You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
WalletConnect sessions are cryptographically secure, but users often approve connections with limited context about the application they are interacting with or the type of actions that may follow. Phishing remains a broader ecosystem challenge, largely due to gaps in user understanding rather than protocol-level security.
This seems less like a protocol weakness and more like a UX security gap at the moment of session approval.
One possible direction could be introducing optional context signals at wallet or SDK level before the user confirms a session. For example, information about the dApp origin, the general type of contracts it interacts with, or a history-based trust signal could help users better understand the context of a connection.
I’ve been exploring a prototype approach where dApps can be associated with human-readable metadata and a trust level recorded onchain, used purely as an informational UI signal rather than an authority or whitelist. The idea is not to block connections but to improve user awareness before they approve.
Curious to hear whether this aligns with ongoing UX or wallet-side safety discussions in the WalletConnect ecosystem.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
WalletConnect sessions are cryptographically secure, but users often approve connections with limited context about the application they are interacting with or the type of actions that may follow. Phishing remains a broader ecosystem challenge, largely due to gaps in user understanding rather than protocol-level security.
This seems less like a protocol weakness and more like a UX security gap at the moment of session approval.
One possible direction could be introducing optional context signals at wallet or SDK level before the user confirms a session. For example, information about the dApp origin, the general type of contracts it interacts with, or a history-based trust signal could help users better understand the context of a connection.
I’ve been exploring a prototype approach where dApps can be associated with human-readable metadata and a trust level recorded onchain, used purely as an informational UI signal rather than an authority or whitelist. The idea is not to block connections but to improve user awareness before they approve.
Curious to hear whether this aligns with ongoing UX or wallet-side safety discussions in the WalletConnect ecosystem.
Beta Was this translation helpful? Give feedback.
All reactions