daniel-flex
commented
4 years ago @paulhauner is that happening when opening the app or when on the funding page? The app should not engage MM until on the funding page, otherwise it's a bug.
Closed paulhauner closed 4 years ago
daniel-flex
commented
4 years ago @paulhauner is that happening when opening the app or when on the funding page? The app should not engage MM until on the funding page, otherwise it's a bug.
paulhauner
commented
4 years ago It was happening when I "connected" (I think that's the term) Metamask to this specific app.
So it only ever happened once, since after that I was already "connected".
daniel-flex
commented
4 years ago Metamask requires explicit connection to applications, but if we can prevent this from happening until on the funding page then I think it's better.
daniel-flex
commented
4 years ago @paulhauner is this what you're seeing?
If so, this is part of MM, see the comment above this one. I'm not getting any metamask prompts until I hit the funding page. Let me know if I'm missing something.
paulhauner
commented
4 years ago Here's the one I saw
I had a look through the Metamask docs and I can't see how we could do away with the "View addresses..." permission, so I'm happy for you to close this unless you happen to know something additional :)
daniel-flex
commented
4 years ago @paulhauner agreed. I think this is good security on metamasks behalf. Perhaps the docs (or on-page info) could outline the process/reasons.
Closing for now
I noticed that Metamask said that this site needs permission to view eth1 addresses.
I have very little understanding of Metamask, but I was wondering if there's an option to not require to see users eth1 addresses? Although, as long as we have the tx hash we can know the sender, so perhaps we must always have this permission :thinking:
@danielharrison do you have some thoughts about this? :)