[Eco Bounty] ioPay Lack of Automatic RPC Node Switching
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application fails to automatically switch to a healthy RPC (Remote Procedure Call) node when the current default node is unresponsive or "red," leading to transaction failures and synchronization issues. Detailed Description Location: Settings -> Network -> Polygon (or any selected network). Observation: As shown in IMG_0305.png, the default RPC node (https://polygon-rpc.com) is marked with a red indicator, signifying it is offline or experiencing high latency. Despite a healthy node being available (https://polygon-bor.publicnode.com marked in green), the app remains connected to the faulty default node. Impact (UX): Users are forced to manually enter the network settings to identify and select a working node. If a user is unaware of this, they will experience "failed to fetch" errors, balance update delays, and unable-to-send transaction errors without a clear explanation. Steps to Reproduce: Launch ioPay v5.3.0 (1). Navigate to Settings > Network and select a network (e.g., Polygon). Observe a scenario where the primary/default node is "Red" (unhealthy). Attempt to view balances or initiate a transaction. Result: The app continues to attempt connection via the unhealthy node instead of automatically routing traffic through a "Green" (healthy) alternative. Expected Result: The application should implement an Automatic Failover mechanism. If the active RPC node returns an error or exceeds a specific latency threshold, the app should automatically switch to the next available healthy node in the list to ensure uninterrupted service.
cryptotestnet About 1 hour ago
[Eco Bounty] ioPay Lack of Automatic RPC Node Switching
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application fails to automatically switch to a healthy RPC (Remote Procedure Call) node when the current default node is unresponsive or "red," leading to transaction failures and synchronization issues. Detailed Description Location: Settings -> Network -> Polygon (or any selected network). Observation: As shown in IMG_0305.png, the default RPC node (https://polygon-rpc.com) is marked with a red indicator, signifying it is offline or experiencing high latency. Despite a healthy node being available (https://polygon-bor.publicnode.com marked in green), the app remains connected to the faulty default node. Impact (UX): Users are forced to manually enter the network settings to identify and select a working node. If a user is unaware of this, they will experience "failed to fetch" errors, balance update delays, and unable-to-send transaction errors without a clear explanation. Steps to Reproduce: Launch ioPay v5.3.0 (1). Navigate to Settings > Network and select a network (e.g., Polygon). Observe a scenario where the primary/default node is "Red" (unhealthy). Attempt to view balances or initiate a transaction. Result: The app continues to attempt connection via the unhealthy node instead of automatically routing traffic through a "Green" (healthy) alternative. Expected Result: The application should implement an Automatic Failover mechanism. If the active RPC node returns an error or exceeds a specific latency threshold, the app should automatically switch to the next available healthy node in the list to ensure uninterrupted service.
cryptotestnet About 1 hour ago
[Eco Bounty] ioPay Date Text Alignment Issue
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary There is a UI alignment error in the Notification details screen where the date text does not vertically align with its accompanying calendar icon. Detailed Description Location: Discover Tab -> News/Notification -> Article View. Observation: In the "Arkreen Network" notification view (as seen in IMG_0303.jpg), the calendar icon is positioned significantly higher than the actual date string ("Wednesday, January 1, 2025..."). Visual Inconsistency: The icon and text appear on separate horizontal planes rather than being centered on the same line, resulting in an unpolished and cluttered appearance. Steps to Reproduce: Launch ioPay v5.3.0 (1). Navigate to the Discover tab and select a news notification (e.g., the Arkreen Network update). View the article details. Observe: The calendar icon and the date/time text located under the main headline. Expected Result: The calendar icon and the date/time text should be perfectly center-aligned on the same horizontal axis for a professional and clean UI.
cryptotestnet About 1 hour ago
[Eco Bounty] ioPay Date Text Alignment Issue
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary There is a UI alignment error in the Notification details screen where the date text does not vertically align with its accompanying calendar icon. Detailed Description Location: Discover Tab -> News/Notification -> Article View. Observation: In the "Arkreen Network" notification view (as seen in IMG_0303.jpg), the calendar icon is positioned significantly higher than the actual date string ("Wednesday, January 1, 2025..."). Visual Inconsistency: The icon and text appear on separate horizontal planes rather than being centered on the same line, resulting in an unpolished and cluttered appearance. Steps to Reproduce: Launch ioPay v5.3.0 (1). Navigate to the Discover tab and select a news notification (e.g., the Arkreen Network update). View the article details. Observe: The calendar icon and the date/time text located under the main headline. Expected Result: The calendar icon and the date/time text should be perfectly center-aligned on the same horizontal axis for a professional and clean UI.
cryptotestnet About 1 hour ago
[Eco Bounty] ioPay Activities Sorting & Filtering
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The Activities interface lacks essential data management and filtering tools. While the screen provides a chronological list of transactions, it does not allow users to sort or filter the history to view specific types of data, such as exclusively successful transactions. 2. Steps to Reproduce Open the ioPay app. Navigate to the Activities screen. Observe the chronological list which mixes "Success" and "Failed" transactions. Attempt to find a sorting or filtering button to isolate successful transactions. 3. Actual Result Transactions are displayed in a single, unorganized list with no option to filter by status. Users must manually scroll through all entries, including failed attempts (e.g., the failed transactions on 2026/03/03 and 2026/02/25), to find successful transfers. 4. Expected Result The interface should provide clear sorting and filtering options. A user should be able to: Filter by Status (Success, Failed, Pending). Sort by Date (Newest to Oldest or vice-versa). Filter by Transaction Type (Send, Receive, Execution). Suggested Fixes Filter Bar: Implement a row of "Filter Chips" (e.g., All, Success, Failed) at the top of the Activities list for one-tap organization. Search Integration: Enhance the search function to recognize status keywords so users can type "Success" to instantly hide failed transactions. Visual Grouping: Use color-coded headers or collapsible sections to group transactions by their status.
cryptotestnet About 3 hours ago
[Eco Bounty] ioPay Activities Sorting & Filtering
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The Activities interface lacks essential data management and filtering tools. While the screen provides a chronological list of transactions, it does not allow users to sort or filter the history to view specific types of data, such as exclusively successful transactions. 2. Steps to Reproduce Open the ioPay app. Navigate to the Activities screen. Observe the chronological list which mixes "Success" and "Failed" transactions. Attempt to find a sorting or filtering button to isolate successful transactions. 3. Actual Result Transactions are displayed in a single, unorganized list with no option to filter by status. Users must manually scroll through all entries, including failed attempts (e.g., the failed transactions on 2026/03/03 and 2026/02/25), to find successful transfers. 4. Expected Result The interface should provide clear sorting and filtering options. A user should be able to: Filter by Status (Success, Failed, Pending). Sort by Date (Newest to Oldest or vice-versa). Filter by Transaction Type (Send, Receive, Execution). Suggested Fixes Filter Bar: Implement a row of "Filter Chips" (e.g., All, Success, Failed) at the top of the Activities list for one-tap organization. Search Integration: Enhance the search function to recognize status keywords so users can type "Success" to instantly hide failed transactions. Visual Grouping: Use color-coded headers or collapsible sections to group transactions by their status.
cryptotestnet About 3 hours ago
[Eco Bounty] ioPay Lack of Scam Detection for New Address Entry
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Target Scam Address: 0xd9A1C3788D81257612E2581A6ea0aDa244853a91 App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "New Address" interface in the address book lacks an early detection or warning system to identify known scam or high-risk wallet addresses during the entry process. When a user inputs a known malicious address, the app does not provide a real-time alert or prevent the saving of the address, potentially leading to accidental future fund loss. 2. Steps to Reproduce Open the ioPay app. Navigate to the Address Book and select "Add New Address". Paste a known scam address (e.g., 0xd9A1C3788D81257612E2581A6ea0aDa244853a91) into the "New Address" field. Observe the lack of any warning indicator or risk assessment. 3. Actual Result The application allows the address to be entered and potentially saved without performing a security check against known blacklists or risk databases. 4. Expected Result The app should implement a proactive security layer that: Flags known scam addresses with a red warning banner or icon immediately upon entry. Displays a risk level (e.g., "High Risk" or "Reported Scam") based on community or security provider data. Requires additional confirmation from the user before allowing a high-risk address to be saved to the address book. Suggested Fixes API Integration: Integrate a real-time security API (such as GoPlus Security or similar) to verify addresses against global scam databases as they are typed. Visual Alert: Implement a clear visual warning (e.g., a "Scam Alert" badge) directly within the address input field when a match is found. Community Reporting: Add a "Report this address" button within the Address Book to allow users to contribute to the local and global safety database.
cryptotestnet About 3 hours ago
[Eco Bounty] ioPay Lack of Scam Detection for New Address Entry
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Target Scam Address: 0xd9A1C3788D81257612E2581A6ea0aDa244853a91 App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "New Address" interface in the address book lacks an early detection or warning system to identify known scam or high-risk wallet addresses during the entry process. When a user inputs a known malicious address, the app does not provide a real-time alert or prevent the saving of the address, potentially leading to accidental future fund loss. 2. Steps to Reproduce Open the ioPay app. Navigate to the Address Book and select "Add New Address". Paste a known scam address (e.g., 0xd9A1C3788D81257612E2581A6ea0aDa244853a91) into the "New Address" field. Observe the lack of any warning indicator or risk assessment. 3. Actual Result The application allows the address to be entered and potentially saved without performing a security check against known blacklists or risk databases. 4. Expected Result The app should implement a proactive security layer that: Flags known scam addresses with a red warning banner or icon immediately upon entry. Displays a risk level (e.g., "High Risk" or "Reported Scam") based on community or security provider data. Requires additional confirmation from the user before allowing a high-risk address to be saved to the address book. Suggested Fixes API Integration: Integrate a real-time security API (such as GoPlus Security or similar) to verify addresses against global scam databases as they are typed. Visual Alert: Implement a clear visual warning (e.g., a "Scam Alert" badge) directly within the address input field when a match is found. Community Reporting: Add a "Report this address" button within the Address Book to allow users to contribute to the local and global safety database.
cryptotestnet About 3 hours ago
[Eco Bounty] ioPay Lack of Network Organization (Mainnet vs. Testnet)
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "Switch Network" interface does not categorize or separate production networks (Mainnets) from development networks (Testnets/Devnets). As seen in the provided screenshot, Solana Devnet, Bitcoin Testnet, and Kovan (Ethereum testnet) are listed in the same primary list as production chains like Polygon, Arbitrum, and Base without any visual distinction or grouping. 2. Steps to Reproduce Open the ioPay app. Navigate to the Switch Network screen (Settings > Network). Scroll through the available networks. Observe the mixed list of live and testing environments. 3. Actual Result All networks are displayed in a single, unorganized list. This forces users to scroll through development environments they may not use and increases the risk of a user accidentally performing a transaction on the wrong network type. 4. Expected Result The interface should clearly organize networks into distinct categories, such as: Mainnet: (IoTeX, BNB Chain, Polygon, etc.) Testnet/Devnet: (Solana Devnet, Bitcoin Testnet, etc.) Custom: (User-added RPCs) Suggested Fixes Tabbed View: Implement a toggle or tabs at the top of the "Switch Network" screen to switch between Mainnet and Testnet views. Section Headers: Use bold headers within the list to visually separate the two groups. Visual Indicators: Add a small "Test" or "Dev" tag next to the names of non-production networks to provide immediate clarity. Default Hiding: Hide Testnets by default in the settings, allowing users to enable "Developer Mode" to see them.
cryptotestnet About 4 hours ago
[Eco Bounty] ioPay Lack of Network Organization (Mainnet vs. Testnet)
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "Switch Network" interface does not categorize or separate production networks (Mainnets) from development networks (Testnets/Devnets). As seen in the provided screenshot, Solana Devnet, Bitcoin Testnet, and Kovan (Ethereum testnet) are listed in the same primary list as production chains like Polygon, Arbitrum, and Base without any visual distinction or grouping. 2. Steps to Reproduce Open the ioPay app. Navigate to the Switch Network screen (Settings > Network). Scroll through the available networks. Observe the mixed list of live and testing environments. 3. Actual Result All networks are displayed in a single, unorganized list. This forces users to scroll through development environments they may not use and increases the risk of a user accidentally performing a transaction on the wrong network type. 4. Expected Result The interface should clearly organize networks into distinct categories, such as: Mainnet: (IoTeX, BNB Chain, Polygon, etc.) Testnet/Devnet: (Solana Devnet, Bitcoin Testnet, etc.) Custom: (User-added RPCs) Suggested Fixes Tabbed View: Implement a toggle or tabs at the top of the "Switch Network" screen to switch between Mainnet and Testnet views. Section Headers: Use bold headers within the list to visually separate the two groups. Visual Indicators: Add a small "Test" or "Dev" tag next to the names of non-production networks to provide immediate clarity. Default Hiding: Hide Testnets by default in the settings, allowing users to enable "Developer Mode" to see them.
