Approval Flow

When a dApp requests a connection or transaction signature, the wallet opens a separate browser window - the approval window. This is not the popup or side panel; it's an independent page with its own URL containing the request ID.

Each approval has a time-to-live. If you don't respond within 10 minutes, the request expires and the window closes automatically.

Review a connect request

A dApp calls enable() or connect() on the injected provider. The approval window shows:

The dApp's favicon (or first letter of the hostname) and name
The origin URL
A risk badge: localhost shows a "dev" accent, plain HTTP shows an "unencrypted" warning
A checklist of accounts that can be shared with this dApp (only accounts with dApp-connect capability are listed)
Select-all and deselect-all controls

If the wallet is locked when the request arrives, the approval window shows the password/passkey unlock form first. After unlocking, the account checklist appears.

Tap "Connect" to approve (sharing only the selected accounts) or "Reject" to deny.

Walk through a sign request

A dApp calls signRaw() or signPayload(). The approval window shows a multi-step wizard.

Step 1: Review

Shows the transaction details in a human-readable card (decoded transfers, staking calls, batch operations, MeV Shield status). For raw signing, shows the account info card instead.

If the signing account involves a proxy or multisig relationship that isn't fully configured in the wallet, a warning appears ("pure_incomplete" or "multisig_incomplete") and the wizard is blocked at this step.

Step 2: Sign as (conditional)

This step appears when the transaction involves proxy or multisig wrapping. The wallet detected that the requested signer has proxy or multisig relationships and needs you to choose how to sign.

Shows when the proxy plan kind is one of: multisig, pure, pure_via_multisig, real_with_delegates, or delegate_for_reals.

Depending on the kind, you might see:

A multisig threshold badge and signatory picker
A proxy/pure proxy selector
A delegate account picker

Balance and fee hints help guide the selection.

Step 3: Confirm

The final step. Shows:

A signing summary with role cards (who is signing, via which proxy/multisig, with what proxy type badges)
Fee breakdown
Password/passkey authentication, Ledger confirmation, or Vault QR signing flow

Tap "Approve" to sign and return the result to the dApp.

Direct mode

When no proxy/multisig wrapping is needed and the transaction isn't blocked, the wizard collapses Steps 1 and 3 into a single screen - the review content is embedded directly in the confirm step.

Close when the network does not match

If the dApp's requested genesis hash doesn't match the wallet's configured network, a warning screen appears instead of the wizard. The only action is "Close," which also rejects the request.

See an already-resolved request

If you open an approval window for a request that was already approved or rejected (for example, from another window), it shows a brief "already been {status}" message.

Approval Flow ​

Review a connect request ​

Walk through a sign request ​

Step 1: Review ​

Step 2: Sign as (conditional) ​

Step 3: Confirm ​

Direct mode ​

Close when the network does not match ​

See an already-resolved request ​