fix: cross-wallet duplicate address detection on import

Previously each import method (mnemonic, private key, xprv) only checked for duplicates among wallets of the same type. Now all three check the derived address against ALL existing wallet addresses regardless of type, and mnemonic/xprv imports also compare xpubs against existing HD/xprv wallets. Closes #111
Merge pull request 'feat: show red warning when sending to address with zero tx history' (#98 ) from issue-82-zero-tx-warning into main
2026-02-28 16:01:40 -08:00 · 2026-03-01 00:54:15 +01:00 · 2026-03-01 00:53:45 +01:00 · 2026-03-01 00:53:08 +01:00 · 2026-02-28 15:46:58 -08:00 · 2026-02-28 15:37:27 -08:00
10 changed files with 239 additions and 124 deletions
--- a/src/popup/index.html
+++ b/src/popup/index.html
@@ -58,24 +58,27 @@
                <h2 class="font-bold mb-2">Add Wallet</h2>

                <!-- Mode selector tabs -->
-                <div class="flex gap-1 mb-3">
+                <div
+                    class="flex border-b border-border mb-3"
+                    id="add-wallet-tabs"
+                >
                    <button
                        id="tab-mnemonic"
-                        class="border border-border px-2 py-1 cursor-pointer text-xs hover:bg-fg hover:text-bg bg-fg text-bg"
+                        class="px-3 py-1.5 cursor-pointer text-xs font-bold border border-border border-b-bg bg-bg -mb-px"
                    >
-                        Recovery Phrase
+                        From Phrase
                    </button>
                    <button
                        id="tab-privkey"
-                        class="border border-border px-2 py-1 cursor-pointer text-xs hover:bg-fg hover:text-bg"
+                        class="px-3 py-1.5 cursor-pointer text-xs text-muted border border-dashed border-border-light border-b-transparent -mb-px hover:bg-fg hover:text-bg"
                    >
-                        Private Key
+                        From Key
                    </button>
                    <button
                        id="tab-xprv"
-                        class="border border-border px-2 py-1 cursor-pointer text-xs hover:bg-fg hover:text-bg"
+                        class="px-3 py-1.5 cursor-pointer text-xs text-muted border border-dashed border-border-light border-b-transparent -mb-px hover:bg-fg hover:text-bg"
                    >
-                        Extended Key (xprv)
+                        From xprv
                    </button>
                </div>

@@ -583,15 +586,40 @@
                    <div id="confirm-fee-amount" class="text-xs"></div>
                </div>
                <div id="confirm-warnings" class="mb-2 hidden"></div>
+                <div
+                    id="confirm-recipient-warning"
+                    class="mb-2"
+                    style="visibility: hidden"
+                >
+                    <div
+                        class="border border-red-500 border-dashed p-2 text-xs font-bold text-red-500"
+                    >
+                        WARNING: The recipient address has ZERO transaction
+                        history. This may indicate a fresh or unused address.
+                        Double-check the address before sending.
+                    </div>
+                </div>
                <div
                    id="confirm-errors"
                    class="mb-2 border border-border border-dashed p-2 hidden"
                ></div>
+                <div class="mb-2">
+                    <label class="block mb-1 text-xs">Password</label>
+                    <input
+                        type="password"
+                        id="confirm-tx-password"
+                        class="border border-border p-1 w-full font-mono text-sm bg-bg text-fg"
+                    />
+                </div>
+                <div
+                    id="confirm-tx-password-error"
+                    class="text-xs mb-2 min-h-[1.25rem]"
+                ></div>
                <button
                    id="btn-confirm-send"
                    class="border border-border px-2 py-1 hover:bg-fg hover:text-bg cursor-pointer"
                >
-                    Send
+                    Sign &amp; Send
                </button>
            </div>

