Skip to content

Releases: AmbireTech/ambire-common

v2.101.3

Choose a tag to compare

@superKalo superKalo released this 22 Jun 09:36
cb615c3

Changelog:

  • Fixed: Some Safe EIP-712 messages were not relayed to safe global because 1) bigint serialization and 2) only the EIP-712 message were being passed instead of the whole content #2498

Full Changelog: v2.101.2...v2.101.3

v2.102.0

Choose a tag to compare

@superKalo superKalo released this 18 Jun 09:03
eec2c2f

Changelog:

  • Added: Safeguards for extreme gas fees and excessive swap losses #2419
    • Adds warning thresholds for gas fees above 20 GWEI on mainnet or $10 on other chains, and for swap losses above $10k.
    • Introduces severity levels (elevated / extreme) so the UI can present proportionate warnings before signing.
  • Added: Persistent default fee token preference across sessions #2454
    • Introduces SignAccountOpPreferenceController to load and persist the user's preferred fee token once, shared across SignAccountOp, Transfer, and SwapAndBridge flows.
    • Previously preference was reset on each new controller instance; now it survives navigation and app restarts.
  • Added: Suspicious dApp hosting platform detection #2457
    • Detects when a dApp is served from a shared hosting platform (Google Sites, Vercel, etc.) commonly exploited for phishing because the parent domain bypasses most phishing filters.
    • Introduces a new SUSPICIOUS_HOSTING status visible in signing screens, covering both direct hosting and iframe-embedded tab contexts.
  • Changed: Switch internal AI code review model to kimi nitro for improved reliability #2468
  • Changed: Configure AI general code review to run with Sonnet via --sonnet flag #2469
  • Changed: Replace error toast with a soft gas fee confirmation when fees auto-update during broadcast #2464
    • When a transaction is rejected due to an outdated fee estimate and the wallet silently re-estimates, the user now sees a soft confirmation prompt instead of a red error toast.
    • Adds gasFeeChangedConfirmationRequired flag and dismissGasFeeChangedConfirmation() method on SignAccountOpController.
  • Changed: Batch ENS reverse lookups using deployless multicall #2465
    • Reduces ENS reverse-lookup requests from up to 240 down to 5 per session, significantly speeding up address display when many contacts or tokens have associated ENS names.
  • Changed: Restrict AI review workflow to run only for repository members #2480
  • Changed: Default the Swap & Bridge receive network to the same chain as the auto-selected from token when opened from the Dashboard #2485
  • Changed: Defer relayer network refresh off the initial load path #2483
    • NetworksController now seeds from storage and resolves immediately, then refreshes from the relayer in the background — removing a potential 5s blocking fetch from the startup critical path.
    • Adds areNetworksFetchingFromRelayer flag so the UI can show a loading state for balances while the sync is in flight.
  • Changed: Update AGENTS.md guidelines and lint the project #2493
  • Fixed: SignMessage dApp verification banner state not propagating on update #2479

Full Changelog: v2.101.2...v2.102.0

v2.101.2

Choose a tag to compare

@superKalo superKalo released this 16 Jun 13:23
001f8db

Changelog:

  • Added: Display a warning when a delegate call is detected during execute as well #2489
  • Fixed: Safe delegation warning improvements (it should show the address we are delegating to) #2488

Full Changelog: v2.101.1...v2.101.2

v2.101.1

Choose a tag to compare

@superKalo superKalo released this 15 Jun 14:41
b285f07

Changelog:

  • Added: Margin, Perpetual and Prediction to AssetType #2477
  • Added: Detecting native value in approvals + add a warning for it #2470
  • Changed: Do NOT run the embedded-domain check for ERC-20 tokens #2473
  • Changed: Improve asset blacklisting to avoid false positives (lure words are matched as whole words and only inside multi-word text, so a single-token symbol/name (WIN, WETH, WIN-AIRDROP) stays visible while "claim your airdrop now" is hidden) #2476
  • Fixed: DeFi apps positions not sorted #2478
  • Fixed: Replace json stringify when checking message for signing, v1 accounts only #2471
  • Fixed: Retry asset discovery #2475
  • Fixed: Max transfer of only option with fee underpriced #2481
  • Fixed: Enhance asset blacklist checks by ensuring separate matching for symbol and name to prevent false positives (+ add tests) #2474
  • Fixed: Humanization typehints on getAddressVisualization, safe accounts #2486
  • Fixed: Default Swap & Bridge receive network on Dashboard open #2485

Full Changelog: v2.101.0...v2.101.1

v2.100.5

Choose a tag to compare

@superKalo superKalo released this 15 Jun 09:05
1ead097

Changelog:

