Tenderly is a legitimate blockchain development platform. Searches for a "Tenderly RPC scam" point to a social engineering trick that abuses custom RPC endpoints, not to any problem with Tenderly. This page explains what the scam is, how it works, and how to stay safe.
Short answer
Yes. Tenderly is a legitimate blockchain development platform used by Web3 engineering, security, and operations teams to build, test, simulate, and monitor onchain systems. It is not a scam.
What people call the "Tenderly RPC scam" is not a flaw in Tenderly or in your wallet. It is a social engineering trick in which a bad actor convinces you to add a custom RPC network to your wallet. That custom network shows a fake balance that does not exist on the real blockchain. The fix is simple: never add an RPC endpoint that a stranger gives you, and only use your wallet's default network.
What people mean by the "Tenderly RPC scam"
The scam is a known pattern that security firms such as SlowMist, imToken, and MetaMask have documented. It usually unfolds like this:
- A scammer builds trust or creates urgency, often by sending a small real transfer first, or by posing as support for an exchange or a trading site.
- They tell you to add a custom network or a "faster", "dedicated", or "official" RPC node to your wallet. The URL they share often contains a string like
rpc.tenderly.co/forkorvirtual.mainnet.rpc.tenderly.co. - Once added, your wallet starts reading data from that sandbox environment instead of the real chain, so a large balance suddenly appears.
- When you try to move the funds, they say you first have to pay a fee, tax, or deposit to "unlock" or "activate" the withdrawal. That fee is the real theft. The balance you saw was never real.
Crucially, this scam does not require your seed phrase, private key, or a token approval. It only changes what your wallet displays, which is what makes it so convincing.
Why scammers abuse custom RPCs and Virtual TestNets
An RPC node is the gateway your wallet uses to read the blockchain: balances, transaction history, and contract state all come from whichever node your wallet is pointed at. If that node is controlled by someone else, it can return data that is not true to the live chain.
Tenderly Virtual TestNets are sandbox copies of real networks. Developers use them to test transactions safely, set arbitrary balances, and simulate scenarios before deploying to production. Setting a balance to any amount is an intended testing feature, and those funds have no real value, exactly like traditional testnet tokens. Scammers misuse that legitimate capability by pointing a victim's wallet at one of these test environments so the fake balance looks real.
This is the same class of trick as classic testnet token scams. The tool is doing exactly what it is designed to do for developers. The deception is entirely in convincing a non-developer to connect to it.
Warning signs you are being targeted
Treat any of these as a strong red flag:
- Someone asks you to add a network or RPC URL. No legitimate exchange, wallet, or support team needs you to manually add a custom RPC to receive your own funds.
- A balance appears only after you changed your network. Real deposits do not depend on which RPC you use.
- You are told to pay a fee, tax, or deposit to withdraw. You never have to send money to receive money you already supposedly hold.
- Pressure and urgency. "The node is congested", "switch to this faster channel", "act now or you lose access".
- The contact came to you. Unsolicited messages on Telegram, Discord, WhatsApp, SMS, or social media offering help to recover or withdraw funds.
How to protect yourself
- Use your wallet's default RPC. Do not change network settings on someone else's instructions.
- Never add an RPC URL a stranger sends you, regardless of what brand name appears in it.
- Verify by switching back. Remove the custom network and select your wallet's default. If the balance disappears, it was never real.
- Remember that test funds have no value. Balances shown on a sandbox or testnet cannot be sold, swapped, or withdrawn.
- Never pay to unlock a withdrawal, and never share your seed phrase or private key with anyone.
If you have already added a custom network, remove it, move any genuinely owned assets to a fresh wallet if you also shared sensitive information, and stop contact with whoever guided you.
Is Tenderly itself safe to use?
Yes. Tenderly is an established blockchain development platform. Teams use it for transaction simulation, debugging, a production-grade Node RPC, Virtual TestNets, and onchain monitoring. The custom RPC scam abuses a public developer feature through social engineering. It is not a breach of Tenderly and it is not a vulnerability in your wallet.
Tenderly will never contact you to ask you to change your wallet's RPC or to pay a fee to release funds. If you build on Tenderly, you can learn how Virtual TestNets work in the documentation, and explore the Node RPC built for production financial systems.
Reporting abuse and getting help
If you encountered a scam that referenced Tenderly, you can report the details to the Tenderly team through the contact page. Reporting the wallet addresses and any URLs involved to your wallet provider and to onchain analytics services also helps others avoid the same trap.