Open liangzai927 opened 3 years ago
Thanks for the report! Could you explain what you're trying to do? Neither of those two methods exist on our Ethereum provider.
Thanks for the report! Could you explain what you're trying to do? Neither of those two methods exist on our Ethereum provider.
I want the current page to disconnect from MetaMask
A bug, trying to understand some moves my second week
Gracias
I don't think we support that operation unfortunately. We could consider adding a method like that though.
Why do you want to disconnect? It would help if we understood the purpose.
I don't think we support that operation unfortunately. We could consider adding a method like that though.
Why do you want to disconnect? It would help if we understood the purpose.
We want the user to be able to disconnect from the metaMask on the current page as well, so that the user can only disconnect from the metaMask on the current page instead of locking the metaMask, so that other pages will remain connected to the metaMask. I don't know if I'm making this clear
Right, that all makes sense. But the motivation is still unclear to me. The dapp will disconnect from MetaMask when the page navigates, and that's sufficient for most dapps. If you don't want to use the MetaMask provider, you can simply ignore it.
Does leaving the connection open have some negative consequence that you're trying to avoid? e.g. do you just not want events to get triggered anymore, or do you want to reduce the amount of postMessage
noise, or are you looking to optimize performance, or is it something else?
I've already deleted the account, I hope I've fixed everything
How can I realize the disconnection operation in the animation?
I've added an issue on rpc-cap
to describe one of the internal changes we'd need to make to support this:
https://github.com/MetaMask/rpc-cap/issues/131
What if I'm on MetaMask mobile where there isn't even any disconnect functionality provided by MetaMask itself, and want to switch the account I'm using in the dapp. Its impossible.
On MetaMask Mobile, switching the selected account in the wallet will also switch the account used in-dapp. You should not need to 'disconnect' anything to switch accounts.
@liangzai927 Now you have the solution yet? I got a same problem,please help!
@liangzai927 Now you have the solution yet? I got a same problem,please help!
hello , have you already handled the problem? I got the same.
Right, that all makes sense. But the motivation is still unclear to me. The dapp will disconnect from MetaMask when the page navigates, and that's sufficient for most dapps. If you don't want to use the MetaMask provider, you can simply ignore it.
Does leaving the connection open have some negative consequence that you're trying to avoid? e.g. do you just not want events to get triggered anymore, or do you want to reduce the amount of
postMessage
noise, or are you looking to optimize performance, or is it something else?
The motivation is using MetaMask directly as an authentication mechanism and close() or disable() would offer functionality similar to a "logout". I don't think that this is an intended use case for MetaMask and web3 providers so maybe some documentation on how to integrate MetaMask with Firebase Auth or other auth frameworks would serve the community well.
Thanks for the clarification! Connecting with MetaMask does not authenticate the user at all, it just exposes the user's account to the site and enables certain methods to be called. There is no proof that the user is who we say they are, because there's no guarantee that the window.ethereum
you are interacting with is MetaMask's provider. It would be trivially easy to write an extension that injected a "fake" provider that pretended to be someone else's account for example, which would let anyone "log in" as anyone else.
Many sites do use the "Log in with MetaMask" pattern, but it needs to include a signature, which your site can verify. The signature is the authentication step. Then "logging out" is throwing the signature away.
You are absolutely right that we should have documentation that describes how to do this. I have created an issue for that here: https://github.com/MetaMask/metamask-docs/issues/318
@Gudahtt that makes sense. thanks for adding the issue. for anyone wondering how to do this, here is a writeup of how to use metamask with firebase auth: https://eliteionic.com/tutorials/creating-web3-login-with-ethereum-metamask-firebase-auth/
This comment on a linked issue seems worth surfacing:
I think this would be a great addition. I understand it may not technically be needed.
However as we try to move dapps towards more traditional web users not having a "log out" like feature/feel could be a barrier to entry. New users to the space may feel uneasy seeing that their wallet can be easily "reconnected" even tho they may have "logged out". I have seen many dapps fake the log out experience which could damage the trust in MetaMask even tho it is not MetaMask fault.
