A detailed explanation of EIP-6963: possible solutions to multi-wallet conflicts
Compilation of the original text: Deep Tide TechFlow
Compilation of the original text: Deep Tide TechFlow
first level title
Introduction to the problem
first level title
EIP-6963: Proposed solution
To address this, EIP-6963 proposes an existing mechanism to replace window.ethereum's EIP-1193 provider. The proposal introduces a set of window events to enable a two-way communication protocol between Ethereum libraries and injected scripts provided by browser extensions. This solution optimizes interoperability between multiple wallet providers, lowers the barrier to entry for new wallet providers, and improves user experience on the Ethereum network.
The proposal outlines a standardized Provider Information Interface (EIP 6963 ProviderInfo), which is essential for populating wallet selection popups. It also highlights the importance of declaring the provider interface (EIP 6963 ProviderDetail), which leaves the EIP-1193 provider interface unchanged for backward compatibility.
Key properties in the provider information interface include:
walletId: A globally unique identifier for the wallet provider (for example, io.dopewallet.extension or awesomewallet).
uuid: A locally unique identifier for the UUID v 4.0 compliant wallet provider.
name: The human-readable name of the wallet provider (for example, DopeWalletExtension or Awesome).
icon: A URI to an image, which should be a square with a minimum resolution of 96 x 96 px. PNG and WebP or vector image formats such as SVG are recommended. The proposal team strongly discourages the use of lossy formats like JPG/JPEG.
first level title
Impact of EIP-6963
According to optimistic estimates, the acceptance and implementation of EIP-6963 may take about three to six months. This development could lead to a new wallet story by the end of the year, potentially breaking the hegemony of leading wallet providers like Metamask and creating a more competitive environment among providers.
first level title
pros and cons:
advantage:
advantage:
No single point of failure: By allowing multiple wallet providers, we eliminate the problem of single point of failure. This is beneficial in terms of security, as it means that if one wallet provider suffers an attack or technical failure, users have alternatives available.
Reduced reliance on a single provider: Currently, the Ethereum community relies heavily on one provider, MetaMask. This poses a potential risk because if MetaMask is compromised, most Ethereum users will be affected. By supporting multiple wallets, EIP-6963 spreads risk.
shortcoming:
shortcoming:
Increased attack surface: Implementing EIP-6963 increases the attack surface. This is due to the increased number of wallet providers that can be attacked by malicious actors. Every wallet provider should adhere to high security standards to minimize this risk.
Potential Risks of SVG Image Exploitation: EIP-6963 proposes to use SVG images as icons for wallet providers. However, SVG images may contain JavaScript code, which may present a cross-site scripting (XSS) risk. While the EIP does specify that SVG images should use
tags are rendered to prevent JavaScript execution, but this recommendation can only be verified by third parties or auditors of each implementation.
in conclusion
in conclusion
EIP-6963 aims to enhance interoperability between multiple wallet providers, lower barriers to entry for new providers, and improve user experience on the Ethereum network. At the same time, the impact on security is complex.
Users, wallet providers, and Ethereum library developers must adhere to best practices to ensure the Ethereum ecosystem remains secure.
By implementing this proposal, the Ethereum ecosystem can evolve towards a more user-friendly and competitive environment, benefitting both wallet providers and their users.
