►
From YouTube: WalletDev Meeting #2
Description
Agenda: https://github.com/ethereum-cat-herders/EIPIP/issues/147
A
It
has
risks
with
it.
So
we
decided
to
throw
together
an
eip
on
lists
of
rpc
providers
that
are
similar
to
uniswell's
token
rpc
or
token
lists.
So
that's
what
this
is.
I
don't
know
if
any
of
you
have
read
it
or
have
any
opinions
on
it.
If
you
haven't
read
it
read
it,
we
can
talk
about
it
in
the
channel.
B
A
Sure
so
it
would
be
a
modification
to
the
wallet
ui,
so
in
the
settings
somewhere
you
would
have
a
field
where
you
can
add
a
url
to
a
list.
It
might
be
on
ens,
it
might
be
on
http,
and
that
list
is
so.
Are
you
familiar
with
adblock
or
or
you
block
origin
or
any
of
those
kind
of
extensions
yep?
So
work
pretty
much
exactly
like
that.
You
subscribe
to
a
filter
list
or
you
like
in
adblock
and
in
in
wallets.
A
You
subscribe
to
an
rpg
provider
list
and
the
idea
is
that
you'd
have
some
kind
of
curator,
probably
initially
the
wallet
itself
like
would
be
the
default
and
that
curator
would
keep
a
list
of
supported,
rpc
endpoints,
and
so
that
would
let
you
switch
between
networks
like
you
know,
robster
and
garcia,
and
things
like
polygon
and
that's
kind
of
the
idea
behind
this.
So
instead
of
letting
people
add
random,
rpc
endpoints,
they
choose
the
list
that
has
the
rpc
endpoints.
They
want.
B
A
A
So
like
let's
say
the
version
number
on
the
list
that's
published
on
on
direct3dns
increases
a
major
version
that
might
mean
that
they
are
removing,
let's
say
a
test
net
and
apps
that
use
that
test
now
will
no
longer
work,
whereas
if
you
have
like
a
patch
change,
so
the
last
number
that
could
be
a
bug,
fix
or
adding
redundancy
or
or
something
along
those
lines.
So
it
gives
you
a
lot
of
like
it
gives
you
like
an
indication
of
what
might
be
changing
to
the
end
user.
B
C
One
thing
I'd
like
to
point
out
that
you
know
I
didn't
see
when
I
was
looking
at
it
for
uniswap
and
compound
anyone
who
really
maintains
a
list.
There
have
been
moments
where
other
people
maintain
a
forked
version
of
that
list
and
they
don't
update
it
at
a
regular
schedule
and
it's
led
to
exploits
maybe
there's
a
way
that
you
know
if
you're
going
to
fork
that
primary
list
or
you're
going
to
use
some
version
of
it.
Maybe
you
can
subscribe
to
some
email
list
like
geth.
D
A
A
B
A
A
So
sam
and
chat
raised
a
good
point
here,
which
is
it
makes
it
very
difficult
for
users
to
add
custom
rpc
providers,
because
you
have
to
fork
a
list
and
then
edit
some
json
and
put
it
in,
and
I
think
that's
part
of
the
point
of
it
is
to
make
it
difficult,
and
you
know
I
think
my
guy
brought
up
really
good
points.
I
don't
know
if
you
want
to
bring
them
up
again
here
about
why
it's
bad
to
add.
Rpc
end
points
like,
but
if
you
want
to
go
ahead.
A
D
You
described
during
bringing
spell
the
core
issue
here:
is
that
rpc
the
rpc
endpoint
you
connect
to
is
your
view
and
your
communication
channel
into
that
blockchain,
and
if
someone
adds
a
malicious
one,
they
can,
you
know,
do
bad
things
with
that
privileged
position,
and
so
the
idea
is,
generally
speaking,
users
should
be
relatively
careful
about
what
rpc
endpoints
they
add
and
they
should
be
getting
them
from
a
trusted
source.
You
should
not
be
adding
rpc
endpoints
that
something
I
wrote
on
a
bathroom
wall,
for
example,.
E
One
of
the
things
I've
been
hoping
to
see
is
more
diversity
in
in
rpc
endpoints.
