, users lost over $500 million in 2025 alone due to these traps.
Since these security scans are not enforced, many users, especially newbies, may not even know the risks. They could trade dangerous tokens without any warning. SlowMist suggests that the wallet should force users to perform analysis before trading, or at least display clear warnings. Even a simple checkbox could prevent significant losses.
Opportunity to improve the popular wallet
Bitget Wallet is part of the larger Bitget ecosystem, serving millions of users around the world. The platform presents itself as secure, but these gaps show that there is still work to be done. Security should not be an option, especially when it comes to people’s money.
What strikes me is the way in which these issues combine. A long trading window and optional security checks create a perfect storm for potential losses. Users may pay more than expected due to price manipulation, or they may purchase tokens that they cannot resell later.
The researcher’s suggestions seem reasonable. Reducing the default swap delay to 60-120 seconds would be in line with industry standards. Making security scans mandatory, or at least harder to ignore, would protect users from obvious scams.
It should be noted that these vulnerabilities affect everyday users, not just technical experts. This is what makes them particularly worrying. When security breaches affect ordinary people trying to manage their cryptocurrency, the stakes are higher. Wallet developers have a responsibility to put in place safeguards that protect users, sometimes even from themselves.
I’m curious to see how Bitget Wallet reacts. Crypto wallet security is an ongoing challenge, and public scrutiny like this helps push the entire industry toward better practices. After all, trust is hard to earn and easy to lose in this space.
