status-im
/
EIPs
mirror of https://github.com/status-im/EIPs.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
EIPs/EIPS/eip-1102.md

139 lines
6.0 KiB
Markdown
Raw Normal View History

EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
---
eip: 1102
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
title: Opt-in account exposure
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
author: Paul Bouchon <mail@bitpshr.net>
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-07-03 21:42:37 +00:00
discussions-to: https://ethereum-magicians.org/t/eip-1102-opt-in-provider-access/414
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
status: Draft
type: Standards Track
category: Interface
created: 2018-05-04
Add EIP-1474 as a requirement to RPC ERCs
2019-05-21 14:01:08 +00:00
requires: 1474
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
---
## Simple summary
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
This proposal describes a communication protocol between dapps and Ethereum-enabled DOM environments that allows the Ethereum-enabled DOM environment to choose what information to supply the dapp with and when.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
## Abstract
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
The previous generation of Ethereum-enabled DOM environments follows a pattern of injecting a provider populated with accounts without user consent. This puts users of such environments at risk because malicious websites can use these accounts to view detailed account information and to arbitrarily initiate unwanted transactions on a user's behalf.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
This proposal outlines a protocol in which Ethereum-enabled DOM environments can choose to expose no accounts until the user approves account access.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
## Specification
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-10-08 18:32:30 +00:00
### Concepts
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-10-08 18:32:30 +00:00
#### RFC-2119
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-10-08 18:32:30 +00:00
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC-2119](https://www.ietf.org/rfc/rfc2119.txt).
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
#### `eth_requestAccounts`
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
Providers exposed by Ethereum-enabled DOM environments define a new RPC method: `eth_requestAccounts`. Calling this method may trigger a user interface that allows the user to approve or reject account access for a given dapp. This method returns a `Promise` that is resolved with an `Array` of accounts or is rejected with an `Error` if accounts are not available.
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-10-08 18:32:30 +00:00
```js
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
ethereum.send('eth_requestAccounts'): Promise<string>
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-10-08 18:32:30 +00:00
```
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-08 14:21:23 +00:00
#### Provider#enable (DEPRECATED)
Fix Markdown rendering within summary/detail (#2059) * Fix Markdown rendering within summary/detail * Add vendor to .gitignore * Remove duplicate github-pages entry from Gemfile * Require github-pages 198 This brings in fixes to kramdown. * Remove explicit jekyll version as github-pages brings it in as a dependency * Update bundler dependency tree * Fake bundler version * use Ruby 2.3.0 * Set sane defaults for kramdown * Fix links after kramdown update * Remove <details> formatting from EIP-1474 as it is not working with embedded markdown * Revert "Fix Markdown rendering within summary/detail" * Fix email in EIP-1812 * Remove <details> formatting from EIP-1620 as it is not working with embedded markdown
2019-08-08 20:05:52 +00:00
**Note: This method is deprecated in favor of the RPC method [`eth_requestAccounts`](#eth_requestaccounts).**
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-08 14:21:23 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-08 15:28:29 +00:00
Providers exposed by Ethereum-enabled DOM environments define a new RPC method: `ethereum.enable()`. Calling this method triggers a user interface that allows the user to approve or reject account access for a given dapp. This method returns a `Promise` that is resolved with an `Array` of accounts if the user approves access or rejected with an `Error` if the user rejects access.
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-08 14:21:23 +00:00
```js
ethereum.enable(): Promise<any>
```
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
### Protocol
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
#### Legacy dapp initialization
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
```
START dapp
IF web3 is defined
CONTINUE dapp
IF web3 is undefined
STOP dapp
```
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
#### Proposed dapp initialization
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
```
START dapp
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
IF provider is defined
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
REQUEST[1] account access
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
IF user approves
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
RESOLVE[2] account access
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
CONTINUE dapp
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
IF user rejects
REJECT[3] account access
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
STOP dapp
IF provider is undefined
STOP dapp
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
```
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
##### `[1] REQUEST`
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
Dapps **MUST** request accounts by calling the `eth_requestAccounts` RPC method on the provider exposed at `window.ethereum`. Calling this method **MAY** trigger a user interface that allows the user to approve or reject account access for a given dapp. This method **MUST** return a `Promise` that is resolved with an array of one or more user accounts or rejected if no accounts are available (e.g., the user rejected account access).
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
##### `[2] RESOLVE`
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
The `Promise` returned when calling the `eth_requestAccounts` RPC method **MUST** be resolved with an `Array` of user accounts.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
##### `[3] REJECT`
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
The `Promise` returned when calling the `eth_requestAccounts` RPC method **MUST** be rejected with an informative `Error` if no accounts are available for any reason.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
### Example initialization
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
```js
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
try {
// Request account access if needed
const accounts = await ethereum.send('eth_requestAccounts');
// Accounts now exposed, use them
ethereum.send('eth_sendTransaction', { from: accounts[0], /* ... */ })
} catch (error) {
// User denied account access
}
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
```
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
### Constraints
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
* Browsers **MUST** expose a provider at `window.ethereum` .
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
* Browsers **MUST** define an `eth_requestAccounts` RPC method.
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
* Browsers **MAY** wait for a user interaction before resolving/rejecting the `eth_requestAccounts` promise.
* Browsers **MUST** include at least one account if the `eth_requestAccounts` promise is resolved.
* Browsers **MUST** reject the promise with an informative error if no accounts are available.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-09-03 00:02:56 +00:00
## Rationale
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
The pattern of automatic account exposure followed by the previous generation of Ethereum-enabled DOM environments fails to protect user privacy and fails to maintain safe user experience: untrusted websites can both view detailed account information and arbitrarily initiate transactions on a user's behalf. Even though most users may reject unsolicited transactions on untrusted websites, a protocol for account access should make such unsolicited requests impossible.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
Automatically merged updates to draft EIP(s) 1102 (#2178) Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2019-07-06 14:56:14 +00:00
This proposal establishes a new pattern wherein dapps must request access to user accounts. This protocol directly strengthens user privacy by allowing the browser to hide user accounts and preventing unsolicited transaction requests on untrusted sites.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
### Immediate value-add
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
* Users can reject account access on untrusted sites to hide accounts.
* Users can reject account access on untrusted sites to prevent unsolicited transactions.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
### Long-term value-add
* Dapps could request specific account information based on user consent.
* Dapps could request specific user information based on user consent (uPort, DIDs).
* Dapps could request a specific network based on user consent.
* Dapps could request multiple instances of the above based on user consent.
## Backwards compatibility
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
This proposal impacts dapp developers and requires that they request access to user accounts following the protocol outlined above. Similarly, this proposal impacts dapp browser developers and requires that they only expose user accounts following the protocol defined above.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
## Implementation
Automatically merged updates to draft EIP(s) 1102 Hi, I'm a bot! This change was automatically merged because: - It only modifies existing Draft or Last Call EIP(s) - The PR was approved or written by at least one author of each modified EIP - The build is passing
2018-11-05 22:07:32 +00:00
The MetaMask team [has implemented](https://github.com/MetaMask/metamask-extension/pull/4703) the strategy described above.
EIP: Opt-in web3 access (#1102) * Initial draft * Strengthen constraint language and add noop logic path * Add identifier property to web3 request payload * Update example to remove error case * Add identifier to web3 response payload for filtering * Concretely detail DOM-specific APIs * Update and rename eip-web3-access.md to eip-1102.md * Remove unnecessary constraint link
2018-06-01 10:42:51 +00:00
## Copyright
Copyright and related rights waived via [CC0](https://creativecommons.org/publicdomain/zero/1.0/).