Block high-risk recipient targets before opening the wallet prompt #286
Description
Summary
frontend/src/components/SendTip.jsx currently warns about contract principals and about recipients who have blocked the sender, but it still allows the user to continue to the wallet prompt in those cases.
Why this matters
The current behavior lets users initiate transactions that are highly likely to fail or send funds to unsafe destinations. That creates avoidable frustration and makes the product feel less protective than it should.
Proposed work
- Add stricter preflight rules for known high-risk cases.
- Decide which cases should hard-block submission versus show an override flow.
- Prevent submission when block-check results indicate the recipient will reject the tip on-chain.
- Add stronger explanatory copy for contract principals and other unsafe targets.
Acceptance criteria
- Recipients who have blocked the sender cannot proceed to the wallet prompt.
- Contract-principal tipping is either blocked by default or gated behind an explicit advanced confirmation path.
- Validation messages clearly explain why the action is restricted.
- Tests cover blocked recipients and contract principals.