Bug description

The From field, if you set a date and there is a tx in that date it will show it in the results, but the To field will ignore them

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Rinkeby

Steps to reproduce

1. Go to this safe https://web-core.pages.dev/rin:0x9913B9180C20C6b0F21B6480c84422F6ebc4B808/transactions
2. Filter by Incomming From 1/8/2022 and To 24/8/2022. Tx on the 23rd and 19th should show up
3. Now filter by 23/8/2022. The tx on the 23rd is not shown
4. Try again with 19/8/2022. Now the tx on the 19th is not shown

Expected result

The To should also include results from that day, the same as the From field is doing.

Screenshots

• Update selectors @franco Venica
  • Dashboard
  • Address book
  • Load safe
  • Balances
  • Tx history

EDITED:
- [ ] Tx modal This one requires walletConnect
- [ ] Landing (Test the cookie banner)

What is the feature about

Right now the UI only allows connecting to a hardware wallet directly when interacting with the Ethereum Main Chain. It should allow this on all chains however.

The list of requirements

When changing to another chain, Trezor is still natively integrated.

Overview

Add read logic for Safe Apps

Requirements

• Receiving messages from the SDK
• Responding to READ messages from the SDK

Designs

Links

• 5afe/safe-react#4044

Bug description

NOTE: This issue was already present in safe-react. I'll report it again just for the record

Issue: When searching for outgoing > amount, the only results will search for the native network token (ETH for rinkeby, GNO fro gnosis...)

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Ethereum mainnet

Steps to reproduce

1. Go to web-core.pages.dev/rin:0x9913B9180C20C6b0F21B6480c84422F6ebc4B808/transactions (rinkeby)
2. Search for Outgoing > Amount = 1

Expected result

The results are only tx in ETH

Obtained result

Results should also include the other tokens (in this safe in particular there are DAI and BAT tx with a 1)

Screenshots

Bug description

If a transaction is fully signed or only the current owner's signature is missing we do not need and should not overwrite the safe's threshold and pass the manual selected or estimated gas limit.

Reason: The number of signatures matters for the transactions gas limit. If the tx will only check 1 signature instead of n>1 signatures it can occur that a successfully simulated tx reverts when being executed.

Steps to reproduce

1. Create a new ERC20 transfer
2. Go to review step
3. change the gas limit to 21000 (minimum)
4. click simulate
5. Observe simulation success
6. try to execute with that gas limit
7. Observe error: Your transaction was unsuccessful. [ethjs-query] while formatting outputs from RPC '{"value":{"code":-32000,"message":"intrinsic gas too low"}}'

Expected result

The simulation should fail with "out of gas"

Obtained result

The simulation always uses 30 million gas as limit and always succeeds.

Overview

Update (19.12.22): There are reports of Ledger devices having low estimations. It seems as though gas prices are set too low and that transactions aren't making it into the mempool.

We need to investigate whether:

• estimations are correct
• hardware wallets can estimate themselves
• we disable them for hardware wallets

It seems that is not possible to set the Gas Price value if you are using directly a Ledger device. (see this ticket for more details)

As an Improvement we can detect that the current owner is a Trezor or a Ledger device and disable the edit option or the Max fee per gas input.

Designs

Links

Issue: 5afe/safe-react#3222

Overview

Large amounts on the review modal can be confusing. As such, we should add thousand separators.

Requirements

Format token amount in review modal header.

Screenshot

Bug description

This list was taken from the Analytics > events folder in the web core repo and are the tracks that have issues (missing or dubious).
Anything in the code that had a comment of "not implemented" in any way was skipped

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: rinkeby
• Env: https://web-core.pages.dev/

Steps to reproduce

1. Make sure to have the Analytics checkbox marked in preferences

Obtained result

Address book:
Import (button above the table)
Import (The submit button once you loaded)
These 2 buttons have the same track event, except from the button on top of the table has a undefined eventLabel and the other actually has it defined.

• Assets:
  Differing Tokens: I couldn't find this trigger, is it sent in another action? there is no comment in the code

• Create safe form:
  The "Continue" and "Back" button trigger the same event as the modals like "Send funds" with the "Category: 'modals'". Is this correct? This is also for the Load safe form

The Create safe, once is done, trigger 3 events that look exaclty the same

"Get Started" and "go to safe" are events in the code, but they are not used because after the safe is created it goes straight to the safe, there is no more "get started" button

• Modals:

• Opening the "Adv parameters" display triggers an event, so I assume there should be one for Transaction Details". (fixed in #474)

• Overview:
  Home (the top left icon) triggers the "Welcome home" event, but that logo no longer takes to the welcome page at all.