cryptotestnet About 4 hours ago
[Eco Bounty] ioPay : Discover Tab Missing Content (Hot DApps/Categories)
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The Discover tab is currently empty of curated content, missing essential sections such as "Hot DApps," "DeFi," "Games," and other ecosystem categories that are usually present in the ioPay browser. Detailed Description Location: Discover Tab -> Browser Observation: As shown in IMG_0088.jpg, the Discover screen only displays the top banner ("ioPay 5.2 now live") and three basic shortcuts (Google, DuckDuckGo, History). The entire lower section of the screen, which should house the IoTeX ecosystem's DApp directory, is blank. Impact (UX): This significantly hinders discoverability. Users cannot easily access native IoTeX DApps like Mimo, Quicksilver, or Depin projects without manually typing in URLs. For new users, the "Discover" tab appears broken or unpopulated, giving the impression of a lack of ecosystem activity. Steps to Reproduce: Launch ioPay v5.3.0 (1). Tap on the Discover icon in the bottom navigation bar. Ensure the Browser sub-tab is selected at the top. Scroll down below the "History" icon. Result: The area is completely empty. No "Hot DApps" or curated categories are loaded. Expected Result: The Discover tab should dynamically load and display featured DApps, categorized sections (DeFi, NFT, Social, etc.), and trending projects within the IoTeX ecosystem below the search/shortcut bar.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay : Discover Tab Missing Content (Hot DApps/Categories)
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The Discover tab is currently empty of curated content, missing essential sections such as "Hot DApps," "DeFi," "Games," and other ecosystem categories that are usually present in the ioPay browser. Detailed Description Location: Discover Tab -> Browser Observation: As shown in IMG_0088.jpg, the Discover screen only displays the top banner ("ioPay 5.2 now live") and three basic shortcuts (Google, DuckDuckGo, History). The entire lower section of the screen, which should house the IoTeX ecosystem's DApp directory, is blank. Impact (UX): This significantly hinders discoverability. Users cannot easily access native IoTeX DApps like Mimo, Quicksilver, or Depin projects without manually typing in URLs. For new users, the "Discover" tab appears broken or unpopulated, giving the impression of a lack of ecosystem activity. Steps to Reproduce: Launch ioPay v5.3.0 (1). Tap on the Discover icon in the bottom navigation bar. Ensure the Browser sub-tab is selected at the top. Scroll down below the "History" icon. Result: The area is completely empty. No "Hot DApps" or curated categories are loaded. Expected Result: The Discover tab should dynamically load and display featured DApps, categorized sections (DeFi, NFT, Social, etc.), and trending projects within the IoTeX ecosystem below the search/shortcut bar.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay Lack of Visual Iconography in Security & Privacy
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The Security & Privacy menu lacks supportive iconography for its primary action items. The current interface is text-heavy and does not provide visual cues to help users quickly identify security functions. Detailed Description Location: Settings -> Security & Privacy Observation: As shown in IMG_0087.png, the "Change PIN" and "Authentication" menu items are presented as plain text blocks with standard chevron arrows. There are no leading icons (e.g., a lock icon for PIN or a fingerprint/shield icon for Authentication). Impact (UX): The absence of icons makes the menu less intuitive to navigate at a glance. Visual indicators are standard in wallet security interfaces to help users differentiate between "Privacy" settings and "Security" actions, reducing cognitive load and improving the overall aesthetic of the app. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to Settings Security & Privacy. Observe the menu structure for "Change PIN" and "Authentication." Result: The menu items lack any descriptive or decorative icons, resulting in a generic and purely text-based interface. Expected Result: Each menu item should be accompanied by a relevant icon to improve scannability and UX design consistency: Change PIN: Should have a "Lock" or "Keypad" icon. Authentication: Should have a "Biometric," "Face ID," or "Shield" icon.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay Lack of Visual Iconography in Security & Privacy
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The Security & Privacy menu lacks supportive iconography for its primary action items. The current interface is text-heavy and does not provide visual cues to help users quickly identify security functions. Detailed Description Location: Settings -> Security & Privacy Observation: As shown in IMG_0087.png, the "Change PIN" and "Authentication" menu items are presented as plain text blocks with standard chevron arrows. There are no leading icons (e.g., a lock icon for PIN or a fingerprint/shield icon for Authentication). Impact (UX): The absence of icons makes the menu less intuitive to navigate at a glance. Visual indicators are standard in wallet security interfaces to help users differentiate between "Privacy" settings and "Security" actions, reducing cognitive load and improving the overall aesthetic of the app. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to Settings Security & Privacy. Observe the menu structure for "Change PIN" and "Authentication." Result: The menu items lack any descriptive or decorative icons, resulting in a generic and purely text-based interface. Expected Result: Each menu item should be accompanied by a relevant icon to improve scannability and UX design consistency: Change PIN: Should have a "Lock" or "Keypad" icon. Authentication: Should have a "Biometric," "Face ID," or "Shield" icon.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay Missing "System" Selection in Appearance Settings
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The "Appearance" settings menu contains a logical inconsistency where the description promises system-based adjustment, but the actual selectable "System" toggle/option is missing from the interface. Detailed Description Location: Settings -> Appearance Observation: As seen in IMG_0086.png, the header text states: "System: We'll adjust your appearance based on your device's system settings." However, below this text, only "Dark" and "Light" buttons are available for selection. Impact (UX): There is no third option (usually labeled "System" or "Automatic") that allows the app to dynamically switch themes based on the iOS system-wide Dark Mode schedule. This forces users to manually toggle the theme within ioPay, contradicting the app's own instructional text. Steps to Reproduce: Launch ioPay v5.2.0 (1) on iPhone XR. Navigate to Settings > Appearance. Read the "System" description regarding automatic adjustment. Attempt to find a "System" or "Auto" selection button. Result: Only "Dark" and "Light" are selectable; the "System" option described in the header is missing from the UI. Expected Result: The interface should include a third selectable button labeled "System" or "Follow System" so that the app's behavior matches its description.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay Missing "System" Selection in Appearance Settings
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The "Appearance" settings menu contains a logical inconsistency where the description promises system-based adjustment, but the actual selectable "System" toggle/option is missing from the interface. Detailed Description Location: Settings -> Appearance Observation: As seen in IMG_0086.png, the header text states: "System: We'll adjust your appearance based on your device's system settings." However, below this text, only "Dark" and "Light" buttons are available for selection. Impact (UX): There is no third option (usually labeled "System" or "Automatic") that allows the app to dynamically switch themes based on the iOS system-wide Dark Mode schedule. This forces users to manually toggle the theme within ioPay, contradicting the app's own instructional text. Steps to Reproduce: Launch ioPay v5.2.0 (1) on iPhone XR. Navigate to Settings > Appearance. Read the "System" description regarding automatic adjustment. Attempt to find a "System" or "Auto" selection button. Result: Only "Dark" and "Light" are selectable; the "System" option described in the header is missing from the UI. Expected Result: The interface should include a third selectable button labeled "System" or "Follow System" so that the app's behavior matches its description.