That
users
are
using,
for
you
know,
say
when
they're
not
specifically
using
adapt
that
chooses
zone
and,
if
you're,
just
doing
simple
sends
or
whatever
the
default
is
like,
want
more
people
to
say,
use,
omnia
or
parked.
D
To
see
is
a
button
on
adapter
like
just
on
a
website
somewhere.
That
says
click
here.
To
add
our
add
polygon,
rpc
endpoint
to
metamask
or
whatever,
like
that's
the
thing,
that's
dangerous
is
having
a
user,
have
the
ability
to
add
like
for
a
simple
example.
I
have
my
own
ethereum
client
that
I
run
and
in
everywhere
I
can
I
use
it.
I
do
not
use
inferior.
I
do
not
use
quick
node.
I
use
my
own
and
I
definitely
think
I
mean
that's.
That
is
the
ideal
way
to
use
ethereum
right.
D
E
Would
this
list
of
rpc
endpoints
be
in
any
way
encouraging
people
to
pick?
You
know
the
not
the
top
most
popular
one
in
order
to
encourage
people
to
say,
try
a
different
one
than
in
fiera
or
what
have
you
because
otherwise,
like
I'm,
not
sure
how
users
will
learn
that
they
can
change
their
rpc
provider
if
they
can't
see
it
in
the
dap.
B
I
think
something
that
like
might
partially
satisfy.
That
is
that
if
this
list
gets
refetched
every
once
in
a
while,
then
if
like
wherever
it's
getting
re-fetched
from
is
dynamic,
they
could
do
something
like
order
them
by
speed
or
order
them
by
like
availability
or
response
time,
or
something
like
that
right.
So
the
place
where
the
rpc
provider
list
is
hosted
doesn't
just
have
to
be
plain
static.
This
is
the
list
it
could
also
be.
B
I
don't
know
like
a
node.js
instance
or
something
that
can
check
the
high
speeds
and
then
order
them
by
speed
and
then
send
that
out
so
the
next
time
somebody
requests
a
list
of
providers,
they
would
get
them
ordered
by
speed
or
like
we
need
to
find
some
way
to
to.
We
don't
need
to,
but
like
it
would
be
optimal
if
we
could
find
a
way
to
sort
them
somehow,
without
allowing
obviously
spoofing
of
speed
so
that
users
get
varied
rpc
endpoints.
Yet
still
you
know
the
one
with
the
least
load.
A
Yeah,
I
think
so
and
that's
part
of
what
I
tried
to
do
roughly
in
in
this
the
proposal
so
far,
which
is
you
can
specify
multiple
like
entities
as
rpc
providers
so
like
if
you're
a
pocket
like
whatever
and
each
one
of
those
can
specify
multiple
urls
and
then
the
wallet
can
choose
to
query
multiple
independent
entities
and
choose
one
url
from
each
entity
to
query.
So
they
can
do
like
quorum
kind
of
querying.
D
But,
if
it's
down
then
fall
back
to
a
quorum
between
the
other
three,
so
I
would
have
priority
one
set
for
my
node
and
then
priority
two
set
for
the
other.
You
know
three
or
four
end
points,
and
then
you
know
the
wallet
could
then
choose
how
to
use
that
information,
but
it
would
allow
me
to
convey
to
the
wallet
hey
this
one
is
better.
Please
use
this
if
it's
available
and
use
these,
if
it's
not.
A
D
So
I
I
it
feels
like
so
they
hope
what
I'm
imagining
is
that
if
someone
adds
an
rpc
list,
they
they
don't
have
to
then
go
and
fiddle
with
things
in
the
wallet,
and
so
the
rpc
list
is
presumably
from
a
semi-trusted
source.
At
least
that
can
make
these
social
decisions,
and
I
don't
want
the
user
to
have
to
then
go
and
add
the
list
and
then
say,
okay.
Well
now
I
need
to
supply
the
supplemental
information
that
is
not
included
in
the
list,
such
as
priorities.
D
What
I
think
it's
a
little
more
prescriptive
than
I
would
like
just
having
a
prayer,
an
intro
priority,
I
think,
is
enough
and
then
it's
up
to
the
wallet
to
decide
what
to
do
with
that.
So
someone
else
may
just
randomly
choose
one.
Some
may
do
a
forum.
