Add support for Metamask provider.enable() security functionality

Question

Add support for Metamask provider.enable() security functionality

Closed this issue 6 years ago · 2 comments

bashlund commented 6 years ago

Environment/Browser

Any browser using Metamask

Description

This is about adapting to the braking change in how Metamask exposes users accounts.

Steps to reproduce

Enable the new security feature in Metamask settings (will later be defaulted to on)
Unlock Metamask
Open the developer console and see that no accounts are provided to Lab: web3.eth.accounts
In the console run: web3.currentProvider.enable(), this should pop up the confirmation window about Lab accessing MM accounts. Confirm the request.
See that in Lab and in the console the account is now accessible: web3.eth.accounts

Suggested solution

This is a asynchronous call (to enable Metamask) and it will take a lot of effort to inject it everywhere we are using web3.eth.accounts.
An easier solution would be to add a Enable Metamask button somewhere in the UI, which will do the enabling of the connection for us.
Lab will treat an un-enabled Metamask as it is unlocked, so if we change some of the notifications/warnings/errors about "Metamask being locked" to "Metamask is locked and/or not enabled", users will know they need to enable Metamask for Lab before using it.

Reproducible

100%
After confirming once, Metamask will remember the confirmation.

Answer 1 · 2018-12-19T12:43:55.000Z

@bashlund wouldn't this change only be relevant in the case you are working on with a public network right?> Why instead of adding a button, simply request this permission in the moment you change to a public network?

Answer 2 · 2018-12-19T13:46:44.000Z

@javier-tarazaga That is actually a very good idea. We would need to pop a modal which blocks the app until the user has unlocked and enabled Metamask, or until she cancels by choosing Browser/Custom network.