cryptotestnet About 5 hours ago
[Eco Bounty] ioPay Appearance UI Lacks Visual Feedback
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The "Appearance" settings menu in ioPay provides poor user feedback. When selecting between "Light" and "Dark" themes, the active selection is only indicated by a subtle purple outline on the button, which is insufficient, especially for accessibility. It also lacks clear icons or images. Detailed Description Location: Settings -> Appearance Observation: As shown in IMG_0083.png, selecting a theme only places a thin purple border around the option (in this case, "Dark"). There is no permanent success icon (like a checkmark) to confirm the setting has been saved or is actively running. Impact (UX/Accessibility): The visual feedback is too subtle. A thin line can easily be missed by many users, especially those with vision impairments. It does not provide the robust "Confirmation State" required for a good user experience. Furthermore, the lack of an illustrative icon or theme-appropriate image makes the menu unpolished and visually generic. Steps to Reproduce: Launch ioPay v5.2.0 (1) on iPhone XR (iOS 18.7.3). Navigate to Settings > Appearance. Tap on "Light". Observe the thin purple border. Tap on "Dark". Observe the thin purple border. Result: No robust visual confirmation (like a checkmark) appears, and there are no illustrative icons (like a sun or moon). Expected Result: The interface should provide clear, definitive feedback for the active selection. Selection Feedback: When an option is active, a permanent checkmark (or similar success icon) should appear within the selection block to clearly mark the state. Illustrative Icons: Icons (e.g., a sun and moon, or corresponding UI samples) should be included to visually demonstrate the themes.
cryptotestnet About 7 hours ago
[Eco Bounty] ioPay Appearance UI Lacks Visual Feedback
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The "Appearance" settings menu in ioPay provides poor user feedback. When selecting between "Light" and "Dark" themes, the active selection is only indicated by a subtle purple outline on the button, which is insufficient, especially for accessibility. It also lacks clear icons or images. Detailed Description Location: Settings -> Appearance Observation: As shown in IMG_0083.png, selecting a theme only places a thin purple border around the option (in this case, "Dark"). There is no permanent success icon (like a checkmark) to confirm the setting has been saved or is actively running. Impact (UX/Accessibility): The visual feedback is too subtle. A thin line can easily be missed by many users, especially those with vision impairments. It does not provide the robust "Confirmation State" required for a good user experience. Furthermore, the lack of an illustrative icon or theme-appropriate image makes the menu unpolished and visually generic. Steps to Reproduce: Launch ioPay v5.2.0 (1) on iPhone XR (iOS 18.7.3). Navigate to Settings > Appearance. Tap on "Light". Observe the thin purple border. Tap on "Dark". Observe the thin purple border. Result: No robust visual confirmation (like a checkmark) appears, and there are no illustrative icons (like a sun or moon). Expected Result: The interface should provide clear, definitive feedback for the active selection. Selection Feedback: When an option is active, a permanent checkmark (or similar success icon) should appear within the selection block to clearly mark the state. Illustrative Icons: Icons (e.g., a sun and moon, or corresponding UI samples) should be included to visually demonstrate the themes.
cryptotestnet About 7 hours ago
[Eco Bounty] ioPay Face ID Unlimited Attempts & Lack of Security Cooldown
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application's biometric authentication layer (Face ID) does not implement a maximum attempt threshold or a security cooldown period. Detailed Description When unlocking the wallet or confirming a sensitive action, the app allows for unlimited consecutive Face ID failures without locking the biometric option or enforcing a mandatory PIN-only fallback/cooldown period. Observation: As seen in IMG_0077.png, even after a "Face Not Recognized" event, the user is immediately prompted to "Try Face ID Again" indefinitely. Security Risk: This behavior bypasses standard security protocols designed to prevent "brute-force" biometric spoofing. Most high-security financial applications disable biometrics after 3β5 failed attempts, requiring the manual PIN to re-enable them. Steps to Reproduce: Launch ioPay v5.2.0 (1) with Face ID unlock enabled. Trigger the Face ID prompt (e.g., by opening the app or accessing a protected feature). Deliberately fail the Face ID check (e.g., cover the sensor or look away). Observe the "Face Not Recognized" prompt. Repeatedly tap "Try Face ID Again" and fail multiple times (10+ times). Observe: The app continues to offer Face ID attempts without ever locking the user out or forcing a PIN entry. Expected Result: After a specific number of failed attempts (typically 3β5), the app should: Temporarily disable Face ID for security. Force the user to enter their 6-digit PIN to access the wallet. Implement a progressive cooldown timer if failures continue. Actual Result: The app allows an infinite loop of "Try Face ID Again," compromising the secondary security layer of the wallet.
