wallets-overview #556
wallets-overview #556
Conversation
|
To fix the formatting issues:
npx remark -o --quiet --silently-ignore ecosystem/wallet-apps/overview.mdx |
|
Thanks for the updates to the wallet apps overview. A few high‑severity doc fixes are needed before merge, focused in Findings (3)High (3)[HIGH] TODO placeholders left in contentLocation: mintlify-ton-docs/ecosystem/wallet-apps/overview.mdx Lines 5 to 7 in eddb464 Description: Suggestion: -**TODO: clarify account moments**
-
-**TODO: add links**[HIGH] Unresolved placeholder in account initializationLocation: Description: Suggestion: - However, its **wallet address** can already be computed from the wallet’s **TODO**.
+ However, its wallet address can already be computed from the contract’s `StateInit`.[HIGH] Missing code formatting for literal seqnoLocation: mintlify-ton-docs/ecosystem/wallet-apps/overview.mdx Lines 49 to 53 in eddb464 Description: Suggestion: - - Sequence number (seqno) — ensures uniqueness and prevents replay attacks.
+ - Sequence number (`seqno`) — ensures uniqueness and prevents replay attacks.
@@
- Each processed transaction increments the wallet's seqno and updates its state.
+ Each processed transaction increments the wallet's `seqno` and updates its state. |
|
To fix the formatting issues:
npx remark -o --quiet --silently-ignore ecosystem/wallet-apps/overview.mdx standard/wallets/mnemonics.mdx |
|
Thanks for the updates to the wallet apps documentation. A couple of safety callouts need fixes to meet the style guide before merge. Findings (2)High (2)[HIGH] Safety callout lacks required structure for funds riskLocation: mintlify-ton-docs/ecosystem/wallet-apps/overview.mdx Lines 87 to 89 in e172281 Description: Suggestion: --- a/ecosystem/wallet-apps/overview.mdx
+++ b/ecosystem/wallet-apps/overview.mdx
@@
-<Aside type="caution">
- Developer wallets, such as TonDevWallet, are intended for Testnet only. Do **not** use them on Mainnet, as this may result in irreversible loss of funds.
-</Aside>
+<Aside type="warning" title="Funds at risk — Testnet only">
+ Risk: Using developer wallets on TON Mainnet can irreversibly transfer or expose funds.
+ Scope: Applies to developer wallets (e.g., TonDevWallet).
+ Environment: Use on TON Testnet only; do not use on TON Mainnet.
+ Rollback: None — on-chain transfers are final.
+</Aside>[HIGH] Safety callout lacks required details for mnemonic secrecyLocation: mintlify-ton-docs/ecosystem/wallet-apps/overview.mdx Lines 23 to 25 in e172281 Description: Suggestion: -<Aside type="caution">
- Keep it secret. Keep it safe.
-</Aside>
+<Aside type="warning" title="Secrets at risk">
+Exposing or storing your mnemonic can allow account takeover and loss of funds.
+Scope: your wallet and any derived subwallets.
+Rollback: none. If exposed, move funds to a new wallet and abandon the old mnemonic.
+Environment: use testnet mnemonics for tutorials; never reuse them on mainnet.
+</Aside> |
|
|
||
| Wallets manage accounts, control keys, sign messages, and initiate transactions. This process starts with mnemonic decoding and continues through transaction execution. | ||
|
|
||
| ### Mnemonic decoding |
There was a problem hiding this comment.
There was a problem hiding this comment.
you mean that it's already written?
|
|
||
| ## How wallet apps work | ||
|
|
||
| Wallets manage accounts, control keys, sign messages, and initiate transactions. This process starts with mnemonic decoding and continues through transaction execution. |
There was a problem hiding this comment.
Wallets or wallet apps?
There was a problem hiding this comment.
Should probably start with an explanation of what "custodial" means.
|
|
||
| A wallet account starts in the [nonexist state](/ton/statuses#status-variety), which is the default for accounts with no transaction history, code, data, or balance. At this stage, the account does not exist on-chain. | ||
|
|
||
| However, its **wallet address** can be computed from the [workchain_id](/ton/addresses/addresses-general-info#workchain-id) and [account_id](/ton/addresses/addresses-general-info#account-id). This address can be used to receive funds even before the wallet is initialized. |
There was a problem hiding this comment.
From its initial state, as for any other contract.
Initial state for some wallet contracts do have workchain id, but in fact the list of fields depends on the exact wallet contract used.
|
|
||
| However, its **wallet address** can be computed from the [workchain_id](/ton/addresses/addresses-general-info#workchain-id) and [account_id](/ton/addresses/addresses-general-info#account-id). This address can be used to receive funds even before the wallet is initialized. | ||
|
|
||
| After receiving coins, the account enters the [uninit state](/ton/statuses#status-variety). In this state, it holds a balance and metadata but cannot execute transactions or process messages. |
There was a problem hiding this comment.
It can be a part of transaction. It cannot execute code, because it doesn't have the code.
Please refer to corresponding section of block.tlb.
|
|
||
| When making a transaction, the wallet goes through these steps: | ||
| - **Message creation** — builds an external message with the recipient, amount, and optional payload. | ||
| - **Sequence number check** — reads the account's current on-chain `seqno` and includes it to prevent [replay attacks](/standard/wallets/how-it-works#how-replay-protection-works). |
There was a problem hiding this comment.
Not necessarily. Not all wallets have or must have seqno.
There was a problem hiding this comment.
The article doesn't describe things mentioned in the ticket, but instead repeats "How it works" article (in some parts even better than that article).
In order not to waste this good effort, most of this text might be landed to that article. For an "Overview" article please stick closer to the ticket.
closes #135