Zerion

Implements Wallet Connect and requires user confirmation before processing each DApp request

Implements embedded browser and requires user confirmation before processing each DApp request

Implements WalletConnect and requires the user to unlock the wallet before processing each dApp request.

The wallet doesn't warn the user about the mismatching chain ID.

Implements embedded browser and requires user confirmation before processing each DApp request

The wallet does not warn users about domain or scheme mismatches when signing an EIP-4361 message.

It shows all connected DApps and also the chance to revoke access to them

The wallet does not provide the ability to list or revoke token approvals, either through in-app functionality or links to external dApps.

It does not require user confirmation before processing the switchChain method.

It shows the NFT we are receiving when providing liquidity to a pool.

It includes token, effect, allowance, and contract spender address.

The wallet displays all the information in a JSON without parsing.

It is showing plain data instead of parsing it.

It doesn't show any warning about incorrect address checksums and fixes the address, letting you confirm the transaction.

The Sign button remains available at all times.

The wallet includes clickable links in the transaction history and during the process of sending a transaction.

After clicking the 'Recovery phrase' button, the wallet requires a password to display the mnemonics or private keys.

The wallet doesn't have a "Lock Button", just a button to reset the wallet.

The wallet’s default lock time exceeds one minute. It does not lock when the device is locked or when switching to another app; it only locks when the wallet is manually closed.

The wallet supports biometric authentication but is not enabled by default. It enforces rate limits on login attempts, requires a minimum password length of six characters, and does not permit weak passwords.

The wallet does not warn users about the risks of copying mnemonics to the clipboard and allows copying for over a minute, but it prevents screenshot captures.

The wallet warns users about the risks of sharing their secret words or private keys with others. These alerts appear before the mnemonic viewing process.

The wallet alerts users when connecting to known phishing dApps, such as https://arbitrum-token-bridge-cqjggprvn-offchain-labs.vercel.app/.

The wallet alerts users about interactions with known phishing or scam addresses.

The wallet does not notify users when they are interacting with well-known or verified URLs (dApps) such as 1inch or Uniswap.

The wallet does not display any warnings when attempting to send a transaction to an unknown address.

The wallet truncates the website address instead of showing the full URL.

The wallet hides spam or scam tokens and NFTs sent to the wallet.

The wallet clearly informs users within the connection dialog that, by connecting, they are granting the dApp permission to view their wallet balance and activity, as well as to request transaction approvals.