cryptotestnet About 7 hours ago
[Eco Bounty] ioPay Face ID Unlimited Attempts & Lack of Security Cooldown
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application's biometric authentication layer (Face ID) does not implement a maximum attempt threshold or a security cooldown period. Detailed Description When unlocking the wallet or confirming a sensitive action, the app allows for unlimited consecutive Face ID failures without locking the biometric option or enforcing a mandatory PIN-only fallback/cooldown period. Observation: As seen in IMG_0077.png, even after a "Face Not Recognized" event, the user is immediately prompted to "Try Face ID Again" indefinitely. Security Risk: This behavior bypasses standard security protocols designed to prevent "brute-force" biometric spoofing. Most high-security financial applications disable biometrics after 3β5 failed attempts, requiring the manual PIN to re-enable them. Steps to Reproduce: Launch ioPay v5.2.0 (1) with Face ID unlock enabled. Trigger the Face ID prompt (e.g., by opening the app or accessing a protected feature). Deliberately fail the Face ID check (e.g., cover the sensor or look away). Observe the "Face Not Recognized" prompt. Repeatedly tap "Try Face ID Again" and fail multiple times (10+ times). Observe: The app continues to offer Face ID attempts without ever locking the user out or forcing a PIN entry. Expected Result: After a specific number of failed attempts (typically 3β5), the app should: Temporarily disable Face ID for security. Force the user to enter their 6-digit PIN to access the wallet. Implement a progressive cooldown timer if failures continue. Actual Result: The app allows an infinite loop of "Try Face ID Again," compromising the secondary security layer of the wallet.
cryptotestnet About 7 hours ago
[Eco Bounty] ioPay UI/UX Clarity Issue β "New Addressβ Setup Lacks Address Type Icon/Feedback
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Lack of Visual Feedback and Network Context for New Addresses Description: The "New Address" configuration screen (as shown in IMG_0054.png) lacks necessary visual elements to assist users with accurate address setup. Missing Network Icon: When adding a "New Address" (as referenced in image_20.png), there is no icon or branding to indicate which network the address is intended for. Users are forced to guess or cross-reference the previous menu context, which is prone to error. Missing Identicon Generation: There is no placeholder or dynamic "Robot Avatar" generated for the new address as the user creates it, deviating from the standard identicon logic seen elsewhere in the wallet. Poor User Experience: This lack of dynamic visual feedback makes the interface feel unresponsive and unfinished. It increases the risk of a user incorrectly labeling or assigning an address to the wrong network context. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to network settings. Choose the option to add or create a "New Address". Observe: The page that opens (IMG_0054.png) contains fields for "New Address," "Name," and "Describe," but provides no branding icon or dynamic avatar. Expected Result: The interface should provide clear visual feedback during setup, such as: Network Branding: Display the distinct, colored icon for the selected network context (e.g., the IoTeX logo or Bitcoin logo) above the address field. Identicon Placeholder: Display a standard placeholder icon that animates or updates to a dynamic identicon (Robot Avatar) once a valid address is entered, confirming the input type.
cryptotestnet About 8 hours ago
[Eco Bounty] ioPay UI/UX Clarity Issue β "New Addressβ Setup Lacks Address Type Icon/Feedback
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Lack of Visual Feedback and Network Context for New Addresses Description: The "New Address" configuration screen (as shown in IMG_0054.png) lacks necessary visual elements to assist users with accurate address setup. Missing Network Icon: When adding a "New Address" (as referenced in image_20.png), there is no icon or branding to indicate which network the address is intended for. Users are forced to guess or cross-reference the previous menu context, which is prone to error. Missing Identicon Generation: There is no placeholder or dynamic "Robot Avatar" generated for the new address as the user creates it, deviating from the standard identicon logic seen elsewhere in the wallet. Poor User Experience: This lack of dynamic visual feedback makes the interface feel unresponsive and unfinished. It increases the risk of a user incorrectly labeling or assigning an address to the wrong network context. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to network settings. Choose the option to add or create a "New Address". Observe: The page that opens (IMG_0054.png) contains fields for "New Address," "Name," and "Describe," but provides no branding icon or dynamic avatar. Expected Result: The interface should provide clear visual feedback during setup, such as: Network Branding: Display the distinct, colored icon for the selected network context (e.g., the IoTeX logo or Bitcoin logo) above the address field. Identicon Placeholder: Display a standard placeholder icon that animates or updates to a dynamic identicon (Robot Avatar) once a valid address is entered, confirming the input type.
cryptotestnet About 8 hours ago
[Eco Bounty] Missing Copyright/Legal Information in "About ioPay"
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "About ioPay" screen lacks any formal copyright notice or ownership declaration (e.g., "Β© 2026 IoTeX"). While links to the Privacy Policy and Terms of Service are present at the bottom of the screen, there is no standard legal attribution or identification of the entity responsible for the application. 2. Steps to Reproduce Open the ioPay app. Navigate to Settings or the User Profile. Select About ioPay. Scroll to the bottom of the page and observe the text below the primary menu links. 3. Actual Result The screen displays the app logo, version number, and several menu options (Feedback, Community, Feature Request, etc.). At the very bottom, it only lists "Privacy policy & Terms of service" as clickable links, with no copyright year or company name displayed. 4. Expected Result A standard professional application should include a copyright line, such as: Β© 2018-2026 IoTeX. All rights reserved. Suggested Fixes Footer Update: Add a static text line at the bottom of the "About" screen (below the Privacy/Terms links) containing the current year and the "IoTeX" brand name. Consistency: Ensure this copyright information is also visible in the splash screen or the main settings footer to maintain legal transparency across the DApp.
cryptotestnet About 8 hours ago
[Eco Bounty] Missing Copyright/Legal Information in "About ioPay"
Wallet Address Reporter: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.3.1 (3973) Device: Redmi Note 10 Pro (Android 13) 1. Description The "About ioPay" screen lacks any formal copyright notice or ownership declaration (e.g., "Β© 2026 IoTeX"). While links to the Privacy Policy and Terms of Service are present at the bottom of the screen, there is no standard legal attribution or identification of the entity responsible for the application. 2. Steps to Reproduce Open the ioPay app. Navigate to Settings or the User Profile. Select About ioPay. Scroll to the bottom of the page and observe the text below the primary menu links. 3. Actual Result The screen displays the app logo, version number, and several menu options (Feedback, Community, Feature Request, etc.). At the very bottom, it only lists "Privacy policy & Terms of service" as clickable links, with no copyright year or company name displayed. 4. Expected Result A standard professional application should include a copyright line, such as: Β© 2018-2026 IoTeX. All rights reserved. Suggested Fixes Footer Update: Add a static text line at the bottom of the "About" screen (below the Privacy/Terms links) containing the current year and the "IoTeX" brand name. Consistency: Ensure this copyright information is also visible in the splash screen or the main settings footer to maintain legal transparency across the DApp.
