Skip to content

feat: warn users when personal_sign message contains the string "wants you to sign in with your Ethereum account" #24128

Open
Open
feat: warn users when personal_sign message contains the string "wants you to sign in with your Ethereum account"#24128
Labels
needs-designNeeds design support.team-confirmations-secure-ux-PRPRs from the confirmations team
@digiwand

Description

@digiwand
digiwand
opened on Apr 19, 2024

What is this about?

Complete the following requirement of https://github.com/MetaMask/MetaMask-planning/issues/2278:
[ ] Ensure we warn the user when a personal_sign message contains the string "wants you to sign in with your Ethereum account". (see first recommendation here: https://eips.ethereum.org/EIPS/eip-4361#wallet-implementer-steps)

Scenario

No response

Design

We can use a warning banner alert for this. Copy and details should be discussed with design

Technical Details

No response

Threat Modeling Framework

No response

Acceptance Criteria

No response

Stakeholder review needed before the work gets merged

  • Engineering (needed in most cases)
  • Design
  • Product
  • QA (automation tests are required to pass before merging PRs but not all changes are covered by automation tests - please review if QA is needed beyond automation tests)
  • Security
  • Legal
  • Marketing
  • Management (please specify)
  • Other (please specify)

References

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    needs-designNeeds design support.team-confirmations-secure-ux-PRPRs from the confirmations team

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions