For those unaware, MetaMask has been preparing a privacy feature update for a while now. The privacy feature will basically protect users’ accounts from malicious decentralized applications. The way it will work is, users’ MetaMask accounts will not be exposed to DApps by default but rather, DApps will have to ask for permission from the user to get access to their accounts.
For more info about how this new privacy feature works, refer to this blog post. That being said, we have already adapted TokenGen to this new feature and in this article, we will show you how the login process has evolved as a result of that.
The New MetaMask Privacy Feature
Before we go over the new TokenGen login process, there’s a couple of things that we need to mention, regarding the new MetaMask privacy feature. First of all, the new feature will not be enabled by default. This is done to ensure that no DApps are broken with this update. The way you enable it is by opening the Settings menu and then enabling the Privacy Mode:
Once enabled, your MetaMask accounts’ public keys will not be exposed by default to DApps out there. If disabled, everything will work as it did before the update. Another thing to mention here is the Clear Privacy Data button.
Once you give permission to a decentralized application to have access to your accounts, it is remembered by MetaMask. If you, for whatever reason, later decide that you want to revoke all permissions, you can use the Clear Privacy Data button. It will clear your MetaMask approved DApps so they will have to once again ask for your permission to get access to your accounts.
The New TokenGen Login Process
First of all, if you have not enabled the Privacy Mode in MetaMask, the login process is pretty much identical to the one before the 3.6 update. But, if you have enabled it, here’s what it will look like.
Thus far, the TokenGen login process involved the simple action of clicking on a Login button and then signing a short message with your default MetaMask account. After TokenGen 3.6, the login process is still that simple, but now involves one more button, which is Connect:
Via this button, users will be prompted to give access to their accounts, thus allowing TokenGen to function properly. Just to clarify here, giving access to the accounts means that, only the public keys are exposed, just like before the privacy feature was introduced. Once users click on the Connect button, a MetaMask window will open where they can confirm the access request:
Once TokenGen connects to MetaMask, the login process basically becomes the old story:
You just click the Login button, sign the generated unique message, and you are able to use TokenGen after that. Now, there are a few things that we need to mention regarding the new MetaMask privacy feature.
Naturally, the MetaMask team are trying not to break applications out there by enforcing the Privacy Mode by default. Thus, not many things should change with this update. We just wanted to let the community know that TokenGen is already adapted to it and will work even if you decided to enable the Privacy feature. However, you should be careful because there might be some DApps out there that have not yet implemented support for this new MetaMask feature and might not work properly if you enable the Privacy Mode.