[ECO Bounty] Mimo Exchange Missing Action/Feedback for Send and Add Liquidity when Wallet Disconnected
Description On the swap interface, when a user is not connected to a wallet, clicking the "Send" or "Add Liquidity" options from the secondary menu (meatball menu/ellipsis) results in no action. There is no redirect, pop-up, or prompt asking the user to connect their wallet, leading to a broken user experience. Environment Date: February 27, 2026 Platform: Web / Mobile Web Page: Swap/Buy/Bridge Interface Wallet State: Disconnected Steps to Reproduce Ensure your wallet is disconnected from the platform. Navigate to the main Swap/Buy page. Click the "..." (three dots) menu next to the Bridge option. Select "Send" or "Add Liquidity". Expected Result The app should either: Trigger the "Connect Wallet" modal automatically. Provide a toast notification stating "Please connect your wallet to use this feature." Disable these menu items until a connection is established. Actual Result The menu closes, but no action occurs. The user remains on the same screen with no feedback or indication of why the feature is unavailable. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 20 minutes ago
[ECO Bounty] Mimo Exchange Missing Action/Feedback for Send and Add Liquidity when Wallet Disconnected
Description On the swap interface, when a user is not connected to a wallet, clicking the "Send" or "Add Liquidity" options from the secondary menu (meatball menu/ellipsis) results in no action. There is no redirect, pop-up, or prompt asking the user to connect their wallet, leading to a broken user experience. Environment Date: February 27, 2026 Platform: Web / Mobile Web Page: Swap/Buy/Bridge Interface Wallet State: Disconnected Steps to Reproduce Ensure your wallet is disconnected from the platform. Navigate to the main Swap/Buy page. Click the "..." (three dots) menu next to the Bridge option. Select "Send" or "Add Liquidity". Expected Result The app should either: Trigger the "Connect Wallet" modal automatically. Provide a toast notification stating "Please connect your wallet to use this feature." Disable these menu items until a connection is established. Actual Result The menu closes, but no action occurs. The user remains on the same screen with no feedback or indication of why the feature is unavailable. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 20 minutes ago
[ECO Bounty] Mimo Exchange Numeric Input Field Accepts Invalid Alphabetic Characters
Description: In the "Buy" tab of the Mimo Exchange interface, the input field labeled "How much IOTX you want to buy" lacks proper input type restriction or regex validation. Users are able to type alphabetic characters (e.g., "AQW") into a field that should strictly accept only positive numeric values (integers or decimals). This results in a broken calculation state where the "You Pay" section displays ellipses ("...") instead of a calculated amount, and could potentially lead to failed transaction submissions or parsing errors. Steps to Reproduce: Navigate to mimo.exchange on a mobile device. Ensure wallet is not connected (or connected, the bug appears in both states). Click on the Buy tab. Tap into the input field asking "How much IOTX you want to buy". Type alphabetic characters (e.g., "AQW", "ABC", or "Test"). Observe that the input is accepted without error. Actual Result: The field displays "AQW" (or any typed letters). No inline validation error appears. The "You Pay" calculation section breaks, showing "..." instead of an equivalent ETH amount. The interface remains in a confusing intermediate state. Expected Result: The input field should reject non-numeric keystrokes immediately. Alternatively, upon entering invalid characters, an inline error message should appear: "Please enter a valid number". The field should use type="number" or inputmode="decimal" to trigger the numeric keypad on mobile devices instead of the full QWERTY keyboard. Impact: User Confusion: Users may not realize they entered invalid data until they attempt to proceed, leading to frustration. Transaction Risk: If frontend validation is missing, backend parsing might fail silently or throw cryptic errors during the transaction signing process. Mobile UX: Failing to restrict the keyboard to numeric input forces users to manually switch keyboard layouts, increasing friction. Calculation Errors: The broken "You Pay" display prevents users from understanding the exchange rate or total cost. Suggested Fix: Input Type Restriction: Change the HTML input element to type="number" or add inputmode="decimal" to force the numeric keypad on mobile devices. Regex Validation: Implement real-time JavaScript validation using a regex pattern (e.g., ^\d*\.?\d*$) to strip or block alphabetic characters as they are typed. Error Messaging: Add a red border and tooltip/error text below the field when invalid input is detected (e.g., "Invalid amount. Please enter numbers only."). Sanitization: Ensure the input is sanitized before any price calculation API calls are made to prevent sending garbage data to the quote endpoint. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 25 minutes ago
[ECO Bounty] Mimo Exchange Numeric Input Field Accepts Invalid Alphabetic Characters
Description: In the "Buy" tab of the Mimo Exchange interface, the input field labeled "How much IOTX you want to buy" lacks proper input type restriction or regex validation. Users are able to type alphabetic characters (e.g., "AQW") into a field that should strictly accept only positive numeric values (integers or decimals). This results in a broken calculation state where the "You Pay" section displays ellipses ("...") instead of a calculated amount, and could potentially lead to failed transaction submissions or parsing errors. Steps to Reproduce: Navigate to mimo.exchange on a mobile device. Ensure wallet is not connected (or connected, the bug appears in both states). Click on the Buy tab. Tap into the input field asking "How much IOTX you want to buy". Type alphabetic characters (e.g., "AQW", "ABC", or "Test"). Observe that the input is accepted without error. Actual Result: The field displays "AQW" (or any typed letters). No inline validation error appears. The "You Pay" calculation section breaks, showing "..." instead of an equivalent ETH amount. The interface remains in a confusing intermediate state. Expected Result: The input field should reject non-numeric keystrokes immediately. Alternatively, upon entering invalid characters, an inline error message should appear: "Please enter a valid number". The field should use type="number" or inputmode="decimal" to trigger the numeric keypad on mobile devices instead of the full QWERTY keyboard. Impact: User Confusion: Users may not realize they entered invalid data until they attempt to proceed, leading to frustration. Transaction Risk: If frontend validation is missing, backend parsing might fail silently or throw cryptic errors during the transaction signing process. Mobile UX: Failing to restrict the keyboard to numeric input forces users to manually switch keyboard layouts, increasing friction. Calculation Errors: The broken "You Pay" display prevents users from understanding the exchange rate or total cost. Suggested Fix: Input Type Restriction: Change the HTML input element to type="number" or add inputmode="decimal" to force the numeric keypad on mobile devices. Regex Validation: Implement real-time JavaScript validation using a regex pattern (e.g., ^\d*\.?\d*$) to strip or block alphabetic characters as they are typed. Error Messaging: Add a red border and tooltip/error text below the field when invalid input is detected (e.g., "Invalid amount. Please enter numbers only."). Sanitization: Ensure the input is sanitized before any price calculation API calls are made to prevent sending garbage data to the quote endpoint. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 25 minutes ago
[ECO Bounty] ioTex Hub "New Updates" Section Failing to Load Content
Description: Upon opening the "New Updates" section in the IoTeX Hub, the content area remains completely white/blank. There are no loading spinners, placeholder skeletons, or "No updates available" messages. This indicates either a failure to fetch data from the CMS/API or a rendering error that prevents news items from appearing. Steps to Reproduce: Navigate to hub.iotex.io. Ensure you are logged in (as shown in the screenshot with the wallet address). Scroll on the "New Updates" Observe the empty white space below the "New Updates" heading. Actual Result: The section is header-only; no news articles, banners, or update logs are displayed. The area for content is a static white block. Expected Result: The section should populate with the latest news, partnership announcements, or feature updates. If no news exists, a themed "No new updates at this time" illustration or message should be shown. Impact: User Engagement: Users miss out on critical ecosystem updates, governance proposals, or new feature announcements. Perceived Stability: Since the site is in "Beta," a blank content area makes the platform look broken or abandoned, discouraging users from using the Hub as a primary resource. Communication Gap: Important security or maintenance updates may go unnoticed by the community. Suggested Fix: Add Loading States: Implement a skeleton screen or a loading spinner so users know data is being fetched. API Error Handling: Implement a "Retry" button if the data fetch fails due to a timeout or server error. Empty State Design: If there truly are no updates, add a friendly "You're all caught up!" graphic. Verification: Check if the API endpoint supplying the news feed is active and CORS-compliant for the hub.iotex.io domain. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 2 hours ago
[ECO Bounty] ioTex Hub "New Updates" Section Failing to Load Content
Description: Upon opening the "New Updates" section in the IoTeX Hub, the content area remains completely white/blank. There are no loading spinners, placeholder skeletons, or "No updates available" messages. This indicates either a failure to fetch data from the CMS/API or a rendering error that prevents news items from appearing. Steps to Reproduce: Navigate to hub.iotex.io. Ensure you are logged in (as shown in the screenshot with the wallet address). Scroll on the "New Updates" Observe the empty white space below the "New Updates" heading. Actual Result: The section is header-only; no news articles, banners, or update logs are displayed. The area for content is a static white block. Expected Result: The section should populate with the latest news, partnership announcements, or feature updates. If no news exists, a themed "No new updates at this time" illustration or message should be shown. Impact: User Engagement: Users miss out on critical ecosystem updates, governance proposals, or new feature announcements. Perceived Stability: Since the site is in "Beta," a blank content area makes the platform look broken or abandoned, discouraging users from using the Hub as a primary resource. Communication Gap: Important security or maintenance updates may go unnoticed by the community. Suggested Fix: Add Loading States: Implement a skeleton screen or a loading spinner so users know data is being fetched. API Error Handling: Implement a "Retry" button if the data fetch fails due to a timeout or server error. Empty State Design: If there truly are no updates, add a friendly "You're all caught up!" graphic. Verification: Check if the API endpoint supplying the news feed is active and CORS-compliant for the hub.iotex.io domain. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 2 hours ago