cryptotestnet About 8 hours ago
[Eco Bounty] ioPay UI/UX Inconsistency β BTC Address Avatar Logo
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Inconsistent Avatar Logo for BTC Addresses Description: There is a visual inconsistency regarding the "Robot Avatar" (Identicon) assigned to Bitcoin (BTC) wallet addresses within the ioPay interface. Observation: As shown in IMG_0053.png, the generated robot avatar for the BTC address does not match the standard branding or expected visual consistency of other assets within the wallet. The logo/avatar appears incongruent with the walletβs established design language for cryptographic addresses. Impact: While primarily a UI/UX polish issue, inconsistent branding can undermine user confidence. Users rely on these "Robot Avatars" as a quick visual sanity check to ensure they are looking at the correct wallet or address; when the avatar logic appears broken or improperly mapped to the specific network (BTC), it creates unnecessary confusion. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to the Bitcoin (BTC) wallet view. Observe the "Robot Avatar" icon associated with the BTC receiving address. Compare this against the avatar style used for IoTeX (IOTX) or other native assets. Result: The BTC avatar exhibits styling or logo discrepancies that deviate from the standard identicon generation used elsewhere in the application. Expected Result: The identicon generator should consistently apply the same design parameters to all blockchain addresses, regardless of the network, or it should correctly display the standard Bitcoin network icon/avatar to maintain a professional and cohesive user interface.
cryptotestnet 1 day ago
[Eco Bounty] ioPay UI/UX Inconsistency β BTC Address Avatar Logo
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Inconsistent Avatar Logo for BTC Addresses Description: There is a visual inconsistency regarding the "Robot Avatar" (Identicon) assigned to Bitcoin (BTC) wallet addresses within the ioPay interface. Observation: As shown in IMG_0053.png, the generated robot avatar for the BTC address does not match the standard branding or expected visual consistency of other assets within the wallet. The logo/avatar appears incongruent with the walletβs established design language for cryptographic addresses. Impact: While primarily a UI/UX polish issue, inconsistent branding can undermine user confidence. Users rely on these "Robot Avatars" as a quick visual sanity check to ensure they are looking at the correct wallet or address; when the avatar logic appears broken or improperly mapped to the specific network (BTC), it creates unnecessary confusion. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to the Bitcoin (BTC) wallet view. Observe the "Robot Avatar" icon associated with the BTC receiving address. Compare this against the avatar style used for IoTeX (IOTX) or other native assets. Result: The BTC avatar exhibits styling or logo discrepancies that deviate from the standard identicon generation used elsewhere in the application. Expected Result: The identicon generator should consistently apply the same design parameters to all blockchain addresses, regardless of the network, or it should correctly display the standard Bitcoin network icon/avatar to maintain a professional and cohesive user interface.
cryptotestnet 1 day ago
[Eco Bounty] ioPay UI/UX Clarity Issue β Mainnet and Testnet Logo Parity
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Visual Indistinguishability Between Mainnet and Testnet Description: The application currently uses identical branding and iconography for both the Mainnet and Testnetenvironments. Observation: As seen in the attached screenshot (IMG_0052.png), there is no distinct visual indicatorβsuch as a color-coded logo, a "Testnet" watermark, or a UI theme differentiationβto help users distinguish which network they are currently connected to. Impact: This poses a significant user safety risk. Users may inadvertently perform transactions, test DApps, or interact with smart contracts on the Testnet believing they are on the Mainnet (or vice versa), leading to confusion or, in cases where users might mistake test tokens for real assets, potential loss of focus and incorrect expectations. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to network settings and switch between Mainnet and Testnet. Observe the app's UI/Logo on the home screen or wallet dashboard. Result: The UI appearance, branding, and logos remain identical, providing no visual cues to the current network context. Expected Result: The application should implement clear visual cues to distinguish the networks. Examples include: Color-coded Branding: Using a distinct accent color (e.g., blue for Mainnet, orange or gray for Testnet) in the logo or header. UI Watermark: A persistent, non-intrusive "Testnet" label or badge overlaid on the dashboard when in Testnet mode.
cryptotestnet 1 day ago
[Eco Bounty] ioPay UI/UX Clarity Issue β Mainnet and Testnet Logo Parity
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Visual Indistinguishability Between Mainnet and Testnet Description: The application currently uses identical branding and iconography for both the Mainnet and Testnetenvironments. Observation: As seen in the attached screenshot (IMG_0052.png), there is no distinct visual indicatorβsuch as a color-coded logo, a "Testnet" watermark, or a UI theme differentiationβto help users distinguish which network they are currently connected to. Impact: This poses a significant user safety risk. Users may inadvertently perform transactions, test DApps, or interact with smart contracts on the Testnet believing they are on the Mainnet (or vice versa), leading to confusion or, in cases where users might mistake test tokens for real assets, potential loss of focus and incorrect expectations. Steps to Reproduce: Launch ioPay v5.2.0 (1). Navigate to network settings and switch between Mainnet and Testnet. Observe the app's UI/Logo on the home screen or wallet dashboard. Result: The UI appearance, branding, and logos remain identical, providing no visual cues to the current network context. Expected Result: The application should implement clear visual cues to distinguish the networks. Examples include: Color-coded Branding: Using a distinct accent color (e.g., blue for Mainnet, orange or gray for Testnet) in the logo or header. UI Watermark: A persistent, non-intrusive "Testnet" label or badge overlaid on the dashboard when in Testnet mode.
cryptotestnet 1 day ago
[Eco Bounty] IoPay Transaction Notification Toggle Failure
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Failure to Enable Transaction Notifications Description: The application fails to update the notification settings when the user attempts to toggle on "Transaction Notification." Observation: As demonstrated in the provided screen recording, attempting to switch the "Transaction Notification" toggle to the "ON" position results in an immediate system error prompt displaying the message "Failed." * Impact: The user is unable to receive push notifications for incoming or outgoing transactions, which is a critical feature for wallet security and real-time monitoring. Steps to Reproduce: Launch ioPay v5.2.0 (1) on an iPhone XR. Navigate to Settings. Locate the Transaction Notification toggle. Tap the toggle to enable it. Observe: The UI immediately triggers a pop-up error message stating "Failed," and the toggle remains in the "OFF" position. Expected Result: The toggle should switch to "ON," and the app should request or confirm the necessary notification permissions from the iOS system. Actual Result: The request fails to process, and the app throws an unhelpful "Failed" error message, preventing the configuration change.