Some
may
do
if
anyone
disagrees
that
one
like,
depending
on
your
security
level,.
C
Okay,
cool
something
else
that
could
be
possible
is
to
create
like
a
field
within
the
wallet.
That's
like
prioritization
and
it
you
could
prioritize
based
on
speed.
Just
take
the
list
whatever's
fastest
I'll
use
that
because
the
list
works
in
micah's
case,
you
could
do
custom.
You
want
to
prioritize
your
node
first,
followed
by
anything
in
this
list
ranked
by
speed,
but
it
gives
you
the
option
of
you
know,
selecting
your
ranking
mechanism.
E
I
do
wonder
if
the
things
that
are
most
important
to
users,
about
which
rpc
endpoint
to
select
are
not
instead
subjective
or
more
complicated
measures
like
are
there
privacy
features
on
this
like
omni
offers
a
a
mixnet
for
their
ingress
and
yeah.
It
might
not
be
the
fastest,
and
you
know
npr
might
be
faster,
but
I'm
not
so
sure
that
it's
obvious
how
I
I
guess,
maybe
that's
up
to
the.
F
D
Yeah,
I
think
in
my
mind,
that's
exactly
the
priority
would
be
used
for
as
well.
It's
like,
I
might
put
you
know.
My
note
is
number
one
and
then
something
that
has
privacy
features
like
a
mix
net,
that
it
routes
things
through
as
number
two
and
then
the
number
threes
are
just
traditional,
centralized
services
and
then
it's
up
to
the
wall
at
that
point
decide
what
to
do
with
that
information.
But
at
least
the
user
doesn't
need
to
understand
that
the
list
provider
as
a
woman
needs
to
understand
all
those
details.
D
Yes,
the
the
hope
here,
though,
is
that
they
only
need.
So,
if
you
imagine
a
future
world
where
there's
hundreds
of
l2s,
you
need
one
reputable
list
provider
rather
than
100
reputable
rpc,
endpoint
providers
and
so
for
a
user.
This
becomes
a
much
simpler
problem
of
or
even
a
wallet.
It's
like
it
may
be
that
the
wallet
will
just
come
with
a
default
list,
and
now
the
wallets
don't
need
to
manually
curate
a
100
rpc
endpoints.
They
can
manually
create
one
list
and
then
delegate
their
responsibility
to
some
third
party.
E
A
D
D
C
C
Then
you
can
have
your
russell
2000,
which
is
a
whole
bunch
of
other
diverse
endpoints,
that
someone
has
checked
and
curated
into
a
list,
and
you
can
trust
that
provider
to
tell
you
hey.
This
is
a
larger
list,
but
it's
meant
to
increase
diversity,
and
people
would
definitely
pick
that
up,
because
you
know
some
people
don't
even
know
how
to
get
those
endpoints
or
to
find
them
themselves.
E
I
do
think
that
the
idea
of
the
of
having
these
lists
is
a
good
idea
for
sure
no
argument
there.
I
would
wonder
if
we
can
decouple
the
idea
of
of
kind
of
like
restricting
dapps
or
anything
from
suggesting
changes
from
that
idea,
because
it's
not
itself
a
bad
idea,
I'm
just
not
so
sure
that
it
makes
sense
to
couple
those
two
things
together.
E
A
A
D
D
Like
I
don't
know
what
the
because
it
was,
a
single
domain
may
offer
multiple
rpc
engines
so
enough
domains
right
here.
Yes,
some
sort
of
key
so
that
they
can-
and
maybe
the
key
is
just
up
to
the
list
author
like
it
can
just
be
you
know,
numbers
or
some
arbitrary
value,
letters
or
some
arbitrary
value.
Just
so
that
when
you
do
an
extension
of
that
list,
it's
assumed
that
those
keys
are
stable,
and
so
they
can't
be
overwritten
say
I
want
to
replace
this
one
but
otherwise
use
that
list.
H
Jake
from
bls
wallet
here
we'd
definitely
be
interested
in
doing
that.
We
haven't
gone
through
the
process,
but
we
have
some
like
backlog
issues
to
try
out
our
prototype
extension
with
a
bunch
of
different
light
d.
Apps
so
doing
that
in
a
more
structured
environment
would
probably
be
pretty
good
for
us.
C
J
C
See
where
the
flaws
are
and
the
flaws
could
be
on
the
dap
side
as
well
in
terms
of
their
implementation.
So
I
think
it
is
a
pretty
win-win
situation
for
everyone
involved,
and
if
it's
done
at
some,
you
know
regular
interval,
maybe
once
a
quarter,
people
can
at
least
see
you
know
the
updates
and
make
sure
that
their
adapts
and
their
wallets
are
working
better.
F
C
A
I
feel
like
we
could
probably
get
a
like
we're
all
front
endish
developers
except
me,
so
we
could
probably
make
a
test
site
that
you
can
go
on
with
your
wallet
and
just
click.
A
button
and
it'll
tell
you
how
compliant
your
wallet
is,
and
maybe
we
can
use
that
to
I
don't
know
I
don't
want
to
say,
shame
people
into
doing
better,
but
I
know
there
are
some
wallets
that
are
less
compatible
than
others.
May
it
might
be
a
useful
tool
for
for
everybody
else
too.
So
you.
D
F
D
C
I
think
it's
a
good
idea
in
general
yeah.
Another
thing
I
could
see
is
maybe,
as
we
do
these
test
events,
you
know
before
there's
an
eip
proposal
or
anything
or
maybe
if
the
issues
are
pretty
small,
like
just
common
implementation
issues,
those
can
easily
be
pulled
into.
You
know
the
the
shame
test
site
where
it
goes.
Okay,
this
is
a
common
implementation
mistake.
This
is
a
common
browser,
configuration
mistake.
A
Yes,
that's
a
really
good
point
about
it
being
difficult
to
detect,
detect
some
features
and
characteristics,
and
I
think
even
pointing
a
wallet
at
a
alternate
chain
might
be
difficult,
so
it
might
be
difficult
to
do
tests
of,
like
you
know,
sending
transactions
and
whether
a
signed
transaction
broadcasts
it
or
not.
But
I
think
that
I
don't
think
those
are
instrumental
problems.
A
G
G
G
G
So
I
mean
there's
been
a
number
of
features,
nfts
being
an
example
that
have
like
come
to
the
ecosystem
that
haven't
been
represented
on
our
website
yet,
as
well
as
our
kind
of
like
user
experience
for
selecting
a
wallet
is
a
little
bit
overwhelming.
We
list
40
wallets
on
ethereum.org
and
they're
kind
of
randomized
order
and
users
don't
really
have
the
best
time
finding
a
wallet
for
their
needs,
so
we've
been
working
on
an
updated
version
here
of
the
page,
and
so
this
is
just
kind
of
dummy
data.
G
So
if,
when
your
wallet
is
on
here-
and
these
features
aren't
right,
just
it's
just
dummy
data
right
now,
so
basically,
what
we're
looking
to
do
with
this
page
is
come
up
with
some
user
personas
that
will
fit
kind
of
users
in
the
ethereum
ecosystem,
as
well
as
a
more
in-depth
feature
filter.
So
people
who
have
specific
needs
or
features
that
they're
looking
for
can
find
a
wallet
that
supports
it.
G
So
I
guess
with
that
part
of
what
we
wanted
to
kind
of
bring
up
since
plenty
of
people
working
on
wallets.
Here,
obviously,
is
we're
kind
of
we're
looking
for
data
to
be
submitted
on
wallets
so
that
we
can
list
them
and
have
accurate
information,
so
that
I
mean
like
when
we
put
this
live
if
a
wallet
hasn't
submitted,
updated
information,
they'll
still
be
shown,
but
likely
when
users
are
going
to
filter
on
features
that
they
want
to
have
in
a
wallet.
G
G
G
D
G
Yeah,
so
right
now,
so
in
order
to
be
shown
on
ethereum.org,
you
have
to
first
fill
out
this
issue
template
and
then
the
team
there's
about
10
of
us.
So
a
few
of
us
will
talk
about
a
wallet
being
listed
and
if
it's
kind
of
like
met
the
criteria
that
we've
set
out
here
in
terms
of
like
fulfilling
that.
So
if
a
wallet
let's
say
is
just
like
a
scam
fork,
we
should
be
able
to
look
and
like
oh
does
it
have
an
active
development
team.