[ECO Bounty] ioTexScan Missing Advanced Filters & Mobile Design Layout Issues
Severity: π Medium (Functional Deficiency & UX) Environment: Platform: Web (Mobile Browser) URL: iotexscan.io/addr... Feature: Transaction History Table Description: The current mobile interface for IoTeXScan lacks essential "Advanced Filter" capabilities (such as filtering by Method, Date Range, or Token Type) found in standard blockchain explorers. Additionally, the "Method" header and column are poorly aligned, creating a disjointed layout where headers don't clearly correspond to the data rows below. Steps to Reproduce: Open iotexscan.io on a mobile device. Navigate to any address with multiple transaction types (e.g., Mint, Transfer, Contract Call). View the Transactions tab. Attempt to find a filter icon or "Advanced" search toggle. Observe the alignment of the "Method" label compared to the transaction list below. Actual Result: Missing Functionality: No options exist to filter transactions by "Method" (e.g., filtering only for 'Premint' or 'Transfer'). Design Inconsistency: The "Method" header is floating in the center-right of the screen with excessive local whitespace, making it look disconnected from the transaction entries. Truncated Headers: Tab titles (Transactions, Internal Actions, etc.) are cramped and lack proper spacing for touch interaction. Expected Result: A filter icon or "Advanced Filter" button should be present to allow users to refine results. The table headers (Method, TxID, Value) should be vertically and horizontally aligned with their respective data columns. The UI should provide a "Method" dropdown to filter the list by specific interaction types. Impact: Efficiency Loss: Power users and developers cannot quickly isolate specific activities (like contract interactions) without scrolling through all logs. Poor UX: Navigation is difficult on mobile due to the lack of clear tabular structure. Data Readability: Misaligned headers mean users have to "guess" which column represents which data point when scanning quickly. Suggested Fix: Introduce Filter UI: Add a funnel icon or "Filter by Method" dropdown menu above the transaction list. Structural Realignment: Adjust CSS Flexbox/Grid properties to ensure the "Method" header sits directly above the method labels (like 'Premint') in each row. Sticky Headers: Implement sticky headers for the transaction list so users don't lose context while scrolling. Responsive Spacing: Utilize a "Mobile Card" view for transactions where each transaction is a contained card, rather than a truncated table row, to better present the Method, To/From, and Value data. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 15 hours ago
[ECO Bounty] ioTexScan Missing Advanced Filters & Mobile Design Layout Issues
Severity: π Medium (Functional Deficiency & UX) Environment: Platform: Web (Mobile Browser) URL: iotexscan.io/addr... Feature: Transaction History Table Description: The current mobile interface for IoTeXScan lacks essential "Advanced Filter" capabilities (such as filtering by Method, Date Range, or Token Type) found in standard blockchain explorers. Additionally, the "Method" header and column are poorly aligned, creating a disjointed layout where headers don't clearly correspond to the data rows below. Steps to Reproduce: Open iotexscan.io on a mobile device. Navigate to any address with multiple transaction types (e.g., Mint, Transfer, Contract Call). View the Transactions tab. Attempt to find a filter icon or "Advanced" search toggle. Observe the alignment of the "Method" label compared to the transaction list below. Actual Result: Missing Functionality: No options exist to filter transactions by "Method" (e.g., filtering only for 'Premint' or 'Transfer'). Design Inconsistency: The "Method" header is floating in the center-right of the screen with excessive local whitespace, making it look disconnected from the transaction entries. Truncated Headers: Tab titles (Transactions, Internal Actions, etc.) are cramped and lack proper spacing for touch interaction. Expected Result: A filter icon or "Advanced Filter" button should be present to allow users to refine results. The table headers (Method, TxID, Value) should be vertically and horizontally aligned with their respective data columns. The UI should provide a "Method" dropdown to filter the list by specific interaction types. Impact: Efficiency Loss: Power users and developers cannot quickly isolate specific activities (like contract interactions) without scrolling through all logs. Poor UX: Navigation is difficult on mobile due to the lack of clear tabular structure. Data Readability: Misaligned headers mean users have to "guess" which column represents which data point when scanning quickly. Suggested Fix: Introduce Filter UI: Add a funnel icon or "Filter by Method" dropdown menu above the transaction list. Structural Realignment: Adjust CSS Flexbox/Grid properties to ensure the "Method" header sits directly above the method labels (like 'Premint') in each row. Sticky Headers: Implement sticky headers for the transaction list so users don't lose context while scrolling. Responsive Spacing: Utilize a "Mobile Card" view for transactions where each transaction is a contained card, rather than a truncated table row, to better present the Method, To/From, and Value data. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 15 hours ago
[Eco Bounty] IoTex UI Interactivity Failure β "for agents" Tile
Severity: Medium (Functional impairment/UX inconsistency) 1. Description On the IoTeX landing page, the interactive tiles under the core offerings section are inconsistent. While the "for physical AIs" and "for models" tiles expand to reveal descriptive text and visual overlays upon interaction, the "for agents" tile remains static. It fails to trigger any expansion or provide the intended information to the user. 2. Steps to Reproduce Open the IoTeX website on a mobile device/emulator. Scroll to the section containing the three category tiles: agents, physical AIs, and models. Tap on the "for physical AIs" tile (Note: It expands correctly). Tap on the "for models" tile (Note: It expands correctly). Tap on the "for agents" tile. 3. Expected Result The tile should expand, the background image should shift/darken, and a descriptive blurb explaining IoTeXβs value proposition for "agents" should appear, matching the behavior of the other two tiles. 4. Actual Result The tile remains in its default collapsed state. No text is revealed, and the background does not transition to an "active" state. 5. Visual Evidence (from Screen Recording) 0:01 - 0:05: User attempts to interact with the top "for agents" tile; it remains static. 0:06 - 0:10: User taps "for physical AIs"; tile expands to show text regarding real-time environmental awareness. 0:11 - 0:14: User taps "for models"; tile expands to show text regarding verifiable context and adaptive learning. 6. Technical Notes Likely Cause: Missing onClick event handler or a CSS class toggle failure specific to the first element in the list/array. Platform: Mobile Web (Screen recording indicates an Android/iOS mobile browser environment). 7. Suggested Fix Verify that the data-state or active class is being applied to the "agents" container. Ensure the content string for "agents" is correctly mapped in the frontend component (e.g., React/Vue props). Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 17 hours ago
[Eco Bounty] IoTex UI Interactivity Failure β "for agents" Tile
Severity: Medium (Functional impairment/UX inconsistency) 1. Description On the IoTeX landing page, the interactive tiles under the core offerings section are inconsistent. While the "for physical AIs" and "for models" tiles expand to reveal descriptive text and visual overlays upon interaction, the "for agents" tile remains static. It fails to trigger any expansion or provide the intended information to the user. 2. Steps to Reproduce Open the IoTeX website on a mobile device/emulator. Scroll to the section containing the three category tiles: agents, physical AIs, and models. Tap on the "for physical AIs" tile (Note: It expands correctly). Tap on the "for models" tile (Note: It expands correctly). Tap on the "for agents" tile. 3. Expected Result The tile should expand, the background image should shift/darken, and a descriptive blurb explaining IoTeXβs value proposition for "agents" should appear, matching the behavior of the other two tiles. 4. Actual Result The tile remains in its default collapsed state. No text is revealed, and the background does not transition to an "active" state. 5. Visual Evidence (from Screen Recording) 0:01 - 0:05: User attempts to interact with the top "for agents" tile; it remains static. 0:06 - 0:10: User taps "for physical AIs"; tile expands to show text regarding real-time environmental awareness. 0:11 - 0:14: User taps "for models"; tile expands to show text regarding verifiable context and adaptive learning. 6. Technical Notes Likely Cause: Missing onClick event handler or a CSS class toggle failure specific to the first element in the list/array. Platform: Mobile Web (Screen recording indicates an Android/iOS mobile browser environment). 7. Suggested Fix Verify that the data-state or active class is being applied to the "agents" container. Ensure the content string for "agents" is correctly mapped in the frontend component (e.g., React/Vue props). Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 17 hours ago
[ECO Bounty] ioTexScan Transaction "OUT" Label Design & Accessibility Issue
Severity: π‘ Low to Medium (Accessibility & UX) Environment: Platform: Web (Mobile Browser) URL: iotexscan.io/addr... Device: Android (Chrome/WebKit-based browser) View: Transaction History List Description: On the IoTeXScan address details page, the transaction type labels (specifically "OUT") are styled with an orange/salmon background that resembles clickable buttons rather than status badges. This creates confusion about interactivity and may present color contrast issues for accessibility. The styling appears inconsistent with standard blockchain explorer UX patterns where transaction direction is typically indicated through subtle text colors or icons rather than solid button-like backgrounds. Steps to Reproduce: Open mobile browser and navigate to iotexscan.io. Search for any wallet address with outgoing transactions. Scroll to the transaction history list. Observe the orange "OUT" label positioned between the TxID and recipient address. Actual Result: The "OUT" label uses a solid orange/peach background (#FFA07A or similar) with dark text. Visual styling mimics a clickable button or CTA (Call-to-Action), though it appears to be non-interactive status text. High visual weight draws disproportionate attention compared to critical data (addresses, amounts). If colorblind accessibility is considered, the orange may be difficult to distinguish from potential "IN" labels without additional visual indicators. Expected Result: "OUT" should use a subtle badge style (outline or light tint) rather than solid fill. Should include an accompanying icon (arrow up/out) to indicate direction, aiding colorblind users. Text should have WCAG AA compliant contrast ratio (minimum 4.5:1). Visual hierarchy should prioritize transaction values and addresses over direction labels. Impact: Accessibility: Users with color vision deficiencies may struggle to distinguish "OUT" from "IN" if color is the sole differentiator. UX Confusion: Button-like appearance suggests clickability; users may attempt to tap the label expecting a filter or action menu. Visual Clutter: High-contrast orange tags create repetitive visual noise when scanning through multiple transactions. Professional Perception: Design inconsistency with modern blockchain explorers (Etherscan, BscScan) may reduce perceived platform maturity. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 18 hours ago
[ECO Bounty] ioTexScan Transaction "OUT" Label Design & Accessibility Issue
Severity: π‘ Low to Medium (Accessibility & UX) Environment: Platform: Web (Mobile Browser) URL: iotexscan.io/addr... Device: Android (Chrome/WebKit-based browser) View: Transaction History List Description: On the IoTeXScan address details page, the transaction type labels (specifically "OUT") are styled with an orange/salmon background that resembles clickable buttons rather than status badges. This creates confusion about interactivity and may present color contrast issues for accessibility. The styling appears inconsistent with standard blockchain explorer UX patterns where transaction direction is typically indicated through subtle text colors or icons rather than solid button-like backgrounds. Steps to Reproduce: Open mobile browser and navigate to iotexscan.io. Search for any wallet address with outgoing transactions. Scroll to the transaction history list. Observe the orange "OUT" label positioned between the TxID and recipient address. Actual Result: The "OUT" label uses a solid orange/peach background (#FFA07A or similar) with dark text. Visual styling mimics a clickable button or CTA (Call-to-Action), though it appears to be non-interactive status text. High visual weight draws disproportionate attention compared to critical data (addresses, amounts). If colorblind accessibility is considered, the orange may be difficult to distinguish from potential "IN" labels without additional visual indicators. Expected Result: "OUT" should use a subtle badge style (outline or light tint) rather than solid fill. Should include an accompanying icon (arrow up/out) to indicate direction, aiding colorblind users. Text should have WCAG AA compliant contrast ratio (minimum 4.5:1). Visual hierarchy should prioritize transaction values and addresses over direction labels. Impact: Accessibility: Users with color vision deficiencies may struggle to distinguish "OUT" from "IN" if color is the sole differentiator. UX Confusion: Button-like appearance suggests clickability; users may attempt to tap the label expecting a filter or action menu. Visual Clutter: High-contrast orange tags create repetitive visual noise when scanning through multiple transactions. Professional Perception: Design inconsistency with modern blockchain explorers (Etherscan, BscScan) may reduce perceived platform maturity. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 18 hours ago
[ECO Bounty] iopay "My Rewards" Data Fetching Failure
Description When a user navigates to the "My Rewards" tab within the staking section of the ioPay app, the application fails to retrieve the staking rewards summary. A system error message appears at the top of the screen stating: "Failed to fetch (gateway2.iotex.io)", leaving the rewards data fields empty (displayed as dashes). Severity High β While it doesn't prevent staking, it is a functional failure that stops users from monitoring their earnings, which is a core part of the staking experience. Impact User Uncertainty: Users cannot verify if they are actually receiving rewards, leading to doubt about the protocol's performance. Loss of Functionality: Critical data points like "Total Reward," "Staking Reward," and "Burn-drop Reward" are unavailable. Technical Friction: The exposure of a raw "Failed to fetch" error with a technical URL makes the app feel unpolished and unstable to non-technical users. Reproduce Open the ioPay app. Navigate to the Stake or IOTX Asset page. Tap on the "My Rewards" tab. Observe the red error banner at the top and the empty data fields in the "Rewards Summary." Expectation The app should successfully connect to the IoTeX gateway and populate the rewards summary with the user's historical and pending staking data for the last 7, 30, or 365 days. Actual The app displays a "Failed to fetch (gateway2.iotex.io)" error, and all numerical reward data is replaced by simple placeholder dashes (β). Suggest Fix API Redundancy: Implement a fallback mechanism so that if gateway2.iotex.io is down, the app automatically tries an alternative gateway (e.g., gateway.iotex.io). Retry Logic: Add a "Tap to Retry" button on the error state to allow users to manually refresh the connection. User-Friendly Messaging: Replace the raw "Failed to fetch" technical error with a clearer message like "Unable to connect to rewards server. Please check your internet or try again later." Backend Monitoring: Investigate the stability and uptime of the gateway2 endpoint to ensure it can handle current traffic loads. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 20 hours ago
[ECO Bounty] iopay "My Rewards" Data Fetching Failure
Description When a user navigates to the "My Rewards" tab within the staking section of the ioPay app, the application fails to retrieve the staking rewards summary. A system error message appears at the top of the screen stating: "Failed to fetch (gateway2.iotex.io)", leaving the rewards data fields empty (displayed as dashes). Severity High β While it doesn't prevent staking, it is a functional failure that stops users from monitoring their earnings, which is a core part of the staking experience. Impact User Uncertainty: Users cannot verify if they are actually receiving rewards, leading to doubt about the protocol's performance. Loss of Functionality: Critical data points like "Total Reward," "Staking Reward," and "Burn-drop Reward" are unavailable. Technical Friction: The exposure of a raw "Failed to fetch" error with a technical URL makes the app feel unpolished and unstable to non-technical users. Reproduce Open the ioPay app. Navigate to the Stake or IOTX Asset page. Tap on the "My Rewards" tab. Observe the red error banner at the top and the empty data fields in the "Rewards Summary." Expectation The app should successfully connect to the IoTeX gateway and populate the rewards summary with the user's historical and pending staking data for the last 7, 30, or 365 days. Actual The app displays a "Failed to fetch (gateway2.iotex.io)" error, and all numerical reward data is replaced by simple placeholder dashes (β). Suggest Fix API Redundancy: Implement a fallback mechanism so that if gateway2.iotex.io is down, the app automatically tries an alternative gateway (e.g., gateway.iotex.io). Retry Logic: Add a "Tap to Retry" button on the error state to allow users to manually refresh the connection. User-Friendly Messaging: Replace the raw "Failed to fetch" technical error with a clearer message like "Unable to connect to rewards server. Please check your internet or try again later." Backend Monitoring: Investigate the stability and uptime of the gateway2 endpoint to ensure it can handle current traffic loads. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 20 hours ago
[ECO Bounty] iopay Authentication Bypass During NFT Minting
Description A security flaw has been identified in the ioPay wallet where the application fails to enforce mandatory authentication (security code or fingerprint) during the final stages of a transaction. Specifically, when interacting with the Rootstock Testnet to mint a "Milestone Badge," the transaction can be broadcast to the blockchain without any biometric or passcode verification from the user. Severity Critical β This is a major security vulnerability. Any person with physical access to an unlocked device can execute on-chain transactions and move or mint assets without knowing the wallet's security credentials. Impact Unauthorized Access: Private keys are effectively exposed to anyone holding the device, bypassing the "Military-Grade Encryption" and "Secure self-custody" claims of the app. Financial Loss: In a mainnet environment, this flaw could lead to the total draining of assets if a malicious actor gains temporary access to the phone. Regulatory Non-compliance: The lack of Strong Customer Authentication (SCA) fails to meet global standards like the UKβs FCA or EUβs MiCA requirements for secure transaction signing. Reproduce Open the ioPay app. Access a minting dApp (e.g., badges.blockscout.com on Rootstock Testnet). Initiate the Mint process for a badge or NFT. Proceed through the wallet's transaction confirmation screens. Observe that the transaction completes and is broadcast to the network without the app requesting a fingerprint scan or security code. Expectation Before any transaction is signed and broadcast, the app must require a biometric check Fingerprint or the entry of a manual security code to verify the user's intent and identity. Actual The transaction is confirmed and processed immediately upon clicking "Confirm," entirely bypassing the security layer that is supposed to protect the private keys. Suggest Fix Enforce Global Auth Hook: Ensure that the signTransaction and sendTransaction methods in the core SDK are globally hooked to the system's biometric/security prompt. Validation Check: Add a logic gate that prevents the transaction broadcast if a "Success" token from the local authentication module has not been received. Security Settings Audit: Review the app's default settings to ensure that "Transaction Confirmation" security is enabled by default and cannot be accidentally disabled by dApp interactions. Harden Biometric Integration: Implement "Liveness detection" or multi-factor approvals for sensitive operations like minting and transfers Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] iopay Authentication Bypass During NFT Minting