cryptotestnet 1 day ago
[Eco Bounty] IoPay Transaction Notification Toggle Failure
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Failure to Enable Transaction Notifications Description: The application fails to update the notification settings when the user attempts to toggle on "Transaction Notification." Observation: As demonstrated in the provided screen recording, attempting to switch the "Transaction Notification" toggle to the "ON" position results in an immediate system error prompt displaying the message "Failed." * Impact: The user is unable to receive push notifications for incoming or outgoing transactions, which is a critical feature for wallet security and real-time monitoring. Steps to Reproduce: Launch ioPay v5.2.0 (1) on an iPhone XR. Navigate to Settings. Locate the Transaction Notification toggle. Tap the toggle to enable it. Observe: The UI immediately triggers a pop-up error message stating "Failed," and the toggle remains in the "OFF" position. Expected Result: The toggle should switch to "ON," and the app should request or confirm the necessary notification permissions from the iOS system. Actual Result: The request fails to process, and the app throws an unhelpful "Failed" error message, preventing the configuration change.
cryptotestnet 1 day ago
[Eco Bounty] ioPay Lack of UI/UX Feedback for "Copy" Actions
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application fails to provide adequate or consistent visual confirmation when a user performs a "Copy" action (e.g., copying wallet addresses). Detailed Description When tapping the "Copy" icon (specifically on the Receive screen, as shown in IMG_0045.jpg), the app does not trigger a clear visual confirmation. Current Behavior: The UI remains static. While a small "Copied!" toast message may appear briefly (as seen in the screenshot), it is easily missed, lacks animation, and does not provide tactile or persistent confirmation. Impact: Users are often left uncertain if the copy action succeeded, leading to redundant clicks and potential errors when pasting the data into external exchanges. Steps to Reproduce: Navigate to the Receive screen. Tap the copy icon next to the wallet address (e.g., 0x5d9d...b0465e8d). Observe: The lack of a distinct, accessible visual state change (such as the icon changing to a checkmark or a clear success animation). Expected Result: The UI should provide immediate, unambiguous feedback, such as: Icon Change: The copy icon should briefly animate or change to a "Checkmark" icon to confirm the action. Persistent Toast: A more visible success notification that persists long enough to be easily noticed by the user.
cryptotestnet 1 day ago
[Eco Bounty] ioPay Lack of UI/UX Feedback for "Copy" Actions
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary The application fails to provide adequate or consistent visual confirmation when a user performs a "Copy" action (e.g., copying wallet addresses). Detailed Description When tapping the "Copy" icon (specifically on the Receive screen, as shown in IMG_0045.jpg), the app does not trigger a clear visual confirmation. Current Behavior: The UI remains static. While a small "Copied!" toast message may appear briefly (as seen in the screenshot), it is easily missed, lacks animation, and does not provide tactile or persistent confirmation. Impact: Users are often left uncertain if the copy action succeeded, leading to redundant clicks and potential errors when pasting the data into external exchanges. Steps to Reproduce: Navigate to the Receive screen. Tap the copy icon next to the wallet address (e.g., 0x5d9d...b0465e8d). Observe: The lack of a distinct, accessible visual state change (such as the icon changing to a checkmark or a clear success animation). Expected Result: The UI should provide immediate, unambiguous feedback, such as: Icon Change: The copy icon should briefly animate or change to a "Checkmark" icon to confirm the action. Persistent Toast: A more visible success notification that persists long enough to be easily noticed by the user.
cryptotestnet 1 day ago
[Eco Bounty] ioPay Feedback Module Limitations
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Feedback Submission Restrictions Description: The "User Feedback" module within the app settings is overly restrictive, preventing effective bug reporting. Constraint 1 (Single File Upload): The interface limits users to uploading only one (1) image per feedback submission. This makes it impossible to provide multiple screenshots that show a sequence of a bug or different aspects of an error. Constraint 2 (No Video Support): There is no functionality to upload video files or screen recordings. Given that some bugs (like the "loading spinner" hang) are dynamic, a static screenshot is often insufficient to demonstrate the issue clearly. Steps to Reproduce: Navigate to Settings > User Feedback. Attempt to attach a second image after selecting the first. Attempt to attach a video file (e.g., .mp4 or .mov). Observe: The UI does not provide an "Add" button for additional files, and the file picker filters out non-image files, preventing video selection. Expected Result: The feedback module should allow multiple image attachments (at least 3β5) and support video file uploads to allow for comprehensive bug documentation. Actual Result: Users are limited to a single image, forcing them to omit critical visual evidence or submit multiple separate tickets for a single issue.
cryptotestnet 2 days ago
[Eco Bounty] ioPay Feedback Module Limitations
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue: Feedback Submission Restrictions Description: The "User Feedback" module within the app settings is overly restrictive, preventing effective bug reporting. Constraint 1 (Single File Upload): The interface limits users to uploading only one (1) image per feedback submission. This makes it impossible to provide multiple screenshots that show a sequence of a bug or different aspects of an error. Constraint 2 (No Video Support): There is no functionality to upload video files or screen recordings. Given that some bugs (like the "loading spinner" hang) are dynamic, a static screenshot is often insufficient to demonstrate the issue clearly. Steps to Reproduce: Navigate to Settings > User Feedback. Attempt to attach a second image after selecting the first. Attempt to attach a video file (e.g., .mp4 or .mov). Observe: The UI does not provide an "Add" button for additional files, and the file picker filters out non-image files, preventing video selection. Expected Result: The feedback module should allow multiple image attachments (at least 3β5) and support video file uploads to allow for comprehensive bug documentation. Actual Result: Users are limited to a single image, forcing them to omit critical visual evidence or submit multiple separate tickets for a single issue.
