See Zafu in action.
Try four real scenarios without making any transaction. Zafu's overlay will appear directly in your browser β exactly as it does when you're sending crypto. Simulators check the transaction; Zafu checks the recipient.
Copy the address below. It looks like the real Uniswap V2 Router β but two characters are swapped at the end. This is what an attacker plants in your clipboard history.
Paste the address you just copied into the field below. Zafu will intercept it before it reaches the field.
Zafu's overlay will appear as soon as you paste.
A red alert shows two addresses side by side β the address you pasted and the real Uniswap V2 Router. The differing characters are highlighted in red. Zafu caught the near-match because this address has only 2 characters swapped from a known legitimate contract. You can cancel or β if you're sure it's safe β override with a confirmation checkbox.
Copy the address below. This is the canonical WETH (Wrapped Ether) contract β a well-known, verified address used by hundreds of DeFi protocols.
Paste the address you just copied into the field below.
Zafu will show a green confirmation banner and auto-dismiss in 2 seconds.
A green banner appears briefly and auto-confirms in 2 seconds. No clicking required. Zafu recognises WETH as a verified public contract and lets the paste proceed without friction. This is what trusted sends feel like β Zafu protects you without getting in your way.
Copy this USDT (TRON / TRC-20) recipient address. It's a fresh address Zafu has never seen β exactly like paying a new exchange deposit or counterparty.
Paste it into the USDT recipient field below. Zafu reads the asset and network from the field around it.
Zafu's Transfer Check panel appears on paste.
Zafu's Transfer Check panel separates what it observed (USDT asset hint, TRON / TRC-20 network hint, TRON address family) from what it checked (valid address format, no poisoned lookalike, no known threat signal) and what it could not check β there's no confirmed send history for this address yet. It reminds you to send USDT on the TRON network only, because the address alone never proves the intended network. Save it as a recipient in Zafu and your next send shows βKnown recipientβ instead.
Copy your intended USDT (TRON) recipient. Zafu records what you copied.
Click Simulate malware swap. This silently replaces your clipboard with an attacker's address β the way clipboard-hijacking malware does β without Zafu seeing a new copy.
Paste into the field below. Your clipboard now holds the attacker's address, but Zafu remembers you copied a different one.
Zafu compares the paste against the address you actually copied.
Zafu flags that the pasted TRON address doesn't match the one you copied moments ago β the classic clipboard-hijack used to redirect stablecoin transfers. You can stop and re-copy before any funds move. (If your browser blocks the silent clipboard write, the swap won't apply β that's expected on some setups.)
Recipient memory, one-tap wallet-history import, the wallet-bound Receive Instruction builder, the Best-sorted address book, and explorer Intel live inside the extension β they work on your own saved data, so they can't run on this page. Open Zafu to try them β