aidanok
commented
4 years ago This is a wider issue which we are working on various solutions for. The current model of uploading a keyfile to a dapp is not ideal. So we are looking at solutions like an browser extension like metamask, potentially a metamask plugin, and integrations or dapps that provide similar functionality to things like formatic and portis.io.
A malicious or erroneous site may spend user's AR tokens in unlimited quantities by uploading big data blobs.
Additionally the user may mistakenly select a big file and spend more tokens than he or she intended.
Solution: Ask before spending money like MetaMask.