@@ -670,42 +698,6 @@
                </button>
            </div>

-            <!-- ============ PASSWORD MODAL ============ -->
-            <div
-                id="password-modal"
-                class="hidden fixed inset-0 bg-bg flex items-center justify-center z-50"
-            >
-                <div class="border border-border p-4 bg-bg w-80">
-                    <h2 class="font-bold mb-2">Enter Password</h2>
-                    <p class="text-xs text-muted mb-2">
-                        Your password is needed to authorize this transaction.
-                    </p>
-                    <input
-                        type="password"
-                        id="modal-password"
-                        class="border border-border p-1 w-full font-mono text-sm bg-bg text-fg mb-2"
-                    />
-                    <div
-                        id="modal-password-error"
-                        class="text-xs mb-2 border border-border border-dashed p-1 hidden"
-                    ></div>
-                    <div class="flex gap-2">
-                        <button
-                            id="btn-modal-confirm"
-                            class="border border-border px-2 py-1 hover:bg-fg hover:text-bg cursor-pointer"
-                        >
-                            Confirm
-                        </button>
-                        <button
-                            id="btn-modal-cancel"
-                            class="border border-border px-2 py-1 hover:bg-fg hover:text-bg cursor-pointer"
-                        >
-                            Cancel
-                        </button>
-                    </div>
-                </div>
-            </div>
-
            <!-- ============ RECEIVE ============ -->
            <div id="view-receive" class="view hidden">
                <button
@@ -1145,7 +1137,10 @@
                        class="border border-border p-1 w-full font-mono text-sm bg-bg text-fg"
                    />
                </div>
-                <div id="approve-tx-error" class="text-xs hidden mb-2"></div>
+                <div
+                    id="approve-tx-error"
+                    class="text-xs mb-2 border border-border border-dashed p-1 min-h-[1.25rem] hidden"
+                ></div>
                <div class="flex justify-between">
                    <button
                        id="btn-approve-tx"
@@ -1208,7 +1203,10 @@
                        class="border border-border p-1 w-full font-mono text-sm bg-bg text-fg"
                    />
                </div>
-                <div id="approve-sign-error" class="text-xs hidden mb-2"></div>
+                <div
+                    id="approve-sign-error"
+                    class="text-xs mb-2 border border-border border-dashed p-1 min-h-[1.25rem] hidden"
+                ></div>
                <div class="flex justify-between">
                    <button
                        id="btn-approve-sign"
--- a/src/popup/index.js
+++ b/src/popup/index.js
@@ -72,6 +72,7 @@ const RESTORABLE_VIEWS = new Set([
    "receive",
    "settings",
    "settings-addtoken",
+    "confirm-tx",
    "transaction",
    "success-tx",
    "error-tx",
@@ -125,6 +126,13 @@ function restoreView() {
        case "settings-addtoken":
            settingsAddToken.show();
            break;
+        case "confirm-tx":
+            if (state.viewData && state.viewData.pendingTx) {
+                confirmTx.restore();
+            } else {
+                fallbackView();
+            }
+            break;
        case "transaction":
            if (state.viewData && state.viewData.tx) {
                transactionDetail.render();
--- a/src/popup/views/addWallet.js
+++ b/src/popup/views/addWallet.js
@@ -27,8 +27,21 @@ function switchMode(mode) {
    currentMode = mode;
    for (const m of MODES) {
        $("add-wallet-section-" + m).classList.toggle("hidden", m !== mode);
-        $("tab-" + m).classList.toggle("bg-fg", m === mode);
-        $("tab-" + m).classList.toggle("text-bg", m === mode);
+        const tab = $("tab-" + m);
+        const isActive = m === mode;
+        // Active: bold, solid border on top/sides, no bottom border (connects to content)
+        tab.classList.toggle("font-bold", isActive);
+        tab.classList.toggle("border-solid", isActive);
+        tab.classList.toggle("border-border", isActive);
+        tab.classList.toggle("border-b-bg", isActive);
+        tab.classList.toggle("bg-bg", isActive);
+        // Inactive: muted text, dashed border on top/sides, transparent bottom, hover invert
+        tab.classList.toggle("text-muted", !isActive);
+        tab.classList.toggle("border-dashed", !isActive);
+        tab.classList.toggle("border-border-light", !isActive);
+        tab.classList.toggle("border-b-transparent", !isActive);
+        tab.classList.toggle("hover:bg-fg", !isActive);
+        tab.classList.toggle("hover:text-bg", !isActive);
    }
    $("add-wallet-password-hint").textContent = PASSWORD_HINTS[mode];
 }
@@ -84,18 +97,26 @@ async function importMnemonic(ctx) {
    const pw = validatePassword();
    if (!pw) return;
    const { xpub, firstAddress } = hdWalletFromMnemonic(mnemonic);
-    const duplicate = state.wallets.find(
-        (w) =>
-            w.type === "hd" &&
-            w.addresses[0] &&
-            w.addresses[0].address.toLowerCase() === firstAddress.toLowerCase(),
+    const addrDup = state.wallets.find((w) =>
+        w.addresses.some(
+            (a) => a.address.toLowerCase() === firstAddress.toLowerCase(),
+        ),
    );
-    if (duplicate) {
+    if (addrDup) {
        showFlash(
-            "This recovery phrase is already added (" + duplicate.name + ").",
+            "An address from this phrase already exists in " +
+                addrDup.name +
+                ".",
        );
        return;
    }
+    const xpubDup = state.wallets.find(
+        (w) => (w.type === "hd" || w.type === "xprv") && w.xpub === xpub,
+    );
+    if (xpubDup) {
+        showFlash("This recovery phrase matches " + xpubDup.name + ".");
+        return;
+    }
    const encrypted = await encryptWithPassword(mnemonic, pw);
    const walletNum = state.wallets.length + 1;
    const wallet = {
@@ -149,16 +170,11 @@ async function importPrivateKey(ctx) {
    }
    const pw = validatePassword();
    if (!pw) return;
-    const duplicate = state.wallets.find(
-        (w) =>
-            w.type === "key" &&
-            w.addresses[0] &&
-            w.addresses[0].address.toLowerCase() === addr.toLowerCase(),
+    const duplicate = state.wallets.find((w) =>
+        w.addresses.some((a) => a.address.toLowerCase() === addr.toLowerCase()),
    );
    if (duplicate) {
-        showFlash(
-            "This private key is already added (" + duplicate.name + ").",
-        );
+        showFlash("This address already exists in " + duplicate.name + ".");
        return;
    }
    const encrypted = await encryptWithPassword(key, pw);
@@ -195,14 +211,22 @@ async function importXprvKey(ctx) {
        return;
    }
    const { xpub, firstAddress } = result;
-    const duplicate = state.wallets.find(
-        (w) =>
-            (w.type === "hd" || w.type === "xprv") &&
-            w.addresses[0] &&
-            w.addresses[0].address.toLowerCase() === firstAddress.toLowerCase(),
+    const addrDup = state.wallets.find((w) =>
+        w.addresses.some(
+            (a) => a.address.toLowerCase() === firstAddress.toLowerCase(),
+        ),
    );
-    if (duplicate) {
-        showFlash("This key is already added (" + duplicate.name + ").");
+    if (addrDup) {
+        showFlash(
+            "An address from this key already exists in " + addrDup.name + ".",
+        );
+        return;
+    }
+    const xpubDup = state.wallets.find(
+        (w) => (w.type === "hd" || w.type === "xprv") && w.xpub === xpub,
+    );
+    if (xpubDup) {
+        showFlash("This key matches " + xpubDup.name + ".");
        return;
    }
    const pw = validatePassword();
--- a/src/popup/views/addressDetail.js
+++ b/src/popup/views/addressDetail.js
@@ -325,6 +325,9 @@ function init(_ctx) {
            $("export-privkey-flash").classList.remove("hidden");
            return;
        }
+        const btn = $("btn-export-privkey-confirm");
+        btn.disabled = true;
+        btn.classList.add("text-muted");
        const wallet = state.wallets[state.selectedWallet];
        try {
            const secret = await decryptWithPassword(
@@ -344,6 +347,9 @@ function init(_ctx) {
        } catch {
            $("export-privkey-flash").textContent = "Wrong password.";
            $("export-privkey-flash").classList.remove("hidden");
+        } finally {
+            btn.disabled = false;
+            btn.classList.remove("text-muted");
        }
    });

