Some transactions such as crowdloan contributions, bridging, and XCM may result in funds being transferred to addresses which cannot be derived by the Ledger device, which means they become stuck. The only way to retrieve these funds is to enter the seed phrase into a hot wallet or our Ledger recovery tool which results in the security of the account being compromised, as it is no longer a 'hardware wallet'.
In order to reduce the chance of these incidents, we will implement some warnings in the signing popup. To achieve this, we need to:
[ ] Define the types of extrinsic which could pose a risk
[ ] Detect if the transaction being signed is one of those types in the signing UI
[ ] Raise an appropriate warning depending on the type of extrinsic
Can't detect if a payload is an XCM transaction right now as typings are basically different on every chain.
Would need to wait until we can move to another system than polkadot.js api for decoding
Some transactions such as crowdloan contributions, bridging, and XCM may result in funds being transferred to addresses which cannot be derived by the Ledger device, which means they become stuck. The only way to retrieve these funds is to enter the seed phrase into a hot wallet or our Ledger recovery tool which results in the security of the account being compromised, as it is no longer a 'hardware wallet'.
In order to reduce the chance of these incidents, we will implement some warnings in the signing popup. To achieve this, we need to:
Designs here: https://www.figma.com/file/oei6fpFFNQjPfXRnEBLm7x/Talisman-%7C-Wallet-Extension?node-id=421%3A35739&t=aGTaA7zBiQ2mzA89-1