Description A security flaw has been identified in the ioPay wallet where the application fails to enforce mandatory authentication (security code or fingerprint) during the final stages of a transaction. Specifically, when interacting with the Rootstock Testnet to mint a "Milestone Badge," the transaction can be broadcast to the blockchain without any biometric or passcode verification from the user. Severity Critical β This is a major security vulnerability. Any person with physical access to an unlocked device can execute on-chain transactions and move or mint assets without knowing the wallet's security credentials. Impact Unauthorized Access: Private keys are effectively exposed to anyone holding the device, bypassing the "Military-Grade Encryption" and "Secure self-custody" claims of the app. Financial Loss: In a mainnet environment, this flaw could lead to the total draining of assets if a malicious actor gains temporary access to the phone. Regulatory Non-compliance: The lack of Strong Customer Authentication (SCA) fails to meet global standards like the UKβs FCA or EUβs MiCA requirements for secure transaction signing. Reproduce Open the ioPay app. Access a minting dApp (e.g., badges.blockscout.com on Rootstock Testnet). Initiate the Mint process for a badge or NFT. Proceed through the wallet's transaction confirmation screens. Observe that the transaction completes and is broadcast to the network without the app requesting a fingerprint scan or security code. Expectation Before any transaction is signed and broadcast, the app must require a biometric check Fingerprint or the entry of a manual security code to verify the user's intent and identity. Actual The transaction is confirmed and processed immediately upon clicking "Confirm," entirely bypassing the security layer that is supposed to protect the private keys. Suggest Fix Enforce Global Auth Hook: Ensure that the signTransaction and sendTransaction methods in the core SDK are globally hooked to the system's biometric/security prompt. Validation Check: Add a logic gate that prevents the transaction broadcast if a "Success" token from the local authentication module has not been received. Security Settings Audit: Review the app's default settings to ensure that "Transaction Confirmation" security is enabled by default and cannot be accidentally disabled by dApp interactions. Harden Biometric Integration: Implement "Liveness detection" or multi-factor approvals for sensitive operations like minting and transfers Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] Lack of Modern Visual Effects & Interaction Feedback in ioPay UI
Description The primary action buttons (Send, Receive, Buy, Earn, Activities) on the ioPay main dashboard lack modern visual effects, such as depth, micro-animations, or dynamic interaction feedback. The current icon set and container design appear static and flat, failing to utilize modern UI trends like glassmorphism, haptic-linked animations, or gradient glows that are common in high-end Web3 wallets. Severity Low β This is a cosmetic and experiential issue that does not impact core wallet security or transaction capabilities. Impact User Engagement: The interface feels "static," which can lead to a less immersive experience for power users who expect a premium, high-tech feel from a blockchain wallet. Perceived Innovation: In the competitive Web3 space, "flat" and non-reactive designs can make a platform appear less technologically advanced than competitors that use fluid motions and layered effects. Brand Aesthetic: The mismatch between high-quality 3D assets (like the "Stake IOTX" coins) and the plain, flat action buttons creates a fragmented visual identity. Reproduce Open the ioPay application to the Wallet tab. Locate the horizontal row of action buttons (Send, Receive, Buy, Earn, Activities). Tap on an icon or hover (if applicable) and observe the lack of secondary visual transitions, shadow shifts, or glow effects. Observe the pagination dots (three dots) below the banner, which remain simple and static. Expectation Micro-animations: Icons should have subtle movement (e.g., the "Send" arrow shifting slightly) when the dashboard loads or when touched. Visual Depth: Buttons should utilize subtle gradients, outer glows, or "glass" backgrounds to stand out against the dark theme. Active States: Tapping a button should provide a clear, modern visual pulse or a slight scale-down effect to acknowledge the user's intent. Actual The icons are standard flat glyphs inside simple dark circles with no active lighting effects, transitions, or modern depth styling. Suggest Fix Implement "Glow" States: Add a subtle brand-colored (purple/blue) outer glow to the active button or as a hover/tap effect to simulate "energy." Layered Design: Use a semi-transparent "glassmorphism" background for the action row to create a sense of hierarchy and depth over the main wallpaper. Animated Transitions: Integrate Lottie or Rive animations for the core icons to make the interface feel "alive" and responsive. Haptic Integration: Pair subtle UI scale-down effects with haptic feedback to provide a tactile, modern "click" feel. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] Lack of Modern Visual Effects & Interaction Feedback in ioPay UI
Description The primary action buttons (Send, Receive, Buy, Earn, Activities) on the ioPay main dashboard lack modern visual effects, such as depth, micro-animations, or dynamic interaction feedback. The current icon set and container design appear static and flat, failing to utilize modern UI trends like glassmorphism, haptic-linked animations, or gradient glows that are common in high-end Web3 wallets. Severity Low β This is a cosmetic and experiential issue that does not impact core wallet security or transaction capabilities. Impact User Engagement: The interface feels "static," which can lead to a less immersive experience for power users who expect a premium, high-tech feel from a blockchain wallet. Perceived Innovation: In the competitive Web3 space, "flat" and non-reactive designs can make a platform appear less technologically advanced than competitors that use fluid motions and layered effects. Brand Aesthetic: The mismatch between high-quality 3D assets (like the "Stake IOTX" coins) and the plain, flat action buttons creates a fragmented visual identity. Reproduce Open the ioPay application to the Wallet tab. Locate the horizontal row of action buttons (Send, Receive, Buy, Earn, Activities). Tap on an icon or hover (if applicable) and observe the lack of secondary visual transitions, shadow shifts, or glow effects. Observe the pagination dots (three dots) below the banner, which remain simple and static. Expectation Micro-animations: Icons should have subtle movement (e.g., the "Send" arrow shifting slightly) when the dashboard loads or when touched. Visual Depth: Buttons should utilize subtle gradients, outer glows, or "glass" backgrounds to stand out against the dark theme. Active States: Tapping a button should provide a clear, modern visual pulse or a slight scale-down effect to acknowledge the user's intent. Actual The icons are standard flat glyphs inside simple dark circles with no active lighting effects, transitions, or modern depth styling. Suggest Fix Implement "Glow" States: Add a subtle brand-colored (purple/blue) outer glow to the active button or as a hover/tap effect to simulate "energy." Layered Design: Use a semi-transparent "glassmorphism" background for the action row to create a sense of hierarchy and depth over the main wallpaper. Animated Transitions: Integrate Lottie or Rive animations for the core icons to make the interface feel "alive" and responsive. Haptic Integration: Pair subtle UI scale-down effects with haptic feedback to provide a tactile, modern "click" feel. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] iopay Non-Modern UI Components in Main Wallet Dashboard
Description The main wallet dashboard in ioPay contains several UI elements that do not align with modern mobile design standards. Specifically, the pagination indicator (the three dots below the "Stake IOTX" banner) and the asset filter section ("Hide assets < 1 USD") use basic, legacy styling that feels disconnected from the more polished IOTX branding and icons used elsewhere in the app. Severity Low β This is a visual/cosmetic issue that does not impact the functionality of sending, receiving, or staking assets. Impact Visual Inconsistency: The app's design language is a mix of high-fidelity graphics (like the 3D staking coins) and basic, low-fidelity UI components (like the standard checkbox and small gray pagination dots). Brand Perception: An "unpolished" UI can make the app feel less premium or secure to new users compared to modern competitors like MetaMask or Phantom. User Experience: The "Hide assets" checkbox is small and may be difficult for users with larger fingers to toggle accurately on mobile devices. Reproduce Open the ioPay app to the main Wallet tab. Observe the banner section (carousel). Note the small, static gray dots used for navigation. Scroll down to the TOKEN list. Observe the "Hide assets < 1 USD" toggle, which uses a standard, sharp-cornered system checkbox. Expectation Carousel Indicators: Should use modern active/inactive states (e.g., the active dot expanding into a pill shape or changing to a bright brand color). Toggles: The legacy checkbox should be replaced with a modern "Switch" component or a custom-styled rounded checkbox that matches the app's dark-mode aesthetic. Typography & Spacing: The layout should feel more "spacious" with consistent corner radii across all cards and interactive elements. Actual The app uses "stock" or legacy UI components that appear dated and lack the smooth animations or refined styling found in modern Web3 applications. Suggested Fix Modernize Toggles: Replace the standard HTML-style checkbox for "Hide assets" with a sleek UI toggle switch. Update Pagination: Implement dynamic carousel indicators that provide better visual feedback on which slide is currently active. Refine the Banner: Add a subtle gradient border or "glassmorphism" effect to the Stake banner to help it blend more naturally into the dark background of the wallet. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] iopay Non-Modern UI Components in Main Wallet Dashboard
