Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Wallet Request] Enable user to change mismatched cluster during authorization #472

Open
Michaelsulistio opened this issue May 22, 2023 · 2 comments
Open

[Wallet Request] Enable user to change mismatched cluster during authorization #472

Michaelsulistio opened this issue May 22, 2023 · 2 comments

Comments

@Michaelsulistio
Copy link
Contributor

Issue
Currently, if the wallet app's configured cluster is mismatched with the dApp's request (devnet vs testnet), then the request is either denied and user is informed (Phantom) and or silently fails (Solflare).

This is poor UX for dapp users who could be using new dApps that are in beta and still in devnet mode. These users would be forced to manually change clusters each time they use a different dApp.

Repro

Phantom Solflare Ultimate
image Silently fails after this image Does not support devnet/testnet

Proposal/Fix
When there is a cluster mismatch during authorization, give the user an option to change their configured cluster immediately in the auth flow.

At the very least, users should know why its failing and should not have silent failures like in Solflare.
@Funkatronics
Copy link
Contributor

When there is a cluster mismatch during authorization, give the user an option to change their configured cluster immediately in the auth flow.

The authorization request issued by a dapp includes a cluster field. So the auth token should only be considered valid for that specified cluster. So I would add the following details here:

When there is a cluster mismatch during authorization...

  • the wallet should check what cluster was specified for the provided auth_token
  • if there is a mismatch, wallets can choose how to handle this but should either allow the user to switch to the correct cluster (the one that was authorized), or show an error informing the user of the mismatch.

Some other thoughts:

  • wallets should always clearly indicate to the user what cluster is being used
  • wallets should not trust blockhashes provided by dapps. wallets should insert their own blockhash or at least verify the provided blockhash when signing a transaction to ensure that a dapp cannot perform a replay attack. If a dapp submits a transaction with an invalid blockhash for the specified cluster, an error should be thrown and the transaction should be rejected.

@d-reader-josip
Copy link

d-reader-josip commented May 24, 2023
edited
Loading

if there is a mismatch, wallets can choose how to handle this but should either allow the user to switch to the correct cluster (the one that was authorized), or show an error informing the user of the mismatch.

Please lets focus on the "allow the user to switch to the correct cluster" approach, dApps which rely on network switching have really poor user experience. Lets not throw errors everywhere (build walls), instead we should give users the option to "proceed with caution"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Michaelsulistio @Funkatronics @d-reader-josip