Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Signature request screen must show requesting domain #6071

Closed
danfinlay opened this issue Jan 29, 2019 · 0 comments · Fixed by #10300
Closed

Signature request screen must show requesting domain #6071

danfinlay opened this issue Jan 29, 2019 · 0 comments · Fixed by #10300
Labels
type-enhancement

Comments

@danfinlay
Copy link
Contributor

danfinlay commented Jan 29, 2019
edited
Loading

Currently our signature challenge screen as presented by 3Box does not show the requesting domain, so if I'm looking at another domain while the challenge pops up, I might think it's coming from them, which could be used to mitm the 3box secret material.
@bdresser bdresser mentioned this issue Jan 31, 2019
Closed
@PatrykLucka PatrykLucka mentioned this issue Sep 9, 2020
Closed
@danfinlay danfinlay added the Sev2-normal Normal severity; minor loss of service or inconvenience. label Jan 5, 2021
@Gudahtt Gudahtt added type-enhancement and removed Sev2-normal Normal severity; minor loss of service or inconvenience. labels Jan 5, 2021
Gudahtt added a commit that referenced this issue Jan 27, 2021
@Gudahtt
Add origin to signature request confirmation page
fe7861d 
Fixes #6071

The origin of the dapp that suggested signing has been added to the
signature request confirmation page. This only applies to `eth_sign`,
`personal_sign`, `eth_signTypedData`, and `eth_signTypedData_v1`. The
confirmation page for `eth_signTypedData_v3` and `eth_signTypedData_v4`
already featured the origin.
@Gudahtt Gudahtt mentioned this issue Jan 27, 2021
Merged
Gudahtt added a commit that referenced this issue Jan 28, 2021
@Gudahtt
Add origin to signature request confirmation page (#10300)
d899388 
Fixes #6071

The origin of the dapp that suggested signing has been added to the
signature request confirmation page. This only applies to `eth_sign`,
`personal_sign`, `eth_signTypedData`, and `eth_signTypedData_v1`. The
confirmation page for `eth_signTypedData_v3` and `eth_signTypedData_v4`
already featured the origin.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type-enhancement
Projects
None yet
Milestone
No milestone
2 participants
@danfinlay @Gudahtt