How did they implemented their non custodial wallet, without the user getting any seed phrase or a channel opening?
Discussion
Question for nostr:npub147whqsr5vsj86x0ays70r0hgreklre3ey97uvcmxhum65skst56s30selt ⬇️
nostr:note14unwarxqaxvzl6p3yfneulv5wjugv26mwdkfwxfe5zsv4mur7daqf43q8s
Great question. Idk.
But I kept trying to respond to you (on Primal) and this popped up several times 👀
Right after you clicket on reply button?
Yeah, Primal for web on safari. So weird. New feature being tested? (All those wallets are horrendous though) nostr:npub16c0nh3dnadzqpm76uctf5hqhe2lny344zsmpm6feee9p5rdxaa9q586nvr it’s so weird 🤷♀️
This looks like an XSS attack
👀
My friend sent me the same image yesterday asking the same thing. what is this exactly?
This is like a phishing thing, right? Where the attacker just hopes you will clicky click on the scam wallets? nostr:npub1jlrs53pkdfjnts29kveljul2sm0actt6n8dxrrzqcersttvcuv3qdjynqn
That looks like you have a full of shitcoin apps installed and your device is asking which one to use.
When you play with shit, you smell like shit.
Nope. I do not. Same thing was happening to others as well who were using Primal desktop. Follow the entire thread to see what the devs have to say. TLDR, it’s an XSS attack 🙄
The one annoying thing on nostr is when people jump to conclusions and or gossip 🙄
what you are seeing is Wallet Connect
a web3 solution to connect wallet to the app
it's a shitcoin thing, just a bit of code on the website that allows for a QR-based handshake
Can I block it?
In browser, inspect element, remove JS?
maybe using an extension like NoScript?
... I would tell the devs/open a github issue, sure you are not the only users not interested in this new feature they added...
or change nostr client, data portability rocks
Why is this suddenly being promoted on primal for no reason?
I don’t know that I’d called it promoted, but it is suddenly there and wasn’t earlier today
I meant prompted, but I understand, very weird
not a primal dev or user
my guess they added the code in but misconfigured the flags for when it should appear (not on reply function definately)
It's a free thing, they add it, now web3 domain holders can 'connect with wallet' and use their publickey as their identity (I am guessing)
not necessarily going full shitcoin, but welcoming users who want to connect via a web3 wallet... like a Google or Facebook OAuth