Uniswap

The wallet requires user confirmation for every request.

The wallet requires user connection for every request.

The wallet requires the user to unlock the wallet for every request.

The wallet refuses to sign an EIP-712 object with different chain IDs.

The eth_sign method breaks the dApp connection and fails to execute. However, personal_sign works correctly.

The wallet doesn't warn users of domain or scheme mismatches when signing an EIP-4361 message.

It shows all connected DApps and also the chance to revoke access to them

The wallet doesn't allow users to revoke token approvals through its own built-in revocation system or links to external DApps.

It doesn´t require user confirmation before processing the method

The wallet only shows outgoing transactions. It doesn't display the transaction incomes, such as NFTs received from a pool.

It does not include all the information required, just the contract address of WPOL with a link to PolygonScan and the symbol

The verifying contract is displayed in the EIP-712 object, and the wallet does not truncate large inputs in a personal sign request.

The wallet doesn't parse EIP-712 objects from well-known contracts and protocols.

When initiating a transaction through the testing DApp, the wallet does not warn about incorrect address checksums and allows you to confirm the transaction, although it doesn’t process it effectively. However, if attempted manually within the wallet, the transaction is not permitted.

When signing a personal message with a large input, the button remains available at all times.

The wallet includes clickable links in the transaction history and during the process of sending a transaction.

The wallet supports seed phrase backup functionality and it enforces authentication to display the mnemonics or private keys.

The wallet includes a manual lock button in the settings menu.

The wallet offers auto-lock options, but by default, it is set to activate after 30 minutes of inactivity.

The wallet requires users to create an 8-digit password and prevents the use of easily guessable passwords like "12345678."

The wallet does not explicitly warn the user about the risks of copying mnemonics or private key to the clipboard.

The wallet displays a warning in the mnemonics interface, informing the user about the risks of sharing their mnemonics.

The wallet does not alert users about connections to known phishing dApps like https://arbitrum-token-bridge-cqjggprvn-offchain-labs.vercel.app/

The wallet does not alert users about interactions with known phishing or scam addresses.

The wallet does not inform users when they are interacting with well-known, verified URLs (dApps) such as 1inch or OpenSea, but it does display a verification checkmark for Uniswap.

The wallet warns users when they interact with an unknown or untrusted address.

The wallet displays the DApp origin URL in the 'Connect' dialog.

The wallet successfully filters out scam and spam NFTs from the list.

The wallet clearly tells users it can see your address and token amounts, but won't move your assets without your permission.