Description The main wallet dashboard in ioPay contains several UI elements that do not align with modern mobile design standards. Specifically, the pagination indicator (the three dots below the "Stake IOTX" banner) and the asset filter section ("Hide assets < 1 USD") use basic, legacy styling that feels disconnected from the more polished IOTX branding and icons used elsewhere in the app. Severity Low β This is a visual/cosmetic issue that does not impact the functionality of sending, receiving, or staking assets. Impact Visual Inconsistency: The app's design language is a mix of high-fidelity graphics (like the 3D staking coins) and basic, low-fidelity UI components (like the standard checkbox and small gray pagination dots). Brand Perception: An "unpolished" UI can make the app feel less premium or secure to new users compared to modern competitors like MetaMask or Phantom. User Experience: The "Hide assets" checkbox is small and may be difficult for users with larger fingers to toggle accurately on mobile devices. Reproduce Open the ioPay app to the main Wallet tab. Observe the banner section (carousel). Note the small, static gray dots used for navigation. Scroll down to the TOKEN list. Observe the "Hide assets < 1 USD" toggle, which uses a standard, sharp-cornered system checkbox. Expectation Carousel Indicators: Should use modern active/inactive states (e.g., the active dot expanding into a pill shape or changing to a bright brand color). Toggles: The legacy checkbox should be replaced with a modern "Switch" component or a custom-styled rounded checkbox that matches the app's dark-mode aesthetic. Typography & Spacing: The layout should feel more "spacious" with consistent corner radii across all cards and interactive elements. Actual The app uses "stock" or legacy UI components that appear dated and lack the smooth animations or refined styling found in modern Web3 applications. Suggested Fix Modernize Toggles: Replace the standard HTML-style checkbox for "Hide assets" with a sleek UI toggle switch. Update Pagination: Implement dynamic carousel indicators that provide better visual feedback on which slide is currently active. Refine the Banner: Add a subtle gradient border or "glassmorphism" effect to the Stake banner to help it blend more naturally into the dark background of the wallet. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet About 23 hours ago
[ECO Bounty] ioPay News Section Link Failure (404 Error)
Description When attempting to access specific news articles within the News tab of the ioPay app, the internal browser fails to load the content and displays a "404 | This page could not be found" error. Severity Medium β While it doesn't break core wallet functionality (sending/receiving), it completely disables the information-sharing feature of the app, preventing users from reading official updates. Impact Information Gap: Users cannot access critical security updates or ecosystem news (e.g., updates on "security incidents" mentioned in the feed). Poor User Experience: Landing on a dead page within the "Discover" section reduces the perceived reliability of the app. Broken Navigation: The app's internal browser remains stuck on a 404 page, forcing the user to navigate back manually without obtaining the intended information. Steps to Reproduce Open the ioPay app. Navigate to the Discover tab at the bottom right. Tap on the News sub-tab at the top. Observe the resulting "404" error page. Expectation Tapping a news item or link should redirect the user to a functional webpage (Twitter/X, a blog post, or an official announcement) containing the full content of the update. Actual The app attempts to load the URL but returns a standard "404 | This page could not be found" error, indicating the link is either broken, expired, or incorrectly formatted. Suggested Fix Link Verification: Implement a backend check to ensure that news feed links are active and not expired before displaying them in the app. Formatting Check: Ensure that the internal browser is correctly handling t.co redirects or consider using direct links to official sources (like iotex.io/blog). Custom Error Page: Instead of a generic web 404, provide a "Content Unavailable" message within the app's UI with an option to open the link in an external system browser (Chrome/Safari). Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] ioPay News Section Link Failure (404 Error)
Description When attempting to access specific news articles within the News tab of the ioPay app, the internal browser fails to load the content and displays a "404 | This page could not be found" error. Severity Medium β While it doesn't break core wallet functionality (sending/receiving), it completely disables the information-sharing feature of the app, preventing users from reading official updates. Impact Information Gap: Users cannot access critical security updates or ecosystem news (e.g., updates on "security incidents" mentioned in the feed). Poor User Experience: Landing on a dead page within the "Discover" section reduces the perceived reliability of the app. Broken Navigation: The app's internal browser remains stuck on a 404 page, forcing the user to navigate back manually without obtaining the intended information. Steps to Reproduce Open the ioPay app. Navigate to the Discover tab at the bottom right. Tap on the News sub-tab at the top. Observe the resulting "404" error page. Expectation Tapping a news item or link should redirect the user to a functional webpage (Twitter/X, a blog post, or an official announcement) containing the full content of the update. Actual The app attempts to load the URL but returns a standard "404 | This page could not be found" error, indicating the link is either broken, expired, or incorrectly formatted. Suggested Fix Link Verification: Implement a backend check to ensure that news feed links are active and not expired before displaying them in the app. Formatting Check: Ensure that the internal browser is correctly handling t.co redirects or consider using direct links to official sources (like iotex.io/blog). Custom Error Page: Instead of a generic web 404, provide a "Content Unavailable" message within the app's UI with an option to open the link in an external system browser (Chrome/Safari). Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan Launch ETA Sorting Inaccuracy and Mobile UI Misalignment
Description In the DePINscan "Token Launch" view, the sorting functionality for the Launch ETA column does not accurately order projects from oldest to newest (or vice versa). The logic appears to fail when comparing different date formats (e.g., "Q4 2024" vs. "Aug 28, 2024"). Additionally, the mobile interface suffers from alignment issues where column headers do not line up with their respective data. Severity Medium β It hinders the user's ability to track upcoming project launches chronologically, which is the primary purpose of this specific view. Impact User Confusion: Users cannot reliably see which projects are launching next because "Q4 2024" is placed above "Aug 28, 2024," and "2025 Q3" follows "Aug 28, 2024" in an inconsistent manner. Data Reliability: The lack of a uniform date format (Quarterly vs. Monthly vs. Specific Date) makes the sorting algorithm behave unpredictably. Poor Mobile UX: The "Launch ETA" header is shifted too far to the right, causing a visual disconnect from the dates listed below it. Reproduce Open the ioPay app and navigate to the Discover tab. Select the DePINscan dApp. Switch the project view to "Token Launch." Click the "Launch ETA" column header to sort. Observe that "Q4 2024" is listed above "Aug 28, 2024," and "Q1 2025" is listed before "2025 Q3." Observe the horizontal alignment of the "Launch ETA" text relative to the dates in the list. Expectation Sorting: The list should follow a strict chronological timeline. Specific dates (Aug 2024) should be grouped correctly with their respective quarters (Q3 2024) and years. UI Design: The "Launch ETA" header should be centered or right-aligned directly above the date values to ensure readability on small screens. Formatting: Dates should ideally follow a standardized format (e.g., all YYYY-MM-DD or all Quarter Year) to assist the sorting engine. Actual Sorting: The order is mixed (e.g., a 2026 date is second on the list while 2024 dates appear above and below it). UI Design: The header "Launch ETA" is nearly touching the edge of the screen, while the dates are indented further left. Suggest Fix Standardize Data Input: Convert all "ETA" strings into standard timestamps in the backend so the sorting algorithm treats "Q4 2024" as 2024-10-01. CSS Flexbox/Grid: Adjust the table header container on mobile to use justify-content: space-between or assign fixed percentage widths to columns to ensure the header always sits directly above the data. Date Normalization: Display dates in a consistent format across all projects to prevent the "alphabetical vs. numerical" sorting conflict currently visible. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan Launch ETA Sorting Inaccuracy and Mobile UI Misalignment
Description In the DePINscan "Token Launch" view, the sorting functionality for the Launch ETA column does not accurately order projects from oldest to newest (or vice versa). The logic appears to fail when comparing different date formats (e.g., "Q4 2024" vs. "Aug 28, 2024"). Additionally, the mobile interface suffers from alignment issues where column headers do not line up with their respective data. Severity Medium β It hinders the user's ability to track upcoming project launches chronologically, which is the primary purpose of this specific view. Impact User Confusion: Users cannot reliably see which projects are launching next because "Q4 2024" is placed above "Aug 28, 2024," and "2025 Q3" follows "Aug 28, 2024" in an inconsistent manner. Data Reliability: The lack of a uniform date format (Quarterly vs. Monthly vs. Specific Date) makes the sorting algorithm behave unpredictably. Poor Mobile UX: The "Launch ETA" header is shifted too far to the right, causing a visual disconnect from the dates listed below it. Reproduce Open the ioPay app and navigate to the Discover tab. Select the DePINscan dApp. Switch the project view to "Token Launch." Click the "Launch ETA" column header to sort. Observe that "Q4 2024" is listed above "Aug 28, 2024," and "Q1 2025" is listed before "2025 Q3." Observe the horizontal alignment of the "Launch ETA" text relative to the dates in the list. Expectation Sorting: The list should follow a strict chronological timeline. Specific dates (Aug 2024) should be grouped correctly with their respective quarters (Q3 2024) and years. UI Design: The "Launch ETA" header should be centered or right-aligned directly above the date values to ensure readability on small screens. Formatting: Dates should ideally follow a standardized format (e.g., all YYYY-MM-DD or all Quarter Year) to assist the sorting engine. Actual Sorting: The order is mixed (e.g., a 2026 date is second on the list while 2024 dates appear above and below it). UI Design: The header "Launch ETA" is nearly touching the edge of the screen, while the dates are indented further left. Suggest Fix Standardize Data Input: Convert all "ETA" strings into standard timestamps in the backend so the sorting algorithm treats "Q4 2024" as 2024-10-01. CSS Flexbox/Grid: Adjust the table header container on mobile to use justify-content: space-between or assign fixed percentage widths to columns to ensure the header always sits directly above the data. Date Normalization: Display dates in a consistent format across all projects to prevent the "alphabetical vs. numerical" sorting conflict currently visible. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan UI Redundancy and Sensitive Data Exposure in Developer Settings