--- a/src/popup/views/approval.js
+++ b/src/popup/views/approval.js
@@ -4,6 +4,8 @@ const {
    addressTitle,
    escapeHtml,
    showView,
+    showError,
+    hideError,
 } = require("./helpers");
 const { state, saveState } = require("../../shared/state");
 const { formatEther, formatUnits, Interface, toUtf8String } = require("ethers");
@@ -170,6 +172,8 @@ function showTxApproval(details) {
    // If this is an ERC-20 call, try to extract the real recipient and amount
    const decoded = decodeCalldata(details.txParams.data, toAddr || "");
    if (decoded && decoded.details) {
+        let decodedTokenAddr = null;
+        let decodedTokenSymbol = null;
        for (const d of decoded.details) {
            if (d.label === "Recipient" && d.address) {
                pendingTxDetails.to = d.address;
@@ -177,10 +181,20 @@ function showTxApproval(details) {
            if (d.label === "Amount") {
                pendingTxDetails.amount = d.rawValue || d.value;
            }
+            if (d.label === "Token In" && d.isToken && d.address) {
+                const t = TOKEN_BY_ADDRESS.get(d.address.toLowerCase());
+                if (t) {
+                    decodedTokenAddr = d.address;
+                    decodedTokenSymbol = t.symbol;
+                }
+            }
        }
        if (token) {
            pendingTxDetails.token = toAddr;
            pendingTxDetails.tokenSymbol = token.symbol;
+        } else if (decodedTokenAddr) {
+            pendingTxDetails.token = decodedTokenAddr;
+            pendingTxDetails.tokenSymbol = decodedTokenSymbol;
        }
    }

@@ -254,6 +268,9 @@ function showTxApproval(details) {
        $("approve-tx-data-section").classList.add("hidden");
    }

+    $("approve-tx-password").value = "";
+    $("approve-tx-error").classList.add("hidden");
+
    showView("approve-tx");
 }

@@ -342,7 +359,7 @@ function showSignApproval(details) {
    }

    $("approve-sign-password").value = "";
-    $("approve-sign-error").classList.add("hidden");
+    hideError("approve-sign-error");
    $("btn-approve-sign").disabled = false;
    $("btn-approve-sign").classList.remove("text-muted");

@@ -407,11 +424,10 @@ function init(ctx) {
    $("btn-approve-tx").addEventListener("click", () => {
        const password = $("approve-tx-password").value;
        if (!password) {
-            $("approve-tx-error").textContent = "Please enter your password.";
-            $("approve-tx-error").classList.remove("hidden");
+            showError("approve-tx-error", "Please enter your password.");
            return;
        }
-        $("approve-tx-error").classList.add("hidden");
+        hideError("approve-tx-error");
        $("btn-approve-tx").disabled = true;
        $("btn-approve-tx").classList.add("text-muted");

