Investigate reuse a Limited Access Key #922
Labels
Decision
Further information or research is requested
Emerging Tech
Emerging Tech flying formation at Pagoda
Description
Kujtim Prenku
last week
@daryl Collins The first step for this task would be to update the NEP to add an explanation in the signOut method and advise wallets to not delete the key from localStorage and from the chain unless that accountId is passed to the accounts of the signOut https://github.com/near/NEPs/blob/master/specs/Standards/Wallets/InjectedWallets.md#signout method.
Then the signOut method of wallet-selector will need to be updated to take an optional accounts param so dApps can pass any account that they want to delete the key for.
For more context please have a look at older comments about this investigation.
Kujtim Prenku
June 5, 2023 at 4:44 AM
@daryl Collins We have got back to this ticket and investigated a bit more, the Injected Wallet’s standard for sginOut requires an array of accounts to be passed as a param:
https://github.com/near/NEPs/blob/master/specs/Standards/Wallets/InjectedWallets.md#signout
Maybe we can add a few paragraphs and a code example in the standard for signOut in case we don’t want the wallet to remove the key(s) from the chain we can pass an empty array to the signOut method. This will make sure that the keys are still valid since we don’t remove them on our side either.
The only “tricky” part is the ability to re-signIn with the previous account even though we might be able to change the state of the wallet selector the wallets are not aware that we have re-signIn.
If wallet builders will review the change in the standard they might have a better idea of how the re-signIn should be done.
The text was updated successfully, but these errors were encountered: