-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make account
optional for SignInParams and SignInMultiParams on Injected Wallets
#484
Make account
optional for SignInParams and SignInMultiParams on Injected Wallets
#484
Conversation
account
as optional param for SignInParams and SignInMultiParamsaccount
optional for SignInParams and SignInMultiParams on Injected Wallets
As a moderator, I see this change to affect just 2 lines of NEP, but given that it is technically a breaking change I have to invite @near/wg-wallet-standards experts to review them. I feel that given that this NEP is not widely implemented yet, we can keep this NEP voting lightweight, so post a casual review comment, and once we're all good, let's merge it. |
This is changing the parameter from required to optional. This means it doesn't change existing software (all code will continue to work). |
@kujtimprenkuSQA could you also include motivation (from the PR description) in the document itself. |
Let me know if we need to change the wording or move the explanation to a different place in the document. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@kujtimprenkuSQA Thanks for this change! Could we indicate on the document the behavior of wallets when the account is not passed in to these methods?
If we don't pass the The only way we could send an account is if a wallet is fully implemented according to the current Standard:
This ensures that the dApp holds the limited access key and can sign transactions that don't require to be confirmed by the wallet. |
Thank you @kujtimprenkuSQA for bringing this up! As a Wallet Working Group member, I think we should merge the minimal changes suggested to provide a better user experience by ensuring dapps hold limited access keys and can sign transactions without confirmation from the wallet. This way, wallets have the option not to be responsible for creating the key pair and exposing the limited access key to the dApp. I also appreciate how the This checks out to me and I’m supportive of it. |
@esaminu @MaximusHaximus Do you support this proposal? |
@kujtimprenkuSQA I like the new interface but I don't understand how the LAK will be exposed to the dapp if we return NEPs/specs/Standards/Wallets/InjectedWallets.md Lines 112 to 113 in c97a640
Is the reason current injected wallets do this so that the user selects the account on the wallet instead of the dapp? If so maybe we can move the current functionality of the NEP into a |
@esaminu The change was requested to give the option to wallets to implement
|
Thanks for the explanation @kujtimprenkuSQA . IMO the NEP should allow for both implementations and I think this can be done by simply indicating in the NEP document that if
Both methods return |
@esaminu Thank you for the comment. I have added some explanation in the document about this change, and if there are no other suggestions, I think this should be ready for final voting. It would be good if someone can take a look at the PR for |
I have some concerns about the motivations behind this change. In particular I'd like to better understand the problems faced by wallet developers in conforming to the standard.
Relaxing the standard to meet existing implementations strikes me as a myopic route. It dilutes the intentions behind the standard, which would necessarily have been written with the understanding that current implementations did not adhere to it.
What was the original rationale for requiring the account ID? Has anything changed that necessitates/motivates relaxing this constraint?
Is this a burdensome change for wallet developers to make? If there's friction with implementing the standard then it would be better to address that directly rather than doubling down on deviation from the standard. Adjusting the standard to fit the implementation because wallet developers have not yet adopted it really undercuts the purpose of having defined the standard this way in the first place.
To me this really stresses that the behavior is fundamentally different between signing in with an account vs not specifying one at all. If that's the case then wouldn't it make more sense for there to be an entirely separate method for signing in without an account? e.g. something like |
The motivation for this change was to make the standard less strict since none of the wallets have implemented even
I have to agree with this point, this change would not be needed if wallets would have been aligned with the standard.
Initially, when the wallet-selector team was working on creating the standard for Injected Wallets we had many discussions, and the idea for requiring account ID during Since the existing wallets have not aligned the signIn to accept an accountId during sign-in we thought that relaxing the standard would make sense to keep the implementation of signIn and signInMulti similar.
I agree, this change would not be needed if wallets are pushed to align with the standard. |
Hello @esaminu @MaximusHaximus , Id like to confirm the status of this NEP and your thoughts on progressing this NEP to the voting stage |
As the moderator, I assume this PR is no longer active given that there was no activity for very long time. Therefore, I am closing it. If anyone is interested in reopening this PR, please submit a new one. |
The Standard for Injected Wallets requires that an
account
must be passed toSignInParams
andSignInMultiParams
but since the standard has been set in place none of the wallets follow this approach and some of them keep theLAK
inside the wallet.While working on adding the
singInMulti
based on NEP-428 to the Wallet Selector near/wallet-selector#811 we noticed that this change is necessary for wallets that need to do thesignIn
andsignInMulti
implementation in a similar way, so the passing of an account does not become a blocker during implementation.