• Settings:
  In the code there is "Owner" and "Treshold" events that don't have a trigger because there is no longer "owners" and "treshold" in the submenu button in settings.

Description

When Ledger wallet connection fails for the first time, error message will be present when trying to reconnect the wallet for a second time

Environment

• Browser: Any
• Wallet: Ledger
• Safe: 0xfBa7Dd7914673e119708AC79a791feA309DEF7E0 (any will do)
• Environment: production (rinkeby)

Steps to reproduce

1. Connect a ledger wallet
2. Set an invalid path to force connection failure (see attached screenshot for reference)
3. Close or dismiss the pop up
4. Re-initiate ledger wallet connection

Expected result

Reference to previous wallet connection failure should not be there.

Obtained result

Pop up is opened in the same point the user closed it the previous time which can be confusing.

Screenshots

Bug description

This is a validation that was already done in safe-react. The "From" value should always be lower than the "To" value

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Ethereum mainnet

Steps to reproduce

1. Go to any safe, transaction history
2. Input in "From" any date
3. Input in the "To" a date lower than From

Expected result

The inputs "To" and "From" should highlight that the dates are wrong (from should be lower than to). The Apply button should be grayed out until those dates are fixed

Obtained result

You can filter normally

Screenshots

I hope you understand that publishing hashes on Github offers very weak assurances of the authenticity of the software. please create a release signing PGP key controlled by your main developers and sign the files you release.

What is the tech debt about

Removing duplicated code in the AppCard

The list of requirements

Extract pin, delete, and share buttons with a logo to separate components (they can be defined in the same file)

Description

If you have a transaction with the refundReceiver argument, it will not be passed to the tenderly simulation and instead use zero address refundReceiver, which results in a different tx hash generated in the simulation and, therefore GS026 error

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Rinkeby

Steps to reproduce

1. Create a transaction with refundReceiver with core SDK
2. Send it to the interface
3. Try to simulate it

Expected result

Transaction executes

Obtained result

GS026

More details in slack

Overview

We'd like to change the logo that is received when connecting the web app because it is not visible in dark mode.

Requirements

Please use the logo from here: safe-global/safe-ios#2606 (comment)

Links

safe-global/safe-ios#2606

Known issues:

• Batched transaction currently only work on the first queue page
• Transactions with the same nonce are not grouped across tx pages

This is due to how we load and render tx pages as separate components. We would have to accumulate paginated txns in a flat list instead. Since the described issues are an edge case, we prefer the current solution for simplicity.

The same issue for the wallets connected via WC:
Steps:

1. open Metamask on the mobile device
2. connect Metamask to the safe via WC
3. try to sign tx
   Current result: The error appears, and signing is not possible

Bug description

If a newly created transaction is being simulated it currently fails with an GS020 error because no signatures are provided.
This is caused because we only add prevalidated Signatures if the transaction is not executable.

Example simulation:
https://dashboard.tenderly.co/public/safe/safe-apps/simulator/8de7a235-e340-4acb-a8be-eb3613ad16c1?trace=0.0.1.0.0

Environment

Does not matter

Steps to reproduce

1. Open a 1/n safe
2. create any new transaction
3. try to simulate it

Expected result

No error during simulation.

Obtained result

GS020 Error

Screenshots

See tenderly link in description for example

Overview

Migrate bookmark and Safe Apps search to the new codebase.

Requirements

• Search in the Safe Apps list
• Pin Safe App as favourite
• Adapt to new Safe Apps list design, provided in desings section

Designs

https://www.figma.com/file/qfg41YAO8mLqphHl2Pbp4C/Apps-Main?node-id=1223%3A2694

Links

• 5afe/safe-react#4044

Bug description

I filter by "incomming" and only set the "From" field. Is expected that every tx shown is from that date forward.
Is bringing dates from before that date

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Rinkeby
• Env: https://web-core.pages.dev/rin:0x9913B9180C20C6b0F21B6480c84422F6ebc4B808/transactions/history

Steps to reproduce

1. Go to this safe https://web-core.pages.dev/rin:0x9913B9180C20C6b0F21B6480c84422F6ebc4B808/transactions/history
2. Filter in the history tab by "incomming" and in the From input set the Aug 30 2022

Expected result

Show only tx of receive tokens from Aug 30 2022 forward

Obtained result

I see results from 2021

Screenshots

What is the feature about

Currently Safe Apps can't create a transaction in the new codebase. Add implementation to enable sign/execute transaction

The list of requirements

Designs/sketches

Links

5afe/safe-react#4044

What is the feature about

Safe Mobile wallet pairing improvements.