@@ -447,11 +463,10 @@ function init(ctx) {
    $("btn-approve-sign").addEventListener("click", () => {
        const password = $("approve-sign-password").value;
        if (!password) {
-            $("approve-sign-error").textContent = "Please enter your password.";
-            $("approve-sign-error").classList.remove("hidden");
+            showError("approve-sign-error", "Please enter your password.");
            return;
        }
-        $("approve-sign-error").classList.add("hidden");
+        hideError("approve-sign-error");
        $("btn-approve-sign").disabled = true;
        $("btn-approve-sign").classList.add("text-muted");

@@ -469,8 +484,7 @@ function init(ctx) {
                } else {
                    const msg =
                        (response && response.error) || "Signing failed.";
-                    $("approve-sign-error").textContent = msg;
-                    $("approve-sign-error").classList.remove("hidden");
+                    showError("approve-sign-error", msg);
                    $("btn-approve-sign").disabled = false;
                    $("btn-approve-sign").classList.remove("text-muted");
                }
--- a/src/popup/views/confirmTx.js
+++ b/src/popup/views/confirmTx.js
@@ -1,6 +1,6 @@
-// Transaction confirmation view + password modal.
-// Shows transaction details, warnings, errors. On proceed, opens
-// password modal, decrypts secret, signs and broadcasts.
+// Transaction confirmation view with inline password.
+// Shows transaction details, warnings, errors. On Sign & Send,
+// reads inline password, decrypts secret, signs and broadcasts.

 const {
    parseEther,
@@ -39,6 +39,13 @@ const EXT_ICON =

 let pendingTx = null;

+function restore() {
+    const d = state.viewData;
+    if (d && d.pendingTx) {
+        show(d.pendingTx);
+    }
+}
+
 function etherscanTokenLink(address) {
    return `https://etherscan.io/token/${address}`;
 }
@@ -226,12 +233,21 @@ function show(txInfo) {
        sendBtn.classList.remove("text-muted");
    }

+    // Reset password field and error
+    $("confirm-tx-password").value = "";
+    hideError("confirm-tx-password-error");
+
    // Gas estimate — show placeholder then fetch async
    $("confirm-fee").classList.remove("hidden");
    $("confirm-fee-amount").textContent = "Estimating...";
+    state.viewData = { pendingTx: txInfo };
    showView("confirm-tx");

+    // Reset recipient warning to hidden (space always reserved, no layout shift)
+    $("confirm-recipient-warning").style.visibility = "hidden";
+
    estimateGas(txInfo);
+    checkRecipientHistory(txInfo);
 }

 async function estimateGas(txInfo) {
@@ -274,39 +290,40 @@ async function estimateGas(txInfo) {
    }
 }

-function showPasswordModal() {
-    $("modal-password").value = "";
-    hideError("modal-password-error");
-    $("password-modal").classList.remove("hidden");
-}
-
-function hidePasswordModal() {
-    $("password-modal").classList.add("hidden");
+async function checkRecipientHistory(txInfo) {
+    const el = $("confirm-recipient-warning");
+    try {
+        const provider = getProvider(state.rpcUrl);
+        // Skip warning for contract addresses — they may legitimately
+        // have zero outgoing transactions (getTransactionCount returns
+        // the nonce, i.e. sent-tx count only).
+        const code = await provider.getCode(txInfo.to);
+        if (code && code !== "0x") {
+            return;
+        }
+        const txCount = await provider.getTransactionCount(txInfo.to);
+        if (txCount === 0) {
+            el.style.visibility = "visible";
+        }
+    } catch (e) {
+        log.errorf("recipient history check failed:", e.message);
+    }
 }

 function init(ctx) {
-    $("btn-confirm-send").addEventListener("click", () => {
-        showPasswordModal();
-    });
-
-    $("btn-confirm-back").addEventListener("click", () => {
-        showView("send");
-    });
-
-    $("btn-modal-cancel").addEventListener("click", () => {
-        hidePasswordModal();
-    });
-
-    $("btn-modal-confirm").addEventListener("click", async () => {
-        const password = $("modal-password").value;
+    $("btn-confirm-send").addEventListener("click", async () => {
+        const password = $("confirm-tx-password").value;
        if (!password) {
-            showError("modal-password-error", "Please enter your password.");
+            showError(
+                "confirm-tx-password-error",
+                "Please enter your password.",
+            );
            return;
        }

        const wallet = state.wallets[state.selectedWallet];
        let decryptedSecret;
-        hideError("modal-password-error");
+        hideError("confirm-tx-password-error");

        try {
            decryptedSecret = await decryptWithPassword(
@@ -314,11 +331,12 @@ function init(ctx) {
                password,
            );
        } catch (e) {
-            showError("modal-password-error", "Wrong password.");
+            showError("confirm-tx-password-error", "Wrong password.");
            return;
        }

