Open andersonmmi opened 6 years ago
Although I understand your concerns, would you have any ideas by which we could even detect this kind of behavior? If it were as simple as detecting if a user has used a non-mainnet testnet within a single session, then we could set some booleans in the background to trigger a warning message.
However, it seems in this case that you've imported a private key from Truffle. There isn't a very good way for us to detect if this is a "test address" on the various chains out there.
However again, this was a test address that is basically becoming a "whoops" ground for several people--would it help you if we just blacklist this specific address and warn people that this is the truffle address as a stopgap measure?
You know how imported addresses are labelled as loose? We could just label these testRPC/ganache addresses with "test". Seems like a logic test against the array of known test addresses could check this on the front end and it would be very light. I can code it up an PR it if that would help?
Yes please, go ahead and start up the PR and we can continue discussions there--thank you for such due diligence on writing up that blog post!
Full write up here: https://medium.com/@andersonmmi/truffle-testrpc-accounts-can-cost-unwarry-developers-real-world-ether-c314c9bc970a