Warn users when sending tokens to token contract address

[epheph]

Describe the bug
Hello, I run the "TokenOops" twitter bot ( https://twitter.com/TokenOops ), which chronicles the many millions of dollars of value lost to users accidentally sending ERC20 tokens to the token address, instead of the intended recipient. Recently, someone lost over $1,000,000 worth of $AAVE . Given how minimal/infrequently updated metamask token lists are, which requires users to copy/paste the contract address into MetaMask "Add Token" form, it is INCREDIBLY easy to make this mistake.

MetaMask should warn users when sending tokens to the contract address itself.

It is strange, because I see references to this protection in MetaMask's documentation, but it does not warn me when attempting to make this mistake?

https://metamask.zendesk.com/hc/en-us/articles/360020028092-What-is-the-known-contract-address-warning-

Steps to reproduce (REQUIRED)
Either add a built-in token, or "Add Token" for a token you have a balance of. Put address of token in the "to". Hit "Send" if you are willing to lose that amount of token.

Expected behavior
System should warn violently about the potential loss of funds, potentially even requiring some sort of a "type confirm" as seen from Uniswap's UI.

Screenshots

Browser details (please complete the following information):

• OS X
• Hardware Wallet: n/a
• Browser: Version 86.0.4240.80 (Official Build) (x86_64)
• MetaMask Version: 8.0.10

[epheph]

Related: #9606

[epheph]

Received this Twitter DM just this morning from someone who lost a lot of tokens:

[jacobc-eth]

This is a duplicate of #9437 so I'll be closing this one for now. Resolving this is a priority for us though.

[epheph]

Not sure how I missed the original ticket, thanks for linking them!