The list of requirements

Now we have a separate WC connector and module, we should only interface with the connector events until the wallet is connected, e.g.

• 'connect' connects wallet to module
• 'disconnect' creates a new session
• 'display_uri' updates URI

The current workaround relies on a manual refresh of the WC session. The following needs to be either removed or updated:

• PairingDetails should not attach a listener to the connector. We should remove the manual refresh workaround from the QR code.
• If the hasInitialized flag is required, we should set it to true after connectWallet is called instead of a subscription.

Description

Seems like ENS name resolution only works on miannet. I tried to use an ENS name in Polygon and GBC safes and it didn't resolve the address, but it worked fine on a safe in mainnet.

Overview

Add the frame view for Safe Apps in the new codebase

Requirements

• App frame to load the Safe App

Designs

Links

• 5afe/safe-react#4044

Overview

In the product sync we have decided to add Tally Ho as a wallet option. In terms of further maintenance & support we limit our focus on the most used wallet options.

Requirements

• Install onboard module

What is the feature about

Migrate the transaction list review feature for Safe Apps

The list of requirements

• Show transaction list
• Allow to use the transaction list without leaving the Safe App

Designs/sketches

Links

Old epic ticket 5afe/safe-react#3940
Current epic 5afe/safe-react#4044

Bug description

When switching to a network it should take the user to the last visited safe of that network

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any
• Env: https://web-core.pages.dev/

Steps to reproduce

1. Load a safe in any network (rinkeby for example)
2. Go to any other network, you are taken to the welcome page
3. Switch back to rinkeby

Expected result

It takes you to the "last seen" safe

Obtained result

It keeps you in the welcome page

Screenshots

Bug description

Setting a date in the From or To input will show as 1 day earlier after filtering.

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Rinkeby

Steps to reproduce

1. Go to any safe, history tab
2. Set the From or To field (or both) to any date, like 20/8/2022 and filter
3. Open the filter again and see the dates saved

Expected result

The dates are the ones that you filtered before

Obtained result

Both dates are 1 day earlier, in this case it would be 19/8/2022
Note that the filter works fine (it will search taking in account the date used for filter, 20/8/2022 in this case). the issue is just the date it shows after filtering

Screenshots

Bug description

There is a trashcan Icon in several places in the app, but in the modules section the trash Icon is too small

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any
• Env: https://web-core.pages.dev/

Steps to reproduce

1. Go to a safe with a module enabled (if you don't have any create a spending limit for an owner)
2. Visit the Settings module with an owner of the safe
3. See the trash can icon in the enabled modules table

Expected result

The trash can icon should be as big as the ones in other sections, like Address book

Obtained result

The icon is too small

Screenshots

Compare:

Description

WalletConnect connections ("Connect to Web" on Mobile) are not removed after more than 24h of inactivity

Environment

• Browser: Chrome
• Wallet: Gnosis Safe Mobile
• Chain: Rinkeby

Steps to reproduce

1. On the iOS mobile app: Settings -> Connect to Web -> Scan Code
2. Scan "Connect to Mobile" on the web app
3. Wait 24 hours (or adjust the expiry date on mobile) and make sure the mobile app is not able to tell the web app to drop the connection (use flight mode)
4. Make sure connection is not available on mobile anymore
5. Open web app

Expected result

Expected behavior: The connection should not be available anymore on web. At least it should be terminated, when it cannot be used

Obtained result

Observed behavior: The webapp tells me to sign the tx, but the mobile phone never gets the message (because the connection has been dropped on mobile.

This can happen weeks after the connection was established. When at least after 24h it should be expired.

Screenshots

Bug description

For the dark mode the pink is too bright, and the text should be black.

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any

Steps to reproduce

1. Go to any safe with at least 2 owners
2. Try to remove one and reach the review step

Expected result

I'd let the designer to decide, but Id tone down the pink and make the text black

Obtained result

For comparison this is how it looks in the regular mode:

Bug description

Clicking the "Copy Address with chain prefix" checkbox doesn't disables it.

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any

Steps to reproduce

1. Go to settings Appearance
2. Click the "Copy address with..." checkbox

Expected result

Enables/disables by clicking it

Obtained result

Cannot be disabled

Screenshots

What is the feature about

Add the security recommendations steps to the new codebase

The list of requirements

• Add all the security steps and checks

Designs/sketches

Links

Old epic ticket 5afe/safe-react#3945
Current epic 5afe/safe-react#4044

Bug description

This only happens with newly created safes.
When you try to create a rejection of a tx, the review step cannot get the nonce for if, gets stuck there
There are no errors in the console or in the network tab

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any

Steps to reproduce

1. Create a new safe
2. Create a tx to add a new owner, do not execute it (it can be any tx, but with this you don't need to send funds to the new safe)
3. Go to the queue and try to reject the tx

Expected result

The review step shows the data and you submit the tx

Obtained result

The review step shows "Signing the tx with the nonce ". That blank is supposed to be the same nonce as the tx is trying to reject, but it cannot fetch it

Screenshots

Overview

When signing, the safeTxHash is not displayed and it is therefore not possible to verify the validity of it. Currently, you would either have to calculate it yourself or call getTransactionHash directly from the contract. Therefore, it would be beneficial to display it in the UI when requesting a signature.