Description The DePINscan developer dashboard contains several UI and privacy issues: the "API Keys" section allows for duplicate project names, the "Feedback" icon obstructs critical action buttons, and sensitive API keys are partially visible by default without a robust "hide/mask" toggle. Severity Medium β While the duplicate names and icon placement are cosmetic and organizational, the partial exposure of API keys without a masking option presents a potential security risk. Impact Security Risk: API keys are sensitive; displaying a significant portion of the key by default increases the risk of accidental exposure during screen sharing or screenshots. Poor UX: The "Feedback" (megaphone) icon floats over the "Delete" buttons, making it difficult for users to manage their keys on mobile devices. Data Confusion: Allowing multiple API keys with the exact same name ("JC") makes it impossible for developers to distinguish between different environments or keys at a glance. Reproduce Navigate to the DePINscan API settings page. Duplicate Names: Create multiple API keys using the exact same name (e.g., "JC") and observe that the system accepts them without unique identifiers. Feedback Icon: View the page on a mobile browser and observe the floating megaphone icon overlapping the "Delete" buttons on the right side of the screen. Key Exposure: Observe the "Key" column where the API keys are displayed in a shortened but still partially readable format without a "Hide" button. Expectation Validation: The system should prevent or warn against using duplicate names for API keys within the same account. Layout: Floating action buttons (Feedback) should not overlap functional UI elements like "Delete" buttons. Privacy: API keys should be fully masked (e.g., **********) by default, with an "Eye" icon to reveal them temporarily. Actual Duplicates: Multiple keys named "JC" are listed. Overlap: The Feedback icon covers the "Delete" button for the third entry. Exposure: The start and end of the API keys are visible, and there is no option to hide them completely. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan UI Redundancy and Sensitive Data Exposure in Developer Settings
Description The DePINscan developer dashboard contains several UI and privacy issues: the "API Keys" section allows for duplicate project names, the "Feedback" icon obstructs critical action buttons, and sensitive API keys are partially visible by default without a robust "hide/mask" toggle. Severity Medium β While the duplicate names and icon placement are cosmetic and organizational, the partial exposure of API keys without a masking option presents a potential security risk. Impact Security Risk: API keys are sensitive; displaying a significant portion of the key by default increases the risk of accidental exposure during screen sharing or screenshots. Poor UX: The "Feedback" (megaphone) icon floats over the "Delete" buttons, making it difficult for users to manage their keys on mobile devices. Data Confusion: Allowing multiple API keys with the exact same name ("JC") makes it impossible for developers to distinguish between different environments or keys at a glance. Reproduce Navigate to the DePINscan API settings page. Duplicate Names: Create multiple API keys using the exact same name (e.g., "JC") and observe that the system accepts them without unique identifiers. Feedback Icon: View the page on a mobile browser and observe the floating megaphone icon overlapping the "Delete" buttons on the right side of the screen. Key Exposure: Observe the "Key" column where the API keys are displayed in a shortened but still partially readable format without a "Hide" button. Expectation Validation: The system should prevent or warn against using duplicate names for API keys within the same account. Layout: Floating action buttons (Feedback) should not overlap functional UI elements like "Delete" buttons. Privacy: API keys should be fully masked (e.g., **********) by default, with an "Eye" icon to reveal them temporarily. Actual Duplicates: Multiple keys named "JC" are listed. Overlap: The Feedback icon covers the "Delete" button for the third entry. Exposure: The start and end of the API keys are visible, and there is no option to hide them completely. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan Image Upload Failure for Project Logo
Description The "Logo" upload field in the project configuration settings fails to process and save uploaded images. When a user selects an image from their device, the interface shows a brief loading animation but immediately reverts to the initial upload icon without displaying the selected image or confirming the upload. Severity High β This is a functional blocker for developers trying to set up or update their project profiles. Projects without logos may appear unverified or unprofessional to users on the DePINscan platform. Impact Project Incompleteness: Developers cannot complete their project profile according to mandatory requirements (indicated by the red asterisk next to "Logo*"). User Experience: Frequent failed attempts to upload an icon without an error message lead to developer frustration. Platform Quality: Reduces the overall data quality of the DePINscan ecosystem if projects are forced to remain without branding. Reproduce Navigate to https://depinscan.io/developer/settings/team-projects. Click on the "Logo"* upload box (indicated by the cloud icon). Select a valid image file from the local file browser. Observe the loading state in the upload box. Observe the box reverting to the original cloud icon once the loading animation finishes. Expectation The selected image should be uploaded, and a preview of the logo should appear in the "Logo" box. A success message or confirmation should be displayed once the file is saved to the server. Actual The upload appears to start but fails to complete or display the preview, leaving the field empty. No specific error message (e.g., "File too large" or "Invalid format") is provided to the user. Suggest Fix File Type Validation: Ensure the front-end clearly specifies and validates supported file types (e.g., .png, .jpg, .svg). Error Feedback: Implement clear error messaging if the upload fails due to server-side issues, file size limits, or network timeouts. Persistent Preview: Ensure the image preview is rendered in the UI immediately upon selection or successful upload. Server-Side Check: Verify that the backend endpoint for image uploads is correctly receiving and storing the files in the project's directory., Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] DePINscan Image Upload Failure for Project Logo
Description The "Logo" upload field in the project configuration settings fails to process and save uploaded images. When a user selects an image from their device, the interface shows a brief loading animation but immediately reverts to the initial upload icon without displaying the selected image or confirming the upload. Severity High β This is a functional blocker for developers trying to set up or update their project profiles. Projects without logos may appear unverified or unprofessional to users on the DePINscan platform. Impact Project Incompleteness: Developers cannot complete their project profile according to mandatory requirements (indicated by the red asterisk next to "Logo*"). User Experience: Frequent failed attempts to upload an icon without an error message lead to developer frustration. Platform Quality: Reduces the overall data quality of the DePINscan ecosystem if projects are forced to remain without branding. Reproduce Navigate to https://depinscan.io/developer/settings/team-projects. Click on the "Logo"* upload box (indicated by the cloud icon). Select a valid image file from the local file browser. Observe the loading state in the upload box. Observe the box reverting to the original cloud icon once the loading animation finishes. Expectation The selected image should be uploaded, and a preview of the logo should appear in the "Logo" box. A success message or confirmation should be displayed once the file is saved to the server. Actual The upload appears to start but fails to complete or display the preview, leaving the field empty. No specific error message (e.g., "File too large" or "Invalid format") is provided to the user. Suggest Fix File Type Validation: Ensure the front-end clearly specifies and validates supported file types (e.g., .png, .jpg, .svg). Error Feedback: Implement clear error messaging if the upload fails due to server-side issues, file size limits, or network timeouts. Persistent Preview: Ensure the image preview is rendered in the UI immediately upon selection or successful upload. Server-Side Check: Verify that the backend endpoint for image uploads is correctly receiving and storing the files in the project's directory., Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] Outdated Design in ioPay BinoAI Suggestion Boxes
Description The suggestion boxes within the ioPay BinoAI interface (e.g., "What could affect IOTX's future price?") use an outdated, rectangular "box" design that does not align with modern UI trends or the rounded aesthetic seen elsewhere in the application. Severity Low β This is a purely cosmetic issue related to visual consistency and branding. Impact Visual Inconsistency: The sharp-edged or minimally rounded corners of the AI suggestion prompts clash with the highly rounded buttons (like "Start Earning" and "Swap") and containers used in the rest of the app. User Experience: The lack of modern styling (such as glassmorphism, subtle shadows, or consistent corner radii) makes the AI feature look less integrated and more like a legacy component. Reproduce Open the ioPay app. Navigate to the IOTX asset or staking dashboard. Locate the ioPay BinoAI section at the top of the screen. Observe the design style of the scrollable suggestion boxes. Expectation The suggestion boxes should feature a modern design language, likely including larger corner radii (rounded corners), better padding, and perhaps a subtle border or background gradient to match the "ioPay BinoAI" branding. Actual The boxes appear as simple, dark rectangles with very small corner radii, creating a dated look that feels disconnected from the rest of the modern interface. Suggested Fix Standardize Corner Radius: Update the CSS/styling for the suggestion cards to match the corner radius of primary action buttons (e.g., 12px or 16px). Modernize Styling: Apply a slight background blur (glassmorphism) or a more distinct accent border to make the AI suggestions visually pop and feel like a premium feature. Padding Adjustment: Increase internal padding to ensure text doesn't feel cramped within the boxes. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] Outdated Design in ioPay BinoAI Suggestion Boxes
