New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dApp connector removes inputs of the signed transaction #2160
Comments
@rooooooooob Please also check this out. |
Thanks for the bug report @anon-real. What version/(or commit if it's a dev version) are you using? I'm going to need some help on how to reproduce it. Correct me if I'm wrong, but the input that is disappearing is a regular P2Pk address with no assets? ( In terms of trying to reproduce it, can I take that |
@rooooooooob I am using the latest versions of Yoroi nighty and dapp connector from the google store. Spending |
@rooooooooob maybe need update dapp connector nightly version to latest because last update chrome store version was in may |
@deadit It's unlikely you will have to update the connector extension itself very frequently, if at all. All the logic for the UI / signing / etc is inside of the Yoroi extension. Here's which things the 2 extensions do: yoroi-ergo-connector:
yoroi-extension:
The reason we have it separate is more for security/permissions reasons (+ ability to opt-in to this functionality). The connector necessarily requires more permissions like the ability to access and modify every page you go to so that it can inject its API into the page and such, which we would rather not have to add into Yoroi. It doesn't look very appealing to users when they install the wallet (especially not knowing about the connector) and it says it can access/modify all pages they go to. We could have maybe done some runtime chrome permissions and tried to do both things fully within Yoroi with opt-in permissions, but we preferred this level of separation for security/privacy. |
@rooooooooob thanks for the clarification. So have you got any ideas about how this happens? |
@anon-real I haven't looked into it yet since there have been other issues that needed resolving first that were also easier to reproduce.
That would help, as otherwise I'm not sure where to start in reproducing it, as the behavior of signing the P2S while ignoring the regular P2PK one is really weird. We had a problem of it removing the P2S inputs but that was resolved in #2081. Due to some issues relating to upgrading sigma-rust from 0.7.0 to 0.10.0 that we found after it was merged, it was not included in any official releases but it's tagged for 4.6.0 along with the other fixes I've been working on this week. But that's the opposite of this problem... Currently (in |
I see your ErgoAuctionHouse repo. Is that it? Although I would ideally need some information how to use it/what to do to reproduce this issue. Or does it happen with all uses of it? |
@rooooooooob, thanks for clarifications! So when is the next Yoroi Nightly release? |
@rooooooooob I will deploy a version of the Auction House with which you can probably reproduce. I will provide instructions when it is deployed. |
@rooooooooob I have some strange problems which prevent me from deploying that version of the auction house.
The website should connect to your wallet and create the tx and will be printed in the console. However, since there is a token involved, your Yoroi will crash because of the issue I reported before. So when you are ready, please let me know to send you the token so Yoroi doesn't crash. Please let me know if anything else is needed. |
@oskin1 We're hoping for maybe tomorrow. |
dApp connector removes some inputs when signing the transaction. Example:
Unsigned transaction (input to
sign_tx
):Signed transaction:
As you can see, one of the inputs has been removed from the signed transaction causing the tx to be invalid.
The text was updated successfully, but these errors were encountered: