Created
September 11, 2019 14:25
-
-
Save aunyks/5d91467f76cb62203a64c96ec9bcc2b0 to your computer and use it in GitHub Desktop.
Web3 Snitch detects whether your web3 provider discloses identifying information to dapps without your permission.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html> | |
| <head> | |
| <meta charset='utf-8'> | |
| <meta http-equiv='X-UA-Compatible' content='IE=edge'> | |
| <meta name='viewport' content='width=device-width, initial-scale=1'> | |
| <title>Web3 Snitch</title> | |
| <style> | |
| html, | |
| body { | |
| font-family: sans-serif; | |
| width: 100vw; | |
| height: 100vh; | |
| margin: 0; | |
| padding: 0; | |
| color: black; | |
| } | |
| div { | |
| padding: 20px; | |
| } | |
| h1 { | |
| font-size: 2em; | |
| margin: 10px 0; | |
| } | |
| button { | |
| padding: 10px; | |
| background: black; | |
| color: white; | |
| } | |
| #home-link { | |
| position: absolute; | |
| bottom: 20px; | |
| right: 20px; | |
| color: black; | |
| text-decoration: none; | |
| } | |
| #home-link:visited { | |
| color: black; | |
| text-decoration: none; | |
| } | |
| </style> | |
| </head> | |
| <body> | |
| <div> | |
| <h1>Web3 Snitch</h1> | |
| <p id="intro-text"> | |
| Is your web3 provider snitching to dapps about who you are without permission? | |
| </p> | |
| <p id="is-snitching"></p> | |
| <hr /> | |
| <p> | |
| web3 account info available on load: | |
| <br /> | |
| <span id="web3-on-load">no</span> | |
| </p> | |
| <p> | |
| window.ethereum constructing web3 without permission: | |
| <br /> | |
| <span id="web3-no-permission">no</span> | |
| </p> | |
| <p> | |
| window.ethereum constructing web3 with permission: | |
| <br /> | |
| <span id="web3-w-permission">no</span> | |
| </p> | |
| <button id="web3-btn" onclick="requestInfo()">Request web3 information</button> | |
| </div> | |
| <a href="https://aunyks.com" id="home-link">⚡️</a> | |
| </body> | |
| <script> | |
| const setIsSnitching = () => { | |
| document.getElementById('is-snitching').innerHTML = '<strong>YES</strong>' | |
| } | |
| const isPushingOver = () => { | |
| return window.web3.eth.accounts.length >= 1 | |
| } | |
| const requestInfo = () => { | |
| window.web3 = new Web3(window.ethereum) | |
| if (isPushingOver()) { | |
| document.getElementById('web3-no-permission').innerHTML = '<strong>yes</strong>' | |
| setIsSnitching() | |
| } | |
| if (window.ethereum) { | |
| window.web3 = new Web3(window.ethereum) | |
| alert('Requesting access to your Ethereum wallet') | |
| document.getElementById('web3-btn').style.display = 'none' | |
| window.ethereum.enable() | |
| .then(() => { | |
| setTimeout(() => { | |
| if (isPushingOver()) { | |
| document.getElementById('web3-w-permission').innerText = 'yes' | |
| } | |
| }, 1500) | |
| }) | |
| .catch(() => { | |
| alert('You didn\'t allow account info to be revealed') | |
| }) | |
| } | |
| } | |
| window.onload = () => { | |
| if (isPushingOver()) { | |
| document.getElementById('web3-on-load').innerHTML = '<strong>yes</strong>' | |
| setIsSnitching() | |
| } | |
| } | |
| </script> | |
| </html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment