Elytro

The wallet requires user confirmation before accessing RPC endpoints.

The wallet requires users to connect before accessing RPC endpoints.

The wallet requires users to unlock it before processing requests from dApps.

The wallet doesn't refuse to sign an EIP712 object with a chainId that does not match the currently active chain.

The wallet does not support the eth_sign method, or it is disabled by default.

The wallet does not warn users of a domain or scheme mismatch when signing a SIWE message.

The wallet displays a list of connected DApps and allows users to remove connections. The functionality operates as intended.

The wallet does not offer a built-in or third-party option to revoke token approvals.

The wallet prompts users for confirmation before switching chains.

The wallet doesn't provide a detailed transaction simulation, expected incomes, and outcomes before execution.

The wallet displays the token, amount, and page URL with a link to the requesting website, but does not show the spender address in the approval transaction.

The wallet displays full messages in personal_sign requests and shows the truncated verifying contract within the EIP-712 object

The wallet does not parse EIP-712 objects for well-known contracts and protocols such as OpenSea Seaport listings or ERC-20 permits.

The wallet does not allow sending transactions with invalid checksums when attempting to send them manually.

The sign button is available initially.

The wallet provides clickable links in the history but not in the transaction preview for addresses, contracts, or transaction hashes.

The wallet provides seed phrase backup functionality and requires authentication to access the mnemonic or private keys.

The wallet includes a lock button in the main menu, allowing users to lock it manually.

The wallet does not provide an auto-lock timer and does not automatically lock after approximately 20 minutes of inactivity.

The wallet requires passwords to be at least eight characters long and prevents the use of easily guessable passwords, such as “12345678.”

The wallet does not allow users to copy the mnemonic, preventing it from being copied to the clipboard.

The wallet doesn't warn users about the risks of sharing or revealing their mnemonics or private keys.

The wallet doesn't display a warning message when users attempt to visit dApps flagged as malicious.

The wallet doesn't warn the user about a deceptive address while trying to send funds to the Tornado Cash Attacker address.

The wallet does not notify the user when attempting to connect to a well-known, verified URL such as Uniswap.

The wallet does not inform the user that he is interacting with an unknown address.

The wallet displays the dApp’s full origin URL.

The wallet lacks an NFT section.

The wallet informs users within the connection dialog that connecting allows the dApp to view their wallet balance, activity, and send approval requests.