Content
@
https://warpcast.com/~/channel/fc-devs
0 reply
0 recast
0 reaction
Andrei O.
@andrei0x309
The web wallet is a pretty good improvement, especially because it imported the same embedded wallet. I guess for sign-in to work, the user will need to add the Warpcast wallet address later as an Auth address. There are some design questions here: 1 Will auth be done automatically since Warpcast holds the custody key, or user will be prompted if he wants to be more in line with the user's choice?, and not to use the PK of the user without consent? 2 Since the user can authorize any address(except the custody since that's already authorized) for better UX sign-in should work with both the embedded wallet and external wallet there's no reason why an external wallet would not be supported for auth in this case. 3 IMO 7 days session days will just create frustration, users are used to the long-term session that practically never expires, the session expiration should match the auth token expiration, but users should be able to log out of the embed wallet for security reasons.
1 reply
0 recast
3 reactions
Tony D’Addeo
@deodad
1) almost certainly automatically since 99.98% will want this, the 2/10k can revoke 2) yea ideally though would take some more work depending, for instance you need custody signature to add an auth address so making it easy to do this is not easy, but a simple version that checks if the connected wallet is also an auth addresss on web feels reasonable 3) fair point. we went with 7 days to be aggressive but i think you’re right optimizing for UX is probably better
1 reply
1 recast
1 reaction
