# 7.1 The "No-Wallet" Security Thesis

The primary attack vector in Web3 is the endpoint: the user's wallet. Phishing sites, clipboard hijackers, and malicious approvals drain billions annually.

Accessth mitigates these vectors through structural obsolescence:

1. Anti-Phishing: Since users verify specific intents (e.g., "Pay Merchant X") rather than granting blanket approvals, a phishing site cannot request "Access to All Funds." The signature would fail validation for any transaction other than the specific one signed.
2. The Null-State Defense: If a hacker gains access to a user's device, they will find no private keys stored in local storage and no funds associated with an address. They cannot "drain" the wallet because the capital is dispersed in the Fog Pool.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.accessth.xyz/part-7/7.1-the-no-wallet-security-thesis.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.