Notes

• Although it would be nice to display this in the transaction list and used from there as reference, immediately executed transactions do not appear there.
• This is helpful for hardware wallets/wallets which do not support the signing of typed data.

Requirements

• Emit safeTxHash from TxSender alongisde a signature request.
• Display it in the UI (likely in the "Please sign the transaction" notification.
• Show the hash in bold if possible

Designs

Preliminary mock, awaiting final design from @liliiaorlenko

Links

• Post initial implementation discussion thread

What is the feature about

Add the share Safe App button and landing page

The list of requirements

• Add share Safe App button
• Add landing page with same elements as the old codebase

Designs/sketches

Figma designs

Links

Epic from old codebase safe-global/safe-react-apps#414
Current epic 5afe/safe-react#4044

Bug description

If you connect, reload the page, disconnect and try to reconect, the QR code shown tries to connect you in the ETH mainnet QR code

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: rinkeby

Steps to reproduce

1. Go to the page in rinkeby
2. Connect with the QR code
3. Refresh the page
4. Disconnect
5. Try to connect again

Expected result

It connects to rinkeby

Obtained result

The mobile pairing fails in the phone.
If you quit the application while is trying to pair and enter again you will see that the phone registers that is trying to connect to the app in ETH mainnet

Screenshots

The QR code for rinkeby, shown as soon as you change to that network:

Once you reload, disconnect and try to connect again, this is the QR code shown:

Bug description

Just clicking the button crashes the page.
Tried with new safes and old safes, with 1/x and 2/x policies, so it seems is any safe

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: rinkeby

Steps to reproduce

1. Go to a safe you own
2. Create 2 tx that can be executed
3. Have them fully sign
4. Click the "Batch transaction" button

Expected result

A modal pops up with the tx listed

Obtained result

The page crashes imediately. It shows an error of "Invalid safe version"

Screenshots

Reject popup: Stepper was proposed after user tests to explain where the user is in the process and when to pay gas.

Links

• Figma mockup

Bug description

Tried to create safes, create new tx and execute batch tx that were already there for execution, in all cases it was impossible to sign tx
I group all these in the same ticket because I think they have the same origin.

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Rinkeby

For safe creation
Whenever you try to sign the safe creation it fails right away. Nothing pops in your phone app.

For tx creation:
In a safe 2/x try to create a tx of any kind.
The result is that the nonce is never shown in the review step and you cannot submit the tx

For batch tx:
Have already 2 tx ready to be executed and execute in batch. This tx can be submitted.
The result is that nothing pops in your phone and the txs get stuck in a "submitting" status

Overview

Enhance the adaptability of the Safe interface to just wrap some of its elements to enable more screen space for the Safe App. This will make the Safe App to look as it's not used inside of a Safe until transaction time

Roadmap Epic:
https://www.notion.so/gnosis-safe/Safe-Apps-can-only-be-seen-inside-a-limited-frame-50cf3eb424a44599917d8f6ae827d988

We were proposing two solutions. The most voted one was to only remove the sidebar and keep the topbar with some minimum elements to make the user aware that they are still in the Safe and to allow manage the signers if needed.

Requirements

• Make the sidebar collapsable when entering a Safe App
• Decide the best UX to allow users to navigate back to the Safe
• Pop-up transaction modal still with Safe App open
• Show transaction queue with Safe App open if something is pending to be signed
• Mobile view behavior should be consistent

Designs

We need to get feedback from Lila on which elements she thinks in terms of UX that are needed in the topbar and if we should incorporate some new or not.

Also would be good to align with Lila to know whether we should open the sidebar somehow or navigate to the main screen from the topbar.

