search

enkryptcom / enKrypt

Enkrypt: Ethereum, Polkadot and Web3 Wallet
https://www.enkrypt.com/
MIT License
303 stars 161 forks source link

eth_accounts method triggering connection request #287

Closed glitch-txs closed 1 year ago

glitch-txs commented 1 year ago

Hi, I'm currently using eth_accounts method on page load to check if the user is connected but with enKrypt it triggers the connection request which is not the intended behaviour, is it possible to make this method silent? For connection requests I'm using eth_requestAccounts This is how most wallets work. Ideally connection request should happen when user interacts with the page (e.g. clicking a button) and not on page load. Thanks!

kvhnuke commented 1 year ago

eth_accounts is also a call to get user accounts, I would suggest to use eth_requestAccounts before doing eth_accounts, you can detect whether user is using enkrypt by either checking window.ethereum.isEnkrypt or window.enkrypt

glitch-txs commented 1 year ago

eth_accounts is used to get the user account but not for requesting permission, that's requestAccounts method. Otherwise why having two method that do the same thing?

I'm using eth_accounts to get the user account silently in case is connected since I'm not saving sessions on localStorage I need a way to know whether the user is connected or not without requesting a connection

kvhnuke commented 1 year ago

eth_accounts is the standard way of getting user accounts, and eth_requestAccounts is something metamask introduced along the way and is not part of the standard. We want to make sure our users are aware whenever a dapp try to get user accounts using either way.

glitch-txs commented 1 year ago

Actually 'eth_requestAccounts' is mentioned on EIP-1193 and 1102:

The return value of eth_accounts is ultimately controlled by the Wallet or Client. In order to protect user privacy, the authors recommend not exposing any accounts by default. Instead, Providers should support RPC methods for explicitly requesting account access, such as eth_requestAccounts (see EIP-1102) or wallet_requestPermissions (see EIP-2255).

kvhnuke commented 1 year ago

Actually 'eth_requestAccounts' is mentioned on EIP-1193 and 1102:

The return value of eth_accounts is ultimately controlled by the Wallet or Client. In order to protect user privacy, the authors recommend not exposing any accounts by default. Instead, Providers should support RPC methods for explicitly requesting account access, such as eth_requestAccounts (see EIP-1102) or wallet_requestPermissions (see EIP-2255).

Yes thats why we have support for both, you'd be surprised how many dapps dont use eth_requestAccounts