G
When
did
the
project
go
live
like
there
should
be
some
things
that
we
notice
when
someone
submits
a
wallet
that
should
hopefully
stand
out,
but
we'll
also
try
and
talk
to
people
in
the
community
as
well
to
make
sure
that
we're
not
you
know
listing
a
scam
wallet
or
anything
like
that,
but
I
think
so
far
this
has
been
enough
for
us
to
just
be
able
to
get
like
a
gut
check
on.
If
this
wallet
or
a
wallet
that's
applying
to
be
listed,
is
a
scam
or
not.
For
the
most
part,.
G
Not
at
the
moment,
but
we
are
adding
some,
so
we
use
matomo
on
ethereum.org
to
gather
this
stuff,
so
we're
going
to
be
adding
botomo
events
onto
you
know
when
users
are
clicking
these
different
features,
so
we
should
be
able
to
get
an
idea
of
what
users
are
selecting
when
it
comes
to
features.
The
idea
would
be
like
we
could
track
down
the
matomo
events
that
someone
clicked
before
selecting
a
wallet
and
we
should
be
able
to
get
an
idea
and
the
idea
behind
some
of
that
as
well
is.
D
The
one
thing
I'm
very
curious
about
is
the
there's
a
wallet
one
wallet
feature.
That
is
a
feature
for
the
wallet
author
and
I'm
not
it's
not
clear
to
me
that
it
is
actually
a
feature
users
want
kind
of
like
advertising
right,
like
you
know,
google
puts
ads,
but
that
is
not
something
that
the
users
want
in
their
search
is
what
google
wants
to
search
and
that
is
buying
crypto
and
swapping
crypto
with
their
wallet.
I've
always
been
curious.
G
A
D
A
D
G
G
So
our
fine
wallet
page
is
about
5.5
of
our
monthly
traffic
and
we
get,
I
believe,
the
last
time
I
checked
we
get
roughly
between
one
and
two
million
views
a
month
I
mean,
depending
on
the
state
of
the
market.
So
obviously
probably
this
month,
it'll
be
quite
low,
but
earth
lower,
but
yeah
roughly
five
to
six
percent
of
our
traffic
is
on
this
page.
A
B
G
B
F
G
G
B
E
Written
down
to
check
out
is
there
a
list
of
vips
that
specifically
relate
to
wallet
functionality
and
is?
Would
it
be
beneficial
to
denote
that
in
the
wallet
finder
that
might
be
too
technical
for
the
audience
of
a
wallet
finder?
But
I
don't
know
that
seems
like
a
good
way
to
identify
features
that
users
might
want
to
search
for.
G
Yeah,
I
think
that
was
our
our
assumption,
for
the
most
part
right
now
is
that
most
users
are
going
to
be
pretty
new
to
the
space
when
they're
coming
and
finding
a
wallet
and
well
I'm
sure
a
more
advanced
user
would
benefit
from
having
that
on
the
page.
I
don't
know
that
that's
necessarily
most
of
the
traffic
we
get
but
stuff
is
something
that
I'll
write
down
to
think
about
or
bring
up
with
people.
I
G
A
D
A
Wallet
was
brainstorming,
some
ways
of
hijacking
windowed
ethereum
so
that
it
could
support
multiple
wallets
and
I
think
mike-
and
I
also
proposed
alternate
ways
of
doing
communication
between
web.
Like
web
extensions
and
web
pages,
mine
uses
a
custom
scheme
handler
so,
like
you
know
how
male
2
is
like
male
2
colon
is
a
scheme.
D
B
A
A
Web
plus
evm
colon,
slash,
slash
and
that's
the
whole
url
and
you
you
open
that
in
an
iframe
and
the
extension
can
handle
it,
and
you
can
post
message
to
the
extension
through
that
and
the
benefits
of
this
are
you
don't
need
any
custom
permissions
so
right
now,
every
wallet
needs
like
full
permissions
on
every
page
to
inject
a
script.
With
this
scheme,
like
handler,
you
don't
need
any
permissions
at
all
which
is
kind
of
nice.
B
D
A
So
you
would
get
one
so
yeah,
so
I
guess
another
advantage
of
it
is
that
it
uses
the
browser's
built-in
ui
for
choosing
a
handler
so
like.