For example, OpenSea (a widely-used app) has a "Log out" button that appears to "disconnect" the account, but upon refreshing the page, you are still connected.
https://user-images.githubusercontent.com/6759464/149163080-291cd8ca-31c8-4638-93c3-5d125b88a69a.mp4
Developers should take accountability and not build bad experiences like this, however, it seems like there is a good opportunity to help users feel more secure regardless of developers actions.
For me, the need for a disconnect function is psychological.
There's a UX heuristic that states it should be easy for users to undo actions. While true that users can disconnect by opening Metamask and disconnecting from within the wallet, it's not the first place users would look. I think many users will look for a disconnect option around the same place where they connect in the first place. I think the presence of an obvious undo option is in some ways a signal of trust itself. Want to change your mind? Sure, we'll make it easy for you to do. I'm not a fan of Amazon for this very reason. Ever try to cancel your account? It's completely hidden.
I suspect this is why many Dapps provide a disconnect option, even though it's a bit of a placebo. There are many examples of placebo buttons in design, so there is precedence for implementing buttons that solve a psychological need instead of a technical one. Examples of placebo buttons include elevator call buttons and crosswalk buttons.
Beyond that, maybe one 'technical' need could be convenience. Currently, to disconnect from a site, I need to open Metamask, click the connected button, click the three dots icon to display the disconnect option, and finally select the disconnect option. Maybe a solution could be that a disconnect function triggers the wallet to open directly to a confirmation dialog where users can confirm the disconnect with a single click. This would reduce the number of steps from 4 to 2, and if it is triggered from the Dapp UI, it could solve the issue of having an obvious undo option in the UI layer. I mean, a disconnect function exists in the wallet UI, so why not make it easy for the user?
Seconded many of the comments above. I don't like that I can't properly disconnect a site from the front-end. Refreshing only to see that you're still connected via MetaMask is a poor UI. What website do you know that lets you click log-out, only to refresh and see you are still logged in? This UI is begging for mistakes.
In the event of someone connected with multiple accounts, this design could result in someone using the wrong account for something because they thought they previously disconnected one of the accounts.
This seems like it should be a no-brainer to include.
Seconded many of the comments above. I don't like that I can't properly disconnect a site from the front-end. Refreshing only to see that you're still connected via MetaMask is a poor UI. What website do you know that lets you click log-out, only to refresh and see you are still logged in? This UI is begging for mistakes.
In the event of someone connected with multiple accounts, this design could result in someone using the wrong account for something because they thought they previously disconnected one of the accounts.
This seems like it should be a no-brainer to include.
Agreed. Terrible UX choice.
Currently building a dAPP and I'm struggling to create a simple "Disconnect" button. How does something so obvious need to be discussed so much??
two years for trivial fix. good job.
To add to this UX and user psychological pain-point... now that I know that any disconnect function is just a facade, I'm still struggling on how to prevent users from asking me obvious questions like how do I disconnect my wallet from your dapp. Every word or phrase I can think of has an "obvious" antonym.
Log/Sign In = Log/Sign Out Connect = Disconnect Request/Grant Access = Revoke/Deny Access Use Metamask = an obvious question of "how do I stop using Metamask on your dapp?"
@Gudahtt Properly authenticating users is the sole responsibility of the maintainers of the Web 3.0 Dapps. Metamask is not an authentication mechanism and anyone using as such should hold the full blame. There is no need for you to mention this, write or really care about it.
That being said, the disconnect functionality is cosmetic. As some other commenters put it, instead of having to pull the MetaMask popup and press many buttons, I just go to my profile dropdown and disconnect. This should, in theory, both de-authenticate you (by purging some authentication tokens your service created) AND cancel the the metamask link just for the eyes of the user.
Hopefully, that convinces you to make this change as I spent the last hour trying to figure out why Wagmi was not properly cancelling the connection.
@Gudahtt This is a big inconvenient for developers of apps that allow users to connect and manage multiple wallets; not being able to disconnect a wallet from metamask makes it impossible to properly allow control over the user's connections from the application.
We all agree this is not a logout, we are all specifically asking to be able to diconnect the wallet, which is a well understood and already available concept, just not programmatically—it's not like disconnecting is not a thing. And like @omarabid mentioned, going through the extention requires several steps; some of us are actually trying to build for the truly unfamiliar user, so being able to provide something so simple would be great.
Please tell me where is my false. Thanks