Binance

Requires user confirmation before processing each DApp request.

The wallet requires user connection for every request.

The wallet requires users to unlock it for every request.

The wallet shows a warning when you are signing EIP-712 if the chain ID does not match the currently active chain.

The method "eth_sign" does not exist / is not available.

Doesn't show a warning about different domain or scheme mismatches when signing an EIP-4361.

It shows all connected DApps and also the chance to revoke access to them

The wallet allows for managing approvals via in-app functionality

It doesn't require user confirmation before processing the method

The wallet displays the NFT received when providing liquidity to a pool or a swap, as well as the MATIC and the USDC.e to be spent in the process

The wallet includes the contract address, token, effect, allowance, and contract spender address when interacting with Sushi dapp.

The wallet displays the verifyingContract field in the EIP712Domain for the OpenSea contract, blocking the user from signing an ERC-20 Permit, and displays all the information sent in eth_personalSign

The wallet parses EIP-712 objects for well-known contracts and protocols, such as OpenSea Seaport listings displaying a warning, and blocks the user from signing an ERC-20 Permit.

Through the wallet extension, it is possible to send a transaction to an address with an invalid checksum, while through the dApp, the request fails to send.

The wallet allows the user to sign data before reviewing it. The user can click to read the entire message, but the sign button is not disabled.

The wallet includes clickable links in the transaction history and during the process of sending a transaction.

The wallet supports seed phrase backup functionality and it enforces authentication to display the mnemonics or private keys.

The wallet includes a manual lock button in the settings menu.

The wallet offers auto-lock options, but by default, it is set to activate after 2 hours of inactivity.

The wallet requires users to create an 8-digit password but doesn't prevent the use of easily guessable passwords, such as "12345678."

The wallet does not explicitly warn the user about the risks of copying mnemonics or private keys to the clipboard, but doesn't allow you to copy

The wallet displays a warning in the mnemonics interface, but does not inform users exactly about the risks of sharing their mnemonics.

It doesn't show a warning when you want to connect with this site https://arbitrum-token-bridge-cqjggprvn-offchain-labs.vercel.app/

The wallet successfully warns the user when attempting to send a transaction to a well-known scam address, such as the Tornado Cash Attacker address.

The wallet doesn't show any messages when I'm trying to connect to UniSwap or 1inch.

The wallet does not warn the user when interacting with an unknown address.

It shows the full URL of this site https://arbitrum-token-bridge-cqjggprvn-offchain-labs.vercel.app/

The wallet does not display spam tokens, legitimate tokens, or NFTs;

The wallet does not inform users within the connection dialog that, by connecting, they are allowing the dApp to view their wallet balance and activity or to request transaction approvals.