If
you
had
five
extensions
installed,
you'd
get
to
pick,
but
the
downside
is
you
don't
get
to
control
how
it
saves
it
so
yeah?
So
for
firefox
at
least
the
option
is
permanently
saved
forever
or
don't
save
and
don't
save
would
be
like
as
long
as
the
iframe
is
open,
it
wouldn't
prompt
again
so.
A
D
D
D
A
I
mean
you:
could
you
could
absolutely
encode
so
kind
of
what
I
was
thinking
down
the
road
from
this
is
we
want
to
move
away
from
webex?
Well,
I
mean
I
want
to
move
away
from
web
extensions
as
wallets,
and
you
can
actually
have
an
external
program
handle
the
links
as
well.
So
you
could
put
the
the
let's
say:
the
wallet
connect
information
into
the
url,
so
that
cliche,
that
is.
A
B
A
E
J
I
D
A
There
are
some
neat
tricks
with
this,
so
you
can
actually
so
in
that
url
you
could
encode
a
like
if
you
are
local
on
the
same
machine,
but
I
mean
you
wouldn't
even
need
to
encode
anything
special,
it's
just
when
you
configure
a
webrtc
connection.
You
can
configure
it
with
or
without
stun
and
turn
and
ice
servers.
If
you
can
figure
it
without
any
of
those
things,
it
doesn't
require
a
third
party
server.
D
B
So
what
normally
happens
is
there
is
a
third
party
server.
In
this
case
the
wallet
connect
central
server,
where
one
client
say
your
web
browser
goes
to
advertise,
that
it
is
looking
for
a
connection
from
user
xyz,
and
then
it
makes
a
qr
code
that
goes
to
the
wallet
connect,
page
logs
in
as
user
xyz
or
and
etc.
So
the
moment
somebody
opens
that
url
in
their
wallet,
the
wallet
essentially
like
goes
to
wallet
connect,
says
hey,
I'm
supposed
to
be
xyz
where's.
B
The
connect
me
with
the
client
right
and
then
the
wallet
connect,
server
does
and
keep
in
mind.
This
happens
for
discord
voice
channels
as
well
right.
The
reason
we're
all
connected
now
is
because
there's
one
discord
server
that
said:
ta-da
connect,
even
though
they've
done
some
sketchy
after
that.
That's
how
it
was
originally
made
now
they're
routing
everything
through
centralized
servers,
but
that's
besides
the
point
essentially
using.
B
Connect
server
to
be
able
to
establish
a
connection
between
the
two,
but
if
you
could
encode
the
entirety
of
what
you
would
normally
be
sending
to
that
wallet,
connect
server,
saying
hey!
This
is
my
session
starting
request
message.
Then
the
qr
code
will
get
a
lot
more
complicated.
But,
hypothetically
speaking,
you
wouldn't
use
windows
server
anymore.
A
D
A
Yes,
you
need
wallet
connect,
but
also
have
a
like
a
post
message:
option
so
like
when
you
click
the
link.
It
would
generate
the
wallet,
connect,
url
and
register
a
handler
for
post
messages
and
then
open
the
iframe
and
then
whatever
happens
after
it
opens
the
iframe,
be
it
receiving
a
post
message
or
receiving
a
webrtc
connection.
It
proceeds
from
there.
D
D
B
Because
the
iframe
will,
when
opened
in
quotation
marks,
the
browser
will
go,
oh
shoot.
This
is
a
custom
scheme
and
instead
of
opening
an
actual
site
inside
of
the
browser,
you
know
the
way
an
iframe
normally
would
do
that.
It
will
pop
out
to
your
extension
or
pop
out
to
your
wallet,
desktop
software.
You
have
open
or
pop
out
to
the
native
app
on
your
phone.
D
B
D
D
And
I
say
you
know
proton
or
gmail
or
whatever,
and
then
it
just
takes
me
over
to
my
already
open
gmail
or
proton
tab
like
there's
no
iframe
involved
here
yet
I
have
successfully
communicated
between
two
apps
that
are
isolated
from
each
other
or
if
I'm
using
you
know,
desktop
mail,
app
it'll
open
in
the
desktop
mail
app.
I
guess.
A
B
I
think
you
said
it
did
say
something
crucial
there,
because
with
starts
a
new
email.
