Trust Wallet

Implements Wallet Connect and requires user confirmation before processing each DApp request

Has an embedded browser and requires user confirmation before processing each DApp request

Implements Wallet Connect and, when in locked state, it requires users to unlock the wallet

The wallet does not refuse to sign EIP-712 messages when the chain ID doesn't match the currently active chain.

The 'eth_sign' method is disabled by default

The wallet doesn't warn users of domain or scheme mismatches when signing an EIP-4361 message.

It shows all connected DApps and also the chance to revoke access to them

The wallet displays token approvals but lacks the functionality to revoke them.

The first time a chain switch is requested, the wallet processes the method without user confirmation, but includes the networks in the connect dialog.

The wallet doesn't display the NFT received when providing liquidity to a pool; it just shows the MATIC to be spent in the process.

It doesn't include all the required information like the effect, token, etc.

Wallet displays all the information including the Domain with verifying Contract and the personal_sign with a large message.

It is showing plain data instead of parsing it.

The wallet does not display a warning and allows the transaction to be confirmed, automatically correcting the address when it is entered manually.

Sign button is available from the start

The wallet includes clickable links in the transaction history, but not during the process of sending a transaction.

After clicking the 'Manual' button, the wallet requires a password to display the mnemonics or private keys.

The wallet includes a delete button instead of a lock button.

The wallet automatically locks upon immediately leaving the app. Users can customize this auto-lock timing to suit their preferences.

Biometric authentication is used. The password must be 6 digits. After five failed password attempts, further access is blocked.

The wallet warns users about the risks of taking screenshots of their mnemonics and does not allow users to copy the mnemonics.

The wallet displays multiple warning messages about the risks of sharing mnemonics or private keys. These alerts appear both before and during the mnemonic viewing process.

The wallet does not alert users when connecting to known phishing dApps such as https://arbitrum-token-bridge-cqjggprvn-offchain-labs.vercel.app/, but it does display a warning when connecting to the testing dApp.

The wallet does not alert users about interactions with known phishing or scam addresses

The dApp includes a feature to inform users about verified domains, but it is currently malfunctioning, incorrectly marking a phishing site as verified.

The wallet does not warn users when they interact with an unknown or untrusted address.

The wallet displays the full DApp origin URL in the “Connect” dialog.

The wallet doesn't hide spam or scam tokens and NFTs sent to the address.

The wallet clearly informs users, within the connection dialog, that by connecting, they are allowing the DApp to view their wallet balance and activity and request transaction approvals.