cryptotestnet 2 days ago
[ECO Bounty] ioPay Unauthorized Private Key Exposure in Offline Mode
Report Priority: Critical / Security Vulnerability App Version: ioPay 5.3.1 (3973) Device: Infinix X670 OS: Android 13 Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Description: I am reporting a critical security vulnerability in the current version of ioPay. The application allows a user to export or share their private key while in "Offline Mode." Steps to Reproduce: Open the ioPay app. Navigate to "Private Offline Mode." [Insert your specific steps here, e.g., "Select the export option," or "Open the sharing menu."] The application presents the private key in a format that can be copied, shared via third-party apps, or captured, which exposes the user's funds to immediate risk of theft. Expected Behavior: The private key should never be exportable or sharable, particularly within an "offline" feature. Sensitive credentials should remain encapsulated within the deviceβs secure storage. Impact: This vulnerability grants unauthorized access to the wallet's private credentials, potentially leading to a total loss of assets. Action Required Please treat this as a high-priority security issue. I have not shared this key with any unauthorized parties, but the fact that the application allows this action poses a significant risk to all users.
cryptotestnet 2 days ago
[ECO Bounty] ioPay Unauthorized Private Key Exposure in Offline Mode
Report Priority: Critical / Security Vulnerability App Version: ioPay 5.3.1 (3973) Device: Infinix X670 OS: Android 13 Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Description: I am reporting a critical security vulnerability in the current version of ioPay. The application allows a user to export or share their private key while in "Offline Mode." Steps to Reproduce: Open the ioPay app. Navigate to "Private Offline Mode." [Insert your specific steps here, e.g., "Select the export option," or "Open the sharing menu."] The application presents the private key in a format that can be copied, shared via third-party apps, or captured, which exposes the user's funds to immediate risk of theft. Expected Behavior: The private key should never be exportable or sharable, particularly within an "offline" feature. Sensitive credentials should remain encapsulated within the deviceβs secure storage. Impact: This vulnerability grants unauthorized access to the wallet's private credentials, potentially leading to a total loss of assets. Action Required Please treat this as a high-priority security issue. I have not shared this key with any unauthorized parties, but the fact that the application allows this action poses a significant risk to all users.
cryptotestnet 2 days ago
[Eco Bounty] IoPay Swap Interface Logic Failure (No Output)
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary: The swap interface fails to calculate or display an output amount when a valid input is provided, preventing users from completing trades within the app. Detailed Description: Location: Trade Tab -> Swap Observation: Upon entering an input of 28698 IOTX, the "To" field (ioUSDT) remains stuck on "Input the amount." Technical Failure: The "Confirm" button displays a persistent loading spinner, and the "Mimo smart router" fails to fetch or display the "Best Trade" path. The UI does not refresh with the estimated return or exchange rate. Steps to Reproduce: Launch ioPay v5.2.0 (1) on an iPhone XR (iOS 18.7.3). Navigate to the Trade icon in the bottom navigation bar. Ensure the Swap sub-tab is selected. Select IOTX as the "From" asset and ioUSDT as the "To" asset. Enter a numerical value in the IOTX field. Observe: The output field fails to populate and the confirmation button hangs in a loading state. Expected Result: The Mimo smart router should instantly calculate the exchange rate and populate the "To" field with the corresponding ioUSDT amount, enabling the "Confirm" button. Actual Result: The interface hangs; no output price is generated, and the user is unable to proceed with the transaction.
cryptotestnet 2 days ago
[Eco Bounty] IoPay Swap Interface Logic Failure (No Output)
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren App Version: ioPay v5.2.0 (1) Device: iPhone XR OS: iOS 18.7.3 Issue Summary: The swap interface fails to calculate or display an output amount when a valid input is provided, preventing users from completing trades within the app. Detailed Description: Location: Trade Tab -> Swap Observation: Upon entering an input of 28698 IOTX, the "To" field (ioUSDT) remains stuck on "Input the amount." Technical Failure: The "Confirm" button displays a persistent loading spinner, and the "Mimo smart router" fails to fetch or display the "Best Trade" path. The UI does not refresh with the estimated return or exchange rate. Steps to Reproduce: Launch ioPay v5.2.0 (1) on an iPhone XR (iOS 18.7.3). Navigate to the Trade icon in the bottom navigation bar. Ensure the Swap sub-tab is selected. Select IOTX as the "From" asset and ioUSDT as the "To" asset. Enter a numerical value in the IOTX field. Observe: The output field fails to populate and the confirmation button hangs in a loading state. Expected Result: The Mimo smart router should instantly calculate the exchange rate and populate the "To" field with the corresponding ioUSDT amount, enabling the "Confirm" button. Actual Result: The interface hangs; no output price is generated, and the user is unable to proceed with the transaction.
cryptotestnet 2 days ago
[ECO Bounty] ioPay Missing Swap Feature on iOS
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device Info: Model: iPhone XR OS Version: iOS 18.7.3 App: ioPay v5.2.0 (1) Issue Summary: The "Swap" action button is missing from the asset dashboard. Only the "Send" and "Receive" options are available. This prevents the user from accessing the internal DEX aggregator to trade IOTX or other ecosystem tokens. Steps to Reproduce: Open ioPay and log in to the wallet address provided above. View the main asset screen. Note the absence of the Swap icon between Send and Receive. Expected Result: The UI should provide a "Swap" shortcut for quick asset exchange. Actual Result: The Swap button is missing, requiring the user to manually navigate through the "Discover" tab/DApps browser to find a swap interface, which breaks the intended user experience.
cryptotestnet 2 days ago
[ECO Bounty] ioPay Missing Swap Feature on iOS
Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device Info: Model: iPhone XR OS Version: iOS 18.7.3 App: ioPay v5.2.0 (1) Issue Summary: The "Swap" action button is missing from the asset dashboard. Only the "Send" and "Receive" options are available. This prevents the user from accessing the internal DEX aggregator to trade IOTX or other ecosystem tokens. Steps to Reproduce: Open ioPay and log in to the wallet address provided above. View the main asset screen. Note the absence of the Swap icon between Send and Receive. Expected Result: The UI should provide a "Swap" shortcut for quick asset exchange. Actual Result: The Swap button is missing, requiring the user to manually navigate through the "Discover" tab/DApps browser to find a swap interface, which breaks the intended user experience.
cryptotestnet 2 days ago