That
means
that,
like
an
email
to
link
actually
triggers
an
action
and
has
somehow
conveyed
data,
the
email
address
in
this
case
to
the
open
window.
So
if
you
have
a
ethereum
evm,
whatever
schema
prefix
and
then
after
that,
the
pairing
details
for
webrtc,
then
it
would
go
to
your
wallet.
B
A
D
D
A
B
Good
and
then
your
extension
will
just
talk
to
your
page
using
webrtc,
and
then
the
security
vector
has
been
even
more
restricted
right.
The
attack
surface
because
now
they're
only
sending
messages
through
webrtc,
which
is
a
very
limited
system,
as
opposed
to
through
whatever
the
hell,
the
browser's
post
window
post
message.
Window.Postmessage
thing
does
right,
which
might
be
different
for
browsers.
It
might
be
doing
x
or
y
or
z.
D
D
D
A
B
I'll,
do
you
one
even
better?
We
can
completely
wipe
wallet
connect
out,
because
if
this
link
we
have
now
right
becomes
a
qr
code,
then
I
can
scan
that
qr
code
from
my
phone.
My
phone
is
on
the
same
local
network
in
this
hypothetical
situation,
not
behind
any
firewalls
etc
or
behind,
like
the
20v
lands
I
have,
and
my
phone,
the
rainbow
app
or
the
metamask
app
can
simply
go.
Oh
shoot.
This
is
an
ethereum
evm
url.
A
No,
no,
no,
I
mean
yes,
that
that
would
satisfy
micro,
but
even
without
satisfying
mica.
All
we
would
need
to
do
is
add
a
web
plus
to
the
beginning
of
wallet,
connect,
urls
and
then
yeah.
It
would
just
just
work
because,
because
of
the
browsers
have
a
list
of
schemes
that
are
allowed
to
be
registered
as
custom
handlers,
so
I
think
just
adding
web
plus
is
all
you
need.
A
D
B
B
D
So
the
the
thing
that
I
just
sent
in
is
I
it
would
be
nicer
if
we
adapts
only
to
have
one
thing,
which
was
you
know,
a
web3
link
and
then
right
rather
than
having
to
display
either
a
qr
code
or
have
a
clickable
link.
You
just
have
one
thing:
user
clicks
it
and
then
it's
up
to
the
wallet
to
somehow
get
registered
as
the
handler
for
that
on
the
user
machine.
So
one
can
imagine
you
know
having
like
when
the
user
installs
mobile,
app,
tell
them
hey
on
your
desktop.
D
Go
to
this
page
and
click
enter
as
the
web3
handler
button
or
whatever,
and
so
that
way,
when
the
user
clicks
the
link,
it
will
just
open
a
new
tab
which
will
then
just
and
that
tabs
job
that
apps
job
is
just
to
show
you
the
qr
code,
and
the
reason
for
this
is
just.
I
want
to
be
careful
of
putting
too
much
onus
on
the
adapt
developers
to
support
multiple
mechanisms
for
communicating
with
the
user,
and
maybe
that's
the
best
ux,
and
that
isn't
what
we
doing
but
it'd
be
nice.
B
D
Yeah
same
thing
so,
and
I
think
that
would
be
the
same
right
so
you
just
you,
you
click
the
link
and
the
link
would
just
be
a
web.
Three
equals
life,
slash
or
whatever,
and
then
again
you
have
a
handler
app
set
up
on
the
local
host
and
all
that
handler
app
does.
If
you're
using
a
mobile
wallet
is
display
a
qr
code
like
it
just
turns
that
into
the
qr
code
or
if
you've
got
a
desktop
app,
then
it
actually,
you
know,
opens
the
actual
app
or
the.
B
D
B
D
Correct
one
time
per
host
you
would
the
user
would
need
to
register
their
wallet
on
that
host
and
say
hey
when
someone
tries
to
talk
to
a
wallet,
make
make
sure
I'm
available
and
I'm
not
arguing.
This
is
definitely
the
way
to
go.
It's
just.
I
think
that
we
have.
We
should
be
considering
the
the
ux
difference
like
versus
making
it
really
really
easy
for
daps
to
support
everything
out
of
the
box
without
needing
to
have
like
two
different
mechanisms,
and
I'm
not
it's
not
obvious
to
me,
which
one
matters
more
here.