Description The suggestion boxes within the ioPay BinoAI interface (e.g., "What could affect IOTX's future price?") use an outdated, rectangular "box" design that does not align with modern UI trends or the rounded aesthetic seen elsewhere in the application. Severity Low β This is a purely cosmetic issue related to visual consistency and branding. Impact Visual Inconsistency: The sharp-edged or minimally rounded corners of the AI suggestion prompts clash with the highly rounded buttons (like "Start Earning" and "Swap") and containers used in the rest of the app. User Experience: The lack of modern styling (such as glassmorphism, subtle shadows, or consistent corner radii) makes the AI feature look less integrated and more like a legacy component. Reproduce Open the ioPay app. Navigate to the IOTX asset or staking dashboard. Locate the ioPay BinoAI section at the top of the screen. Observe the design style of the scrollable suggestion boxes. Expectation The suggestion boxes should feature a modern design language, likely including larger corner radii (rounded corners), better padding, and perhaps a subtle border or background gradient to match the "ioPay BinoAI" branding. Actual The boxes appear as simple, dark rectangles with very small corner radii, creating a dated look that feels disconnected from the rest of the modern interface. Suggested Fix Standardize Corner Radius: Update the CSS/styling for the suggestion cards to match the corner radius of primary action buttons (e.g., 12px or 16px). Modernize Styling: Apply a slight background blur (glassmorphism) or a more distinct accent border to make the AI suggestions visually pop and feel like a premium feature. Padding Adjustment: Increase internal padding to ensure text doesn't feel cramped within the boxes. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] iopay Delegate Search/Selection Screen Fails to Load Content
Description When a user attempts to select a delegate for staking within the ioPay app, clicking the "Click to select a delegate" field opens a search/selection screen that remains entirely black (empty). No list of delegates is populated, and the search interface appears non-functional. Severity Critical β This is a "blocker" bug. It prevents users from completing the primary action of the "Stake" workflow, effectively breaking the staking feature for new buckets. Impact Staking Blocked: Users cannot delegate their IOTX, meaning they cannot earn rewards or participate in network governance. User Churn: A completely blank screen suggests a major system failure or lack of connectivity, which can lead to users abandoning the app. Error Communication: There is no "Loading" spinner or "Network Error" message, leaving the user with no feedback. Reproduce Open the ioPay app and navigate to the Stake section. Observe the "Delegate" field showing the error "Delegate can't be empty." Tap on the field labeled "Click to select a delegate". Observe the transition to the next screen. Expectation The app should load a list of available IoTeX delegates with their names, rankings, and voting percentages. A search bar should allow users to filter this list. Actual The screen transitions to a dark/black page with only a search icon/bar visible at the top, but no delegates are listed, and the screen remains empty indefinitely. Suggest Fix API Verification: Ensure the endpoint responsible for fetching the delegate list (e.g., from member.iotex.io) is returning a valid JSON response. Loading State: Implement a loading skeleton or spinner so users know the app is attempting to fetch data. Graceful Failure: If the data fails to fetch, display an "Error loading delegates. Tap to retry" message instead of a blank screen. Cache Check: Ensure that if the user is offline, the app provides a clear offline notification rather than a blank UI. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] iopay Delegate Search/Selection Screen Fails to Load Content
Description When a user attempts to select a delegate for staking within the ioPay app, clicking the "Click to select a delegate" field opens a search/selection screen that remains entirely black (empty). No list of delegates is populated, and the search interface appears non-functional. Severity Critical β This is a "blocker" bug. It prevents users from completing the primary action of the "Stake" workflow, effectively breaking the staking feature for new buckets. Impact Staking Blocked: Users cannot delegate their IOTX, meaning they cannot earn rewards or participate in network governance. User Churn: A completely blank screen suggests a major system failure or lack of connectivity, which can lead to users abandoning the app. Error Communication: There is no "Loading" spinner or "Network Error" message, leaving the user with no feedback. Reproduce Open the ioPay app and navigate to the Stake section. Observe the "Delegate" field showing the error "Delegate can't be empty." Tap on the field labeled "Click to select a delegate". Observe the transition to the next screen. Expectation The app should load a list of available IoTeX delegates with their names, rankings, and voting percentages. A search bar should allow users to filter this list. Actual The screen transitions to a dark/black page with only a search icon/bar visible at the top, but no delegates are listed, and the screen remains empty indefinitely. Suggest Fix API Verification: Ensure the endpoint responsible for fetching the delegate list (e.g., from member.iotex.io) is returning a valid JSON response. Loading State: Implement a loading skeleton or spinner so users know the app is attempting to fetch data. Graceful Failure: If the data fails to fetch, display an "Error loading delegates. Tap to retry" message instead of a blank screen. Cache Check: Ensure that if the user is offline, the app provides a clear offline notification rather than a blank UI. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] iopay UI Text Truncation in BinoAI Input Field
Severity: π‘ Low (Cosmetic / UI Polish) Environment: App: ioPay Mobile Wallet Feature: BinoAI (within the IOTX price/chart screen) Device: Android Description: When opening the BinoAI interface from the IOTX asset screen, the text within the "Ask anything about Web3" input field is truncated or incomplete. The text ends abruptly with "or" and does not show the full prompt, nor does it scale correctly for the screen width. Steps to Reproduce: Open the ioPay app. Navigate to the IOTX asset page. Click on the BinoAI icon/tool. Observe the input field at the bottom of the screen. Actual Result: The text in the search/input bar is cut off (e.g., "Ask anything about Web3, or..."). Expected Result: The full placeholder text should be visible, or it should wrap/elide properly without looking like an error. Impact: User Confusion: Incomplete text ("...or") leaves users unsure what types of queries or examples are supported by BinoAI. Perceived Quality: Creates an impression of an unfinished or unpolished product, reducing trust in the app's overall reliability. Accessibility: Users with visual impairments or those using larger font sizes may face additional difficulties understanding the input requirements. Localization Risk: If the app is translated to languages with longer word lengths, this truncation issue will likely worsen and affect more users. Suggested Fix: Shorten Placeholder Text: Reduce the placeholder to fit within the input field width (e.g., "Ask about Web3..." or "Type your question..."). Implement Text Ellipsis: Use CSS/text property text-overflow: ellipsis to gracefully cut off long text with "..." rather than mid-word. Dynamic Sizing: Ensure the input field or font size scales responsively based on device screen width and system font settings. Multi-line Support: Allow the placeholder text to wrap to a second line if necessary, or use a smaller font size for the placeholder specifically. Remove Hardcoded Widths: Check for fixed pixel widths on the input container that prevent proper text rendering on smaller screens. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] iopay UI Text Truncation in BinoAI Input Field
Severity: π‘ Low (Cosmetic / UI Polish) Environment: App: ioPay Mobile Wallet Feature: BinoAI (within the IOTX price/chart screen) Device: Android Description: When opening the BinoAI interface from the IOTX asset screen, the text within the "Ask anything about Web3" input field is truncated or incomplete. The text ends abruptly with "or" and does not show the full prompt, nor does it scale correctly for the screen width. Steps to Reproduce: Open the ioPay app. Navigate to the IOTX asset page. Click on the BinoAI icon/tool. Observe the input field at the bottom of the screen. Actual Result: The text in the search/input bar is cut off (e.g., "Ask anything about Web3, or..."). Expected Result: The full placeholder text should be visible, or it should wrap/elide properly without looking like an error. Impact: User Confusion: Incomplete text ("...or") leaves users unsure what types of queries or examples are supported by BinoAI. Perceived Quality: Creates an impression of an unfinished or unpolished product, reducing trust in the app's overall reliability. Accessibility: Users with visual impairments or those using larger font sizes may face additional difficulties understanding the input requirements. Localization Risk: If the app is translated to languages with longer word lengths, this truncation issue will likely worsen and affect more users. Suggested Fix: Shorten Placeholder Text: Reduce the placeholder to fit within the input field width (e.g., "Ask about Web3..." or "Type your question..."). Implement Text Ellipsis: Use CSS/text property text-overflow: ellipsis to gracefully cut off long text with "..." rather than mid-word. Dynamic Sizing: Ensure the input field or font size scales responsively based on device screen width and system font settings. Multi-line Support: Allow the placeholder text to wrap to a second line if necessary, or use a smaller font size for the placeholder specifically. Remove Hardcoded Widths: Check for fixed pixel widths on the input container that prevent proper text rendering on smaller screens. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] mimo Exchange Improper Slippage Validation and UI Overflow
