Adding support for direct integration with Radar extension, enabling Tally users to add optional protection from scams etc. The feature would be opt-in and extensible to other “wallet apps”. You can read more about radar at our twitter at https://twitter.com/meshedlabs .
Contributors - Chris Hunter, Con Mcgee-Stocks, Chris Ye - co-founders of Meshed Labs
Note this is a fresh proposal, with no previous discussions.
We request to build support for integrating with other extensions into Tally, starting with Radar. An added Tally settings panel would control the connection to externally connectable extensions and service workers. This connection would be a communication channel, first passing signature requests (RPC calls such as eth_sendTransaction and eth_signTypedData) allowing for Radar to run a risk analysis on the proposed transaction and second enabling extensions to call Tally for RPC requests.
- Tally would be first to add direct support for security extensions and open the door to other wallet apps such as our other extension, Courier [ Translating RPC calls to Gnosis Safe proposals ].
- This eliminates the current man-in-the-middle technique of existing security extensions intercepting RPC calls sent to window.ethereum.
- Tally as a representative piece for other wallets to use as an example for their own integrations with wallet apps.
- Feature is opt in [ must enable in Tally + install Radar for connection to work ]
As soon as the proposal is accepted we can start working on development, submitting a PR request in a short [but unknown] timeframe. Better scoping can be done if the initial response to the proposal is positive.
- Tally wallet adoption
- Social sentiment - ( conversations about tally doing more to protect their users )
- Transaction volume - ( more people transacting because they feel safe )
- Net promoter score - ( if currently tracked )
What are the key benefits?
Tally becomes differentiated in the market being the first to directly integrate w/ security extensions. Radar supports Tally users wanting additional layers of security and increases its usage.
What are the most likely risks?
Risks are minimal because Radar isn’t able to modify the RPC call, but only give its analysis on it. Granular permissions can modify what a wallet app can do. Feature is opt in so users not wanting to use it have no impact. Since future integrations are managed as a proposal, there is no risk of installing malicious apps.