-        hidePasswordModal();
+        $("btn-confirm-send").disabled = true;
+        $("btn-confirm-send").classList.add("text-muted");

        let tx;
        try {
@@ -355,8 +373,15 @@ function init(ctx) {
            decryptedSecret = null;
            const hash = tx ? tx.hash : null;
            txStatus.showError(pendingTx, hash, e.shortMessage || e.message);
+        } finally {
+            $("btn-confirm-send").disabled = false;
+            $("btn-confirm-send").classList.remove("text-muted");
        }
    });
+
+    $("btn-confirm-back").addEventListener("click", () => {
+        showView("send");
+    });
 }

-module.exports = { init, show };
+module.exports = { init, show, restore };
--- a/src/popup/views/deleteWallet.js
+++ b/src/popup/views/deleteWallet.js
@@ -40,6 +40,10 @@ function init(_ctx) {
            return;
        }

+        const btn = $("btn-delete-wallet-confirm");
+        btn.disabled = true;
+        btn.classList.add("text-muted");
+
        const walletIdx = deleteWalletIndex;
        const wallet = state.wallets[walletIdx];

@@ -49,6 +53,8 @@ function init(_ctx) {
        } catch (_e) {
            $("delete-wallet-flash").textContent = "Wrong password.";
            $("delete-wallet-flash").classList.remove("hidden");
+            btn.disabled = false;
+            btn.classList.remove("text-muted");
            return;
        }

--- a/src/popup/views/transactionDetail.js
+++ b/src/popup/views/transactionDetail.js
@@ -158,8 +158,9 @@ function render() {
        loadCalldata(tx.hash, tx.to);
    }

-    $("tx-detail-time").textContent =
-        isoDate(tx.timestamp) + " (" + timeAgo(tx.timestamp) + ")";
+    const isoStr = isoDate(tx.timestamp);
+    $("tx-detail-time").innerHTML =
+        copyableHtml(isoStr) + " (" + escapeHtml(timeAgo(tx.timestamp)) + ")";
    $("tx-detail-status").textContent = tx.isError ? "Failed" : "Success";
    showView("transaction");

--- a/src/popup/views/txStatus.js
+++ b/src/popup/views/txStatus.js
@@ -43,10 +43,11 @@ function toAddressHtml(address) {
    if (title) {
        return (
            `<div class="flex items-center font-bold">${dot}${escapeHtml(title)}</div>` +
-            `<div class="break-all">${escapeHtml(address)}${extLink}</div>`
+            `<div class="break-all underline decoration-dashed cursor-pointer" data-copy="${escapeHtml(address)}">${escapeHtml(address)}</div>` +
+            extLink
        );
    }
-    return `<div class="flex items-center">${dot}<span class="break-all">${escapeHtml(address)}</span>${extLink}</div>`;
+    return `<div class="flex items-center">${dot}<span class="break-all underline decoration-dashed cursor-pointer" data-copy="${escapeHtml(address)}">${escapeHtml(address)}</span>${extLink}</div>`;
 }

 function txHashHtml(hash) {
@@ -58,6 +59,16 @@ function txHashHtml(hash) {
    );
 }

+function blockNumberHtml(blockNumber) {
+    const num = String(blockNumber);
+    const link = `https://etherscan.io/block/${num}`;
+    const extLink = `<a href="${link}" target="_blank" rel="noopener" class="inline-flex items-center">${EXT_ICON}</a>`;
+    return (
+        `<span class="underline decoration-dashed cursor-pointer" data-copy="${escapeHtml(num)}">${escapeHtml(num)}</span>` +
+        extLink
+    );
+}
+
 function attachCopyHandlers(viewId) {
    document
        .getElementById(viewId)
@@ -139,7 +150,7 @@ function etherscanTokenLink(address) {

 function decodedDetailsHtml(decoded) {
    if (!decoded || !decoded.details) return "";
-    let html = "";
+    let html = `<div class="border border-border border-dashed p-2 mb-3">`;
    if (decoded.name) {
        html += `<div class="mb-2"><div class="text-xs text-muted mb-1">Action</div>`;
        html += `<div class="font-bold">${escapeHtml(decoded.name)}</div></div>`;
@@ -164,20 +175,36 @@ function decodedDetailsHtml(decoded) {
        }
        html += `</div>`;
    }
+    html += `</div>`;
    return html;
 }

 function renderSuccess() {
    const d = state.viewData;
    if (!d || !d.hash) return;
-    $("success-tx-summary").textContent = d.amount + " " + d.symbol;
-    $("success-tx-to").innerHTML = toAddressHtml(d.to);
-    $("success-tx-block").textContent = String(d.blockNumber);
+
+    const hasDecoded = d.decoded && d.decoded.details;
+
+    // When decoded details are present, the Amount and To are already
+    // shown inside the decoded well — hide the top-level duplicates.
+    const summarySection = $("success-tx-summary").parentElement;
+    const toSection = $("success-tx-to").parentElement;
+    if (hasDecoded) {
+        summarySection.classList.add("hidden");
+        toSection.classList.add("hidden");
+    } else {
+        summarySection.classList.remove("hidden");
+        toSection.classList.remove("hidden");
+        $("success-tx-summary").textContent = d.amount + " " + d.symbol;
+        $("success-tx-to").innerHTML = toAddressHtml(d.to);
+    }
+
+    $("success-tx-block").innerHTML = blockNumberHtml(d.blockNumber);
    $("success-tx-hash").innerHTML = txHashHtml(d.hash);