A
D
A
D
So
the
worry
I
have
is
that
a
new
dap
is
going
to
pick
the
easier
one
for
them
and
do
that
first
and
then
at
some
point
in
the
future.
If
they're
successful
enough
they'll
add
the
other,
and
so
the
you
know,
if
the
scheme
handler
is
the
easier
one
to
implement,
you
know
every
dapps
can
implement
that
first,
and
that
means
any
wallets
is
support.
The
scheme
method
will
work.
A
D
You
don't
need
extension
because,
remember
mail,
two
links
are
handled
by
okay,
that's
true!
You
just
need
to
go
to
a
web
page
on
your
computer,
like
in
that
browser
and
click
a
button
that
will
register
the
handler
like
that's,
that
is
the
the
ux
pain.
Is
that
a
user
who
is
wanting
to
use
a
mobile
wallet
will
need
to
one
time
per
browser
per
computer,
go
to
a
web
page
and
click
a
button.
D
I
I
I
recognize
that
is.
It
is
a
non-zero
step
for
users
and
maybe
not
worth
it.
I'm
just
I'm
really
worried
about
like
we
already
see
this
right,
where
a
lot
of
dapps
will
only
support
metamask
initially
and
they
don't
add
other
well,
it
supports
until
later,
because
you
know
if
you
have
to
pick
one
thing
to
add,
you
add
metamask
and
for
when
you're
building
mvp
you
pick
one
thing,
you
don't
add:
support
for
10
things
right
out
of
the
box.
B
D
B
If
you
check
out
the
app
I
put
in
the
chat,
it's
what
I
built
with
a
hackathon,
what
is
it
last
week
at
ethbrug,
but
we're
using
rainbow
kit?
So
in
the
top
right
corner?
There's
a
connect
wallet
button,
I've
decided
to
go
for
no
rounded
corners
and
all
that
stuff,
and
then
it
automatically
has
rainbow,
which
is
in
reality,
just
wallet
connect
with
a
rainbow
emoji
coinbase
metamask
and
wallet
connect.
B
D
Yes,
so
this
is,
I
believe
this
is
exactly
the
same.
Solving
the
same
problem
as
well
through
react.
I
think
this
is
a
good
idea
and
like
providing
dapps
with
an
sdk.
That's
just
drop
in
for
the
framework,
I
think,
is
good,
and
so
so
I
so
so.
Yes,
I
am
a
fan
of
this
in
general,
and
my
my
only
question
is
is
if
we
can
solve
this
problem
without
requiring
a
user
to
use
a
you
know.
Yes,
ui
plug
for
their
thing,
that'd
be.
B
D
D
D
E
D
Yeah,
that's,
that
is,
I
did
not
realize
that
that
is
possible
yeah.
So
I'm
a
big
fan
now
of
all
this,
like,
like
I'm
gonna,
have
to
digest
some
of
this
information.
But
yes,
I'm
a
huge
fan
of
getting
rid
of
those
central
servers,
especially.
I
really
like
the
idea
of
if
your
cell
phone's
on
the
same
lan
as
your
computer,
you
should
not
need
to
go
to
a
stunt
server.
Yeah
like
you,
should
be
able
to
just
like
I.
I
really
want
mobile,
because
mobile
devices
tend
to
have
far
better.
D
B
So
who's
gonna
go
build
all
this
who's
gonna
go
build
all
this.
That's
a
good
one.
I'm
currently
doing
some
updates
on
a
variety
of
my
sites.
I'm
waiting
for
rpc
list.xyz,
which
I
bought
and
built
the
site
for
and
deployed
to
actually
properly
start
functioning,
I'm
having
some
stupid
dns
issue,
but
the
rest
of
the
thing
works.
B
D
D
A
D
D
A
B
B
Is
cool
on
my
iphone?
If
I
scan
any
of
the
wallet
connect
urls,
it
automatically
says,
camera
wants
to
open
rainbow
and
then
I
press
open
and
then
it
just
does
the
rest
of
the
magic.
It's
ridiculous.
How
well
wallet
connect
works,
but
it
is
also
ridiculous
that
it
manages
to
get
this
big
while
still
being
partially
centralized.