  • Added: Detecting native value in approvals + add a warning for it #2470
  • Fixed: Replace json stringify when checking message for signing, v1 accounts only #2471
  • Fixed: Retry asset discovery #2475

Full Changelog: v2.100.4...v2.100.5

v2.101.0

Choose a tag to compare

@superKalo superKalo released this 10 Jun 13:13
8222e1c

Changelog:

  • Added: Per-dApp account scoping #2391
    • Lets each connected dApp have its own set of allowed accounts and a remembered selected account, with a toggle to disable scoping while keeping settings.
    • When a dApp requests a signature for an account other than the selected one, a switch-account request is inserted first and tied to the original request.
  • Added: Chain ID validation for EIP-712 signatures #2427
    • Verifies the domain chainId on 712 signing requests, matching MetaMask/Rabby behavior: missing or 0 chainId assumes the current chain, a mismatched chainId throws for the dApp to handle.
  • Added: Uniswap as a Swap & Bridge provider #2432
    • Adds Uniswap Trading API alongside LiFi, Socket, and Squid, supporting swaps, bridges, wraps, and unwraps.
    • Polls Across deposit status for Uniswap routes fulfilled through Across.
    • Handle Uniswap sponsorship using the output token fee and disable sponsorship for Uniswap bridges.
    • Ranks routes by received USD value after gas costs, fetches destination-token USD prices from Cena (including tokens outside the portfolio), and removes the symbol-based stablecoin $1 assumption.
    • Improve parallel provider quote collection so completed routes are not missed.
  • Added: Automatic discovery of DeFi positions after transactions #2440
    • Schedules a portfolio update one minute after a transaction so newly created DeFi positions are discovered without hitting the relayer's force-update rate limit.
  • Added: Hide spam tokens and NFTs that embed domains in their name #2458
    • Detects domain-like strings in token/collection names using the Public Suffix List and treats them as scam, catching spam that hides a lure in the name without an https/www prefix.
    • User-added custom assets stay exempt.
  • Added: Match the spam filter against token and NFT names, not only symbols #2456
    • Spam that keeps an innocent symbol but hides the lure in the name (common for NFTs) is now filtered, with custom assets preserved.
  • Changed: Exclude tokens without a known USD price from the Swap & Bridge "From" list #2460
  • Changed: Keep custom tokens without a USD price available in the Swap & Bridge "From" list #2461
  • Changed: Show marketing banners and surveys based on backend requirements for all accounts #2443
  • Changed: Support emoji in banners #2453
  • Changed: Add Uniswap router addresses to the humanizer #2442
  • Changed: Refactor AI PR reviews and fix security reviews #2448
  • Changed: Fix pr-agent.yml workflow #2450
  • Changed: Update AI PR review prompts and configuration #2451
  • Changed: Update the general review prompt to find open-ended domain bugs #2452
  • Changed: Set the PR agent log level to DEBUG #2466

Full Changelog: v2.100.4...v2.101.0

v2.100.4

Choose a tag to compare

@superKalo superKalo released this 10 Jun 08:15
90a19dc

Changelog:

  • Fixed: Lido humanization was showing eth units in wei #2463

Full Changelog: v2.100.3...v2.100.4

v2.100.3

Choose a tag to compare

@superKalo superKalo released this 09 Jun 13:40
ac5693c

Changelog:

  • Fixed: Make 7702 accept dapp batches even if they are not yet 7702 #2455

Full Changelog: v2.100.2...v2.100.3

v2.100.2

Choose a tag to compare

@superKalo superKalo released this 09 Jun 13:15
b16cd2d

Changelog:

  • Fixed: Safe setup humanization (also add one more case for Morpho humanization) #2459

Full Changelog: v2.100.1...v2.100.2

v2.100.1

Choose a tag to compare

@superKalo superKalo released this 04 Jun 13:46
b947df9

Changelog:

  • Fixed: DeFi positions mixing after a skipped discovery #2444
  • Fixed: defiAppsgetTotalalways returns 0 #2445
  • Fixed: Clear signing cases #2447
    • Add ERC-7730 humanization support for Safe reject transactions, including SafeTx typed messages and Safe execTransaction calls.
    • Improve Safe transaction decoding by falling back to ABI head parsing when normal decoding cannot decode nested/multisend calldata.
    • Detect Permit2 zero-amount approvals as revoke approvals and show Revoke approval wording.
    • Improve ERC-7730 value handling for uint-encoded addresses, bigint address formatting, byte slices, and hex enum values.
    • Normalize 1inch fillOrder humanization into clear swap rows: amount to send, minimum to receive, plus any non-token metadata rows.
    • Harden Safe module execTransaction decoding and delegate-call warning handling.

Full Changelog: v2.100.0...v2.100.1