I made this wallet in the course of two weeks based on Ethers, Ionic and Vue. Right now, it is built solely as a chrome extension wallet, but I used Ionic in case I will make later from the same code base a mobile/desktop variant.
It implements Metamask API and should work with most websites. I used my main address to do a few transactions on Polygon, Optimism, and Gnosis.
It has a nice set of refreshing features, like wiping all data, controlling all security settings, and importing or exporting a JSON with accounts.
It will work only with private keys and doesn't accept seeds like other wallets. It is a design choice since a seed phrase is a private key bundled with a derivation method to get multiple private keys from one seed phrase.
So similar to Metamask, you'll have only one selected account and one selected network at a time. The difference is that websites can directly query this information from your wallet, so the connect request has been removed. Now differently than the other wallets, websites will only get your selected address and not all addresses in your wallet. This behavior is mainly for privacy since I don't know why websites should be able to fingerprint you.
For absolute control, you can have your wallet keys stored in the storage unencrypted, encrypted using a password (encryption is native web crypto salted 256 AES-GSM with 5k iterations), with or without Auto-lock(2 to 120 min), with or without perma-lock.
Auto-locking will clear PKs from storage when a specific time has passed, forcing the user to input the password if the PKs are unavailable when they try to do a new TX.
Perma-lock will clear the PK immediately after the tx/sign process is executed, forcing the user to input a password each time they need to do a TX or sign something like a message or a typedSign.
Also, unlike Metamask, this wallet won't let you do a tx that throws a contract error since those are 99% supposed to fail, and Metamask will incorrectly put a high gas and allow you to do such TX, which can empty your wallet. Instead, CLW will show you the contract error without allowing you to send such a transaction.
Interestingly enough, this extension was made using manifest V3, and I'm yet to see many wallets that use manifest V3 Metamask currently on GitHub hosts a manifest V3 version, but the production one is still MV2.
In my opinion, MV3 will negatively impact all wallets because now there's no ability to have your own thread, which is very unfortunate and limiting.
This limitation of not having your own permanent thread was probably the worst decision of manifest V3 because it degraded the capability of what extensions can do by a significant margin. Without the ability to have a permanent thread, you don't really have something that resembles an actual program, and if your program needs to do computation often; Waking up the service worker will result in more CPU consumed than if you would have an active thread, and this is just for the browser to be able to free some RAM, which depending on the extension isn't even that much. An optimized extension can consume only around 50-60MB, which is much lower than what your avg site will consume.
Read the Full article on Mirror: https://mirror.xyz/andrei0x309.eth/9nc8UXrGIGOvz694ZY2gouS1JM9L8-Z8ITLNtirqD6Q