    // Show decoded calldata details if present
    const decodedEl = $("success-tx-decoded");
-    if (decodedEl && d.decoded) {
+    if (decodedEl && hasDecoded) {
        decodedEl.innerHTML = decodedDetailsHtml(d.decoded);
        decodedEl.classList.remove("hidden");
    } else if (decodedEl) {
--- a/src/shared/uniswap.js
+++ b/src/shared/uniswap.js
@@ -445,12 +445,18 @@ function decode(data, toAddress) {
            const maxUint160 = BigInt(
                "0xffffffffffffffffffffffffffffffffffffffff",
            );
-            const amountStr =
-                inputAmount >= maxUint160
-                    ? "Unlimited"
-                    : formatAmount(inputAmount, inInfo.decimals) +
-                      (inSymbol ? " " + inSymbol : "");
-            details.push({ label: "Amount", value: amountStr });
+            const isUnlimited = inputAmount >= maxUint160;
+            const amountRaw = isUnlimited
+                ? "Unlimited"
+                : formatAmount(inputAmount, inInfo.decimals);
+            const amountStr = isUnlimited
+                ? "Unlimited"
+                : amountRaw + (inSymbol ? " " + inSymbol : "");
+            details.push({
+                label: "Amount",
+                value: amountStr,
+                rawValue: amountRaw,
+            });
        }