Description The exchange settings allow users to input extreme slippage values (e.g., 99.9999999%) without a reasonable cap or rounding. This causes significant UI breakage on the main swap interface. Additionally, the "Transaction Deadline" input lacks visual clarity for its unit label. Severity High β Allowing nearly 100% slippage poses a severe financial risk to users (front-running/total loss of value), and the resulting UI overflow obscures critical navigation elements. Impact Financial Risk: Users can inadvertently set slippage that guarantees an unfavorable trade. UI/UX: Long decimal strings overflow their containers, cutting off text like the "Slippage" label on the main dashboard. Accessibility: The "minutes" label in the Transaction Deadline field has poor contrast, making it difficult to read. Reproduce Navigate to the Swap settings/Slippage configuration. Input a value with many decimals or a value exceeding 50% (e.g., 99.9999999). Note that the system accepts the value and displays a warning but does not block the input. Return to the main Swap screen and observe the slippage display at the top right. Observe the Transaction Deadline input field and the visibility of the "minutes" text. Expectation Slippage: Should be capped at a maximum (e.g., 50%) or require a secondary "confirm" for extreme values. Decimal places should be truncated or rounded. Design: The slippage badge on the main screen should have a maximum width or handle long strings with ellipsis to prevent layout breaking. Clarity: The "minutes" label should be clearly legible against the dark background. Actual Slippage: Accepts 99.9999999%, which breaks the header layout on the main page. Minutes: The "minutes" text inside the input box is very dark and nearly invisible against the field background. Suggest Fix Validation: Implement a hard cap on slippage (e.g., 50%) and limit decimal input to 2 places. CSS Fix: Add overflow: hidden; text-overflow: ellipsis; to the slippage badge on the main swap interface. Contrast: Increase the brightness/opacity of the "minutes" label in the Transaction Deadline field to meet WCAG accessibility standards. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] mimo Exchange Improper Slippage Validation and UI Overflow
Description The exchange settings allow users to input extreme slippage values (e.g., 99.9999999%) without a reasonable cap or rounding. This causes significant UI breakage on the main swap interface. Additionally, the "Transaction Deadline" input lacks visual clarity for its unit label. Severity High β Allowing nearly 100% slippage poses a severe financial risk to users (front-running/total loss of value), and the resulting UI overflow obscures critical navigation elements. Impact Financial Risk: Users can inadvertently set slippage that guarantees an unfavorable trade. UI/UX: Long decimal strings overflow their containers, cutting off text like the "Slippage" label on the main dashboard. Accessibility: The "minutes" label in the Transaction Deadline field has poor contrast, making it difficult to read. Reproduce Navigate to the Swap settings/Slippage configuration. Input a value with many decimals or a value exceeding 50% (e.g., 99.9999999). Note that the system accepts the value and displays a warning but does not block the input. Return to the main Swap screen and observe the slippage display at the top right. Observe the Transaction Deadline input field and the visibility of the "minutes" text. Expectation Slippage: Should be capped at a maximum (e.g., 50%) or require a secondary "confirm" for extreme values. Decimal places should be truncated or rounded. Design: The slippage badge on the main screen should have a maximum width or handle long strings with ellipsis to prevent layout breaking. Clarity: The "minutes" label should be clearly legible against the dark background. Actual Slippage: Accepts 99.9999999%, which breaks the header layout on the main page. Minutes: The "minutes" text inside the input box is very dark and nearly invisible against the field background. Suggest Fix Validation: Implement a hard cap on slippage (e.g., 50%) and limit decimal input to 2 places. CSS Fix: Add overflow: hidden; text-overflow: ellipsis; to the slippage badge on the main swap interface. Contrast: Increase the brightness/opacity of the "minutes" label in the Transaction Deadline field to meet WCAG accessibility standards. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] mimo Exchange UI Misalignment and Non-Functional Tooltip on RPC Help Icon
Description In the RPC List modal, the help information icon (?) is improperly positioned, appearing partially behind or overlapping the "Auto select rpc" label. Additionally, tapping or clicking this icon fails to trigger a tooltip, pop-over, or any descriptive prompt message explaining the feature. Severity Low β This is a cosmetic and minor functional issue that does not prevent the user from completing transactions, but it degrades the professional quality of the UI. Impact User Confusion: Users are unable to learn how the "Auto select rpc" feature works because the help prompt is unresponsive. Visual Polish: The overlapping text and icon create a cluttered and unpolished look for the interface. Reproduce Open the Mimo exchange interface. Navigate to the RPC settings/list modal (accessible via the connection/settings icon in the header). Observe the placement of the (?) icon next to the "Auto select rpc" text. Click or tap on the (?) icon. Expectation UI: The help icon should be clearly spaced to the right of the text label without overlapping. Functionality: Clicking the icon should display a prompt or tooltip explaining that "Auto select rpc" automatically chooses the fastest available server. Actual UI: The icon is positioned too close to the text, causing visual overlap. Functionality: No prompt, message, or action occurs when the icon is clicked. Suggest Fix CSS Adjustment: Apply a margin-left or padding to the help icon element to ensure it sits clearly to the right of the "Auto select rpc" string. Trigger Event: Bind a click/hover event to the icon to launch a standard UI tooltip or modal prompt containing the explanatory text. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] mimo Exchange UI Misalignment and Non-Functional Tooltip on RPC Help Icon
Description In the RPC List modal, the help information icon (?) is improperly positioned, appearing partially behind or overlapping the "Auto select rpc" label. Additionally, tapping or clicking this icon fails to trigger a tooltip, pop-over, or any descriptive prompt message explaining the feature. Severity Low β This is a cosmetic and minor functional issue that does not prevent the user from completing transactions, but it degrades the professional quality of the UI. Impact User Confusion: Users are unable to learn how the "Auto select rpc" feature works because the help prompt is unresponsive. Visual Polish: The overlapping text and icon create a cluttered and unpolished look for the interface. Reproduce Open the Mimo exchange interface. Navigate to the RPC settings/list modal (accessible via the connection/settings icon in the header). Observe the placement of the (?) icon next to the "Auto select rpc" text. Click or tap on the (?) icon. Expectation UI: The help icon should be clearly spaced to the right of the text label without overlapping. Functionality: Clicking the icon should display a prompt or tooltip explaining that "Auto select rpc" automatically chooses the fastest available server. Actual UI: The icon is positioned too close to the text, causing visual overlap. Functionality: No prompt, message, or action occurs when the icon is clicked. Suggest Fix CSS Adjustment: Apply a margin-left or padding to the help icon element to ensure it sits clearly to the right of the "Auto select rpc" string. Trigger Event: Bind a click/hover event to the icon to launch a standard UI tooltip or modal prompt containing the explanatory text. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] "mimo Classic" Menu Link Leads to 404/DNS Error
Description When a user attempts to access the mimo Classic version via the navigation menu in the Mimo application, the app attempts to redirect to an external URL (https://classic.mimo.exchange/swap) which fails to resolve, resulting in a net::ERR_NAME_NOT_RESOLVED error. Severity Medium While it doesn't crash the entire app, it is a broken core navigation element that prevents users from accessing legacy liquidity or swap features. Impact User Experience: High frustration as users are met with a "Webpage not available" system error. Functionality: Users cannot access the classic interface, which may be necessary for specific token pairs or older liquidity pools. Brand Trust: Broken links in the main menu make the platform appear unmaintained. Steps to Reproduce Open the Mimo app/interface. Click on the Menu (Hamburger) icon in the top left or right. Scroll to the bottom of the list. Tap on "mimo Classic". Observe the browser redirecting to a non-existent sub-domain. Expected Result The user should be redirected to a functioning legacy version of the Mimo exchange, or a landing page explaining the status of the classic protocol. Actual Result The browser displays a white screen with the error: net::ERR_NAME_NOT_RESOLVED, indicating the DNS entry for classic.mimo.exchange does not exist or the server is down. Suggested Fix URL Verification: Check if the "Classic" subdomain has been moved (e.g., to a path like mimo.exchange/classic) and update the link accordingly. DNS Configuration: If the URL is correct, ensure the DNS records for the classic subdomain are properly configured. Temporary Removal: If the Classic version is no longer supported, remove the "mimo Classic" option from the menu to prevent user confusion. Error Handling: Implement an internal redirect or a "Coming Soon/Under Maintenance" page instead of letting the browser throw a raw DNS error. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago
[ECO Bounty] "mimo Classic" Menu Link Leads to 404/DNS Error
Description When a user attempts to access the mimo Classic version via the navigation menu in the Mimo application, the app attempts to redirect to an external URL (https://classic.mimo.exchange/swap) which fails to resolve, resulting in a net::ERR_NAME_NOT_RESOLVED error. Severity Medium While it doesn't crash the entire app, it is a broken core navigation element that prevents users from accessing legacy liquidity or swap features. Impact User Experience: High frustration as users are met with a "Webpage not available" system error. Functionality: Users cannot access the classic interface, which may be necessary for specific token pairs or older liquidity pools. Brand Trust: Broken links in the main menu make the platform appear unmaintained. Steps to Reproduce Open the Mimo app/interface. Click on the Menu (Hamburger) icon in the top left or right. Scroll to the bottom of the list. Tap on "mimo Classic". Observe the browser redirecting to a non-existent sub-domain. Expected Result The user should be redirected to a functioning legacy version of the Mimo exchange, or a landing page explaining the status of the classic protocol. Actual Result The browser displays a white screen with the error: net::ERR_NAME_NOT_RESOLVED, indicating the DNS entry for classic.mimo.exchange does not exist or the server is down. Suggested Fix URL Verification: Check if