Links

Overview

Improving the drop-off rate during safe creation by implementing the new design

Tasks

• Build a stepper component to manage the form screens #931
• Build a component for the info widget #927
• Build a component for the overview widget #928
• Build a component for the status screens #932
• Implement redesign for the status screens #994
• Implement redesign Network + Name step #961
• Implement redesign Owner step #962
• Implement redesign Review step #963
• Implement redesign Connect Wallet step #1003
• Layout #995
• Implement Overview/Info Widget display logic #996
• Handle wallet connection #1080
• A/B testing: #968

How to test

• Open the new route /new-safe/create
• Click through the steps and compare to the Figma designs
• Check that the requirements of each subtask is met

Links

Problem statement: safe-global/safe-pm#82
Notion: https://www.notion.so/gnosis-safe/Safe-Creation-7ec069306e8c4101bffd7c17299eec53
Figma: https://www.figma.com/file/ptTs6lDBeUuLNySroJ5PiF/Web-Master-File?node-id=51%3A5661
Analytics: https://analytics.google.com/analytics/web/#/analysis/p308247657/edit/h41dtVeqQ0icP3o_O_Cx-g

Overview

We want to build a solution which has a strong security by default to protect inexperienced users.

Default token lists which contain well-known, verified token addresses.

• By default we will only display a list of curated default tokens.
• Transparent curation process
  • For curating these we will use official token lists where possible (e.g. Polygon, Optimism)
  • And selected sources for networks without official lists
• The UI offers a way to toggle between showing all tokens / only default tokens
• The selected list will have an effect on the total balance / displayed tokens in our UI. It will not have an effect on the transaction history.

Issues / Requirements

Web

• Toggle between default and all tokens #1549

Infra

• Sync default token lists: safe-global/safe-transaction-service#1281

Mobile

• Toggle between default and all tokens safe-global/safe-ios#2885

Designs

https://www.figma.com/file/ZKWJPH1MjJIyUDTHYD3kk8/Default-token-lists?node-id=2%3A26&t=bKTHJUzmMmfe6jLa-0

Links

Problem Statement

Bug description

When you choose “Spending limit transaction” and click “Max” it fills the Amount field with the max value the spending limit allows, not the max amount of the asset in the safe

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: Any
• Env: https://web-core.pages.dev/

Steps to reproduce

1. Go to a safe with assets
2. Create a spending limit for a owner, which is more than the amount of assets that safe has of that particular token
3. Login with the owner and use send funds
4. Chose the token, click the spending limit radiobutton and click "Max" in the amount field

Expected result

It shows in the amount the max of that assets in the safe

Obtained result

It copies the limit allowed by the spending limit

Screenshots

What is the feature about

Add Status so I can connect from my Status Browser to the Safe.
Weird thing I found: when i select Metamask when in Status Browser, Safe knows im in Status because it says so in the copy.
So we're halfway there in implementing :)

The list of requirements

Add an icon or automatically detect I'm already in the Status browser.

Designs/sketches

Add Status logo here

Links

https://status.im/img/logo.svg

Description

On-chain confirmations (aka approveHash) are not proposing. Although WC seems to work fine, this occured with an Argent wallet.

Environment

• Wallet: Argent
• Chain: Mainnet

Expected result

On-chain confirmation proposes.

Obtained result

On-chain confirmation did not propose.

Link

• Confirmation transaction

Bug description

This was working fine not long ago. When you hover the Execute Batch button the tx that will be executed should highlight in green, that is not happening anymore

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: any

Steps to reproduce

1. Go to a safe and have 2 tx ready to execute
2. Queue the rejection of one of those tx (do not execute the rejection, just have it ready for execution)
3. Hover the Execute batch button

Expected result

The Rejection and the other tx should be highlighted (since it hightligts the last tx created of a particular nonce)

Obtained result

No tx is being highlighted

Screenshots

What is the feature about

Removing reliance on a third-party to load GTM.

We are currently loading/interfacing with GTM via react-gtm-module but due to security concerns, we should load gtm.js and interface with it directly instead.

The list of requirements

• Remove react-gtm-module
• Load gtm.js and intialise GTM environment
• Integrate direct interfacing in trackEvent

Links

• Slack thread
• KyberSwap exploit
• react-gtm-module
• GTM installation guide
• Example implementation
• Use GTM with CSPs

Bug description

Just clicking on the Update button makes the page crash and says the 1.0.0 is not a valid version

Environment

• Browser: Chrome
• Wallet: MetaMask
• Chain: rinkeby

Steps to reproduce

1. Go to a safe 1.0.0
2. Click the upgrade button

Expected result

The popUp to review the tx shows up

Obtained result

Page crashes

Screenshots

Overview

The transaction builder has overtaken the contract interaction feature in UX and feature-depth with all its latest updates and since we do not want to maintain both in the future, it is time to sunset the contract interaction feature.

Requirements

• link button to the transaction builder Safe App instead of opening the contract interaction module

Designs

• design: replace <> symbol with transaction builder logo @liliiaorlenko wdyt?

Links