        if (outSymbol) {
Author	SHA1	Message	Date
user	cd412209a7	fix: cross-wallet duplicate address detection on import All checks were successful check / check (push) Successful in 22s Details Previously each import method (mnemonic, private key, xprv) only checked for duplicates among wallets of the same type. Now all three check the derived address against ALL existing wallet addresses regardless of type, and mnemonic/xprv imports also compare xpubs against existing HD/xprv wallets. Closes #111	2026-02-28 16:01:40 -08:00
Jeffrey Paul	09c52b2519	Merge pull request 'feat: show red warning when sending to address with zero tx history' (#98 ) from issue-82-zero-tx-warning into main All checks were successful check / check (push) Successful in 8s Details Reviewed-on: #98	2026-03-01 00:54:15 +01:00
Jeffrey Paul	1fb9fade51	Merge branch 'main' into issue-82-zero-tx-warning All checks were successful check / check (push) Successful in 22s Details	2026-03-01 00:53:45 +01:00
Jeffrey Paul	bc04482fb5	Merge pull request 'feat: add xprv wallet import support' (#53 ) from feature/import-xprv into main All checks were successful check / check (push) Successful in 8s Details Reviewed-on: #53	2026-03-01 00:53:08 +01:00
user	045328f3b9	fix: use visibility:hidden/visible instead of CSS transitions for zero-tx warning All checks were successful check / check (push) Successful in 22s Details Remove all CSS transitions, max-height changes, and opacity animations. The warning container always reserves its space with visibility:hidden and switches to visibility:visible when needed. No layout shift ever.	2026-02-28 15:46:58 -08:00
user	576fe3ab15	fix: replace visibility:hidden with smooth collapse for zero-tx warning All checks were successful check / check (push) Successful in 10s Details Instead of permanently reserving space with visibility:hidden, the warning container now uses max-height + opacity transitions. Space is reserved during the async check, then smoothly collapses to 0 if the warning isn't needed. This reclaims ~40px of popup viewport in the common case.	2026-02-28 15:37:27 -08:00
user	35bb6b9806	fix: add hover classes to all inactive tabs in switchMode() All checks were successful check / check (push) Successful in 22s Details The 'From Phrase' tab was missing hover:bg-fg and hover:text-bg classes when transitioning from active to inactive state. switchMode() now explicitly toggles these hover classes on all tabs, ensuring identical hover behavior across all three inactive tabs.	2026-02-28 15:33:26 -08:00
user	e56e15e34c	style: tabby tab styling with dashed inactive borders and hover invert - Active tab: solid border on top/sides, bottom border matches background (connects to content area), bold text - Inactive tabs: dashed borders in border-light color, muted text, transparent bottom border - Inactive hover: invert (bg-fg text-bg) for clear clickability signal - All three tabs behave identically on hover	2026-02-28 15:33:26 -08:00
user	cc69ce39ed	fix tabs: use underline tab style with hover on all tabs Tabs are not buttons (they change UI state, not application state). All tabs now use underline style with identical hover behavior: - Active: bold text + solid bottom border - Inactive: muted text + transparent bottom border - Hover (all tabs): text brightens to fg + bottom border appears This ensures all tabs clearly indicate clickability on hover, including the currently active one.	2026-02-28 15:33:26 -08:00
user	9476724284	fix tab affordance: use standard button style with border + hover invert Per README clickable affordance policy: all tabs now use visible border, padding, and hover:bg-fg hover:text-bg (invert to white-on-black). Active tab is inverted (bg-fg text-bg). All three tabs behave identically on hover regardless of active state.	2026-02-28 15:33:26 -08:00
user	9246959777	fix: tab labels add (xprv) suffix, restyle tabs as underline view switcher - Rename 'From Extended Key' to 'From Extended Key (xprv)' - Replace box-border tab style with underline indicator pattern - Active tab: bold text + solid bottom border - Inactive tabs: muted text + transparent bottom border with hover state - Tabs now clearly read as mutually-exclusive view switchers, not buttons	2026-02-28 15:33:26 -08:00
user	0f6daf3200	restyle tabs as classic tab bar with connected active tab	2026-02-28 15:33:26 -08:00
user	435669b6b6	fix: use full tab labels and add hover border for tab affordance - 'From Phrase' → 'From Recovery Phrase' - 'From Key' → 'From Private Key' - 'From xprv' → 'From Extended Key' - Add hover:border-fg to inactive tabs for visible hover affordance	2026-02-28 15:33:26 -08:00
user	f75a258125	restyle add-wallet tabs: 'From' prefix, underline tab style - Tab labels: 'From Phrase', 'From Key', 'From xprv' - Visual: bottom-border underline on active tab (not filled buttons) - Inactive tabs: muted text with hover highlight - Container: bottom border connects tabs to content area	2026-02-28 15:33:26 -08:00
user	4d120e5ea9	refactor: unify add-wallet, import-key, and import-xprv into single view Merge all three wallet import methods (recovery phrase, private key, extended key/xprv) into one tabbed add-wallet view with a mode selector. This fixes the blank import-xprv render (it was missing from the VIEWS array) and the broken back-button navigation from the separate import views. - Add tab selector: Recovery Phrase \| Private Key \| Extended Key (xprv) - Share password fields across all modes - Remove separate import-key and import-xprv views and modules - Add duplicate wallet detection for private key imports - All tabs follow affordance policy (visible border + hover state) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 15:33:26 -08:00
user	57959b70c3	fix: derive xprv addresses from correct BIP44 path (m/44'/60'/0'/0) hdWalletFromXprv() and getSignerForAddress() for xprv type were deriving addresses directly from the root key (m/N) instead of the standard BIP44 Ethereum path (m/44'/60'/0'/0/N). This caused imported xprv wallets to generate completely wrong addresses. Navigate to the BIP44 Ethereum derivation path before deriving child addresses, matching the behavior of mnemonic-based wallet imports.	2026-02-28 15:33:26 -08:00
user	7a7f9c5135	feat: add xprv wallet import support Add the ability to import an existing HD wallet using an extended private key (xprv) instead of a mnemonic phrase. - New 'xprv' wallet type with full HD derivation and address scanning - New importXprv view with password encryption - Updated getSignerForAddress to handle xprv wallet type - Added xprv link to the add-wallet view - Allow adding derived addresses for xprv wallets Closes #20	2026-02-28 15:33:26 -08:00
user	8c071ae508	fix: never collapse warning container — always reserve space to prevent layout shift All checks were successful check / check (push) Successful in 10s Details Replace display:none with persistent visibility:hidden so the warning area occupies the same vertical space regardless of API result. This eliminates the layout shift that occurred when the container was collapsed after the recipient history check returned.	2026-02-28 15:26:49 -08:00
