F/pk connector

[nigeon]

Allows connecting the wallet importing a privateKey, storing it encrypted in Localstorage, and storing the decryption key in the sessionStorage.

[emmdim]

@elboletaire Do we need the flow to export the private key in order to consider this PR completed?

[elboletaire]

@elboletaire Do we need the flow to export the private key in order to consider this PR completed?

Would it be here the key export? I mean, is it part of rainbowkit-wallets? I think it may be placed somewhere else. What I need to merge the PR are the tests/lint to properly pass tho 😅

[nigeon]

I don't think pk export belongs to the wallets package.

I'm not sure those errors are related to rainbowkit-wallets :S

[elboletaire]

I don't think pk export belongs to the wallets package.

I'm not sure those errors are related to rainbowkit-wallets :S

Doesn't look like, but main branch passes tests and this doesn't. Did you upgrade any package? I bet this is due to the new dependency crypto-js...

[elboletaire]

Doesn't look like, but main branch passes tests and this doesn't. Did you upgrade any package? I bet this is due to the new dependency crypto-js...

Wrong, a preliminary check showed downgrading SDK to 0.7.2 allows the tests to pass. Further testing shall be done.

[DanielSinclair]

Hey @nigeon and team! The Rainbow team noticed this addition today after using the OnVote product on Farcaster, and wanted to discuss more with your team to see if we could find a better and more secure way to let users connect their wallets. Typically we only see this behavior in malicious dApps that are phishing users for their Private Key, and it can be a dangerous UX paradigm to introduce and familiarize with users. An example of this is the recent Ledger Connect Kit supply chain compromise here that remotely injected a similar prompt into dApps to pull funds from users. We've also reached out on social channels to get a conversation setup.