if a sign-txns request comes in the wrong acct/addr is auth'd in inkey-wallet, dont let them sign it. possible security hole.

thencc / algonautjs

A front end friendly Algorand utility

MIT License

10 stars 1 forks source link

Open spencercap opened 1 year ago

spencercap commented 1 year ago

consider completely un-auth'd state. can we catch it before they get to the approve/reject page of inkey-wallet?