user	a3c2b8227a	fix: zero-tx warning layout shift and contract address false positive - Reserve space for the warning upfront using visibility:hidden instead of display:none, preventing layout shift per README policy - Move warning HTML to index.html as a static element rather than injecting dynamically - Skip warning for contract addresses (check getCode first) since getTransactionCount only returns outgoing tx nonce - Collapse reserved space when warning is not needed (address has history, is a contract, or on RPC error)	2026-02-28 15:26:44 -08:00
user	f9f3e7b85a	feat: show red warning when sending to address with zero tx history On the confirm-tx view, asynchronously check the recipient address transaction count via getTransactionCount(). If zero, display a prominent red warning advising the user to double-check the address. Closes #82	2026-02-28 15:26:44 -08:00
Jeffrey Paul	812fc01a98	Merge pull request 'feat: add etherscan link and click-to-copy on block number in success-tx view' (#102 ) from issue-99-block-number-link into main All checks were successful check / check (push) Successful in 10s Details Reviewed-on: #102	2026-03-01 00:23:07 +01:00
user	811c125cb9	fix: remove click-to-copy from timestamps in list views All checks were successful check / check (push) Successful in 22s Details List view rows (home, addressDetail, addressToken) should only be clickable as a whole to navigate to the detail view. Click-to-copy on individual elements belongs only in the transaction detail view. Reverts timestamp click-to-copy changes in list views per review feedback. Keeps blockNumberHtml() and detail-view timestamp changes.	2026-02-28 15:21:13 -08:00
user	3005813f2c	feat: add click-to-copy on timestamps in all transaction list views All checks were successful check / check (push) Successful in 9s Details Adds click-to-copy (copies ISO date string) to timestamp displays in: - home view (relative time ago) - addressDetail view (relative time ago) - addressToken view (relative time ago) - transactionDetail view (full ISO date) All timestamps now show dashed underline to indicate copyability, matching the existing UX pattern for addresses, tx hashes, and block numbers.	2026-02-28 14:40:11 -08:00
user	5565e76796	feat: add etherscan link and click-to-copy on block number in success-tx view All checks were successful check / check (push) Successful in 22s Details Block numbers are blockchain entities like addresses and tx hashes. They now receive the same treatment: click-to-copy and an external link icon pointing to etherscan.io/block/{number}. Closes #99	2026-02-28 14:09:23 -08:00
Jeffrey Paul	dc8ec7d28f	Merge pull request 'fix: make success-tx addresses clickable, fix USDT ETH bug, nest decoded details (closes #80 )' (#94 ) from fix/issue-80-success-tx-display into main All checks were successful check / check (push) Successful in 10s Details Reviewed-on: #94	2026-02-28 22:57:37 +01:00
user	2fbed343db	fix: make success-tx addresses clickable, fix USDT ETH bug, nest decoded details (closes #80 ) All checks were successful check / check (push) Successful in 22s Details - Add underline + click-to-copy (data-copy) to addresses in toAddressHtml() so they match the style used everywhere else in the extension - Fix 'USDT ETH' display: add rawValue to Uniswap decoder Amount details and extract Token In info for proper symbol resolution in approval.js - Hide redundant top-level Amount/To when decoded details are present (they already show the same info inside the decoded section) - Wrap decoded calldata details in a bordered well for visual separation	2026-02-28 13:36:19 -08:00
Jeffrey Paul	699e080e3e	Merge pull request 'fix: replace confirm-tx password modal with inline field (closes #78 )' (#83 ) from fix/issue-78-inline-password into main All checks were successful check / check (push) Successful in 8s Details Reviewed-on: #83	2026-02-28 22:28:18 +01:00
user	8f2bf9618e	fix: replace confirm-tx password modal with inline field (closes #78 ) All checks were successful check / check (push) Successful in 22s Details Replace the modal overlay password dialog in the confirm-tx view with an inline password field, matching the pattern used by approve-tx and approve-sign views for consistency. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-28 22:27:49 +01:00
Jeffrey Paul	069981baa0	Merge pull request 'fix: disable export-privkey and delete-wallet buttons during async processing' (#89 ) from fix/issue-86-disable-buttons-during-async into main All checks were successful check / check (push) Successful in 22s Details Reviewed-on: #89	2026-02-28 22:27:27 +01:00
clawbot	886cd38a9b	fix: disable export-privkey and delete-wallet buttons during async processing All checks were successful check / check (push) Successful in 9s Details Closes #86	2026-02-28 22:27:09 +01:00
Jeffrey Paul	438d915f73	Merge pull request 'persist confirm-tx view across popup close/reopen (closes #77 )' (#79 ) from fix/issue-77-confirm-tx-persist into main All checks were successful check / check (push) Successful in 8s Details Reviewed-on: #79	2026-02-28 22:26:39 +01:00
user	78f961f416	persist confirm-tx view across popup close/reopen (closes #77 ) All checks were successful check / check (push) Successful in 23s Details Add confirm-tx to RESTORABLE_VIEWS and save pendingTx in state.viewData so the confirmation screen survives the popup lifecycle. On restore, re-render the full confirmation view including gas estimate.	2026-02-28 22:26:07 +01:00
Jeffrey Paul	6a214f1c58	Merge pull request 'fix: approve-tx/approve-sign error divs consistency with confirm-tx' (#92 ) from fix/84-approve-error-div-consistency into main All checks were successful check / check (push) Successful in 22s Details Reviewed-on: #92	2026-02-28 22:25:37 +01:00
Jeffrey Paul	ad2ce3d8ff	Merge branch 'main' into fix/84-approve-error-div-consistency All checks were successful check / check (push) Successful in 8s Details	2026-02-28 22:25:21 +01:00
Jeffrey Paul	b826279d8f	Merge pull request 'fix: clear password field and error in showTxApproval' (#91 ) from fix/issue-85-clear-approve-tx-password into main All checks were successful check / check (push) Successful in 9s Details Reviewed-on: #91	2026-02-28 22:24:55 +01:00
user	20ced62e1a	fix: approve-tx/approve-sign error divs consistency with confirm-tx All checks were successful check / check (push) Successful in 22s Details Add min-h-[1.25rem] and border styling to approve-tx-error and approve-sign-error divs to prevent layout shift, matching the pattern used by modal-password-error in confirm-tx view. Replace direct DOM classList manipulation with showError()/hideError() helpers from helpers.js for consistency. Closes #84	2026-02-28 13:13:23 -08:00
user	9b69a60cca	fix: clear password field and error in showTxApproval All checks were successful check / check (push) Successful in 22s Details Clears #approve-tx-password value and hides #approve-tx-error when the transaction approval view is shown, matching the pattern used in showSignApproval and confirmTx.show. Closes #85	2026-02-28 13:10:17 -08:00