MetaMask / metamask-extension

:globe_with_meridians: :electric_plug: The MetaMask browser extension enables browsing Ethereum blockchain enabled websites
https://metamask.io
Other
12.08k stars 4.94k forks source link

Wrong account connected might confuse users and is potentionally dangerous #24164

Open ackvf opened 7 months ago

ackvf commented 7 months ago

What is this about?

I am not sure if something changed, but for the past two years we did not observe this issue until recently.

When user changes to a different account from within MetaMask, our app will NOT receive that information and continues functioning with the previously connected account.

In the following screenshot, notice that I remain connected to CXIP #1, but I switched to CXIP #2 in MetaMask.

0) With all accounts disconnected 1) Initiate connection from within the App by clicking on button [CONNECT WALLET] and connect with Account #1 2) In MetaMask, switch to Account #2 3) Observe that nothing happens, no event is emmited and user keeps connected with Account #1, despite seeing Account #2 in their MetaMask extension 4) For further detail, I present you the connect/disconnect option within MetaMask, where you can see that Account #1 is still Active. image 5) Only after pressing the highlighted Connect, only then the App receives an event and is allowed to handle the change. metamask-switch-disconnect

On this third attachment notice the potential dangerous situation where the user THINKS they are on Account #2, but they are in fact signing transactions with Account #1 with no clear clue other than the account name, which can easily be missed, especially if the user choses poor names.

image

Unlike in this situation, where it did show a very subtle information, which is so subtle that it's almost useless too anyway. And I don't even know what the circumstances were to see this.

"Is this the correct account? It's different from the currently selected account in your wallet"

Compare the two:

image image

Scenario

GIVEN a user has two disconnected accounts WHEN user connects with one account from within the web App AND then switches to a second account in MetaMask THEN the App does not receive an event remains connected to account#1, while the user thinks they are using account#2 already

Screenshots added in main description.

Design

No response

Technical Details

No response

Threat Modeling Framework

No response

Acceptance Criteria

No response

Stakeholder review needed before the work gets merged

References

No response

ackvf commented 7 months ago

Related: AccountsChanged didn't fired when switching to a disconnected account #13825

ackvf commented 7 months ago

One account connected - nothing happens metamask-switch-one-connected

Both accounts connected - event is emitted metamask-switch-two-connected