You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
⚠️ Problem: Incorrect Address Format Acceptance and Fund Loss
I encountered a critical UX issue while using the Flow native wallet on Flow EVM. The wallet accepts Flow Cadence Network addresses (18 characters, e.g., 0x000000000001234) while on the EVM network. Instead of rejecting the transaction or warning the user, the tokens are redirected to a burn address (0x0000000000000000000000010000000000000000), causing fund loss.
Steps to Reproduce
1. Open the wallet in Flow EVM mode.
2. Attempt to send funds to a Flow Cadence Network address (e.g., 0x000000000001234).
3. The transaction appears to be processed successfully, but the tokens are sent to a burn address instead of the intended recipient.
Acceptance Criteria
• The wallet should validate address formats and lengths based on the active network (Flow vs. Flow EVM).
• The extension UI should clearly indicate the active network (e.g., through color coding or icons).
• Transactions with incorrect address formats should be blocked, and users should see a clear error message.
• If a user attempts to send funds to an incompatible address, the wallet should suggest switching to the appropriate network. (+ for better ux: offering bridging to the other network)
Context
While exploring the Flow ecosystem, I attempted to send funds from Flow EVM to a Flow Cadence Network address. When the wallet accepted the transfer, I assumed I was on the Flow Cadence Network. This issue caused unintended loss of my funds ($ XXXX FLOW) and has the potential to affect other users.
Standard UX practices for EVM Wallets should be implemented, and preventive solutions must be developed to mitigate such errors.
PS: I am happy to provide my transaction details and video recording as evidence for potential reimbursements.
The text was updated successfully, but these errors were encountered:
I encountered a critical UX issue while using the Flow native wallet on Flow EVM. The wallet accepts Flow Cadence Network addresses (18 characters, e.g., 0x000000000001234) while on the EVM network. Instead of rejecting the transaction or warning the user, the tokens are redirected to a burn address (0x0000000000000000000000010000000000000000), causing fund loss.
Steps to Reproduce
Acceptance Criteria
Context
While exploring the Flow ecosystem, I attempted to send funds from Flow EVM to a Flow Cadence Network address. When the wallet accepted the transfer, I assumed I was on the Flow Cadence Network. This issue caused unintended loss of my funds ($ XXXX FLOW) and has the potential to affect other users.
Standard UX practices for EVM Wallets should be implemented, and preventive solutions must be developed to mitigate such errors.
PS: I am happy to provide my transaction details and video recording as evidence for potential reimbursements.
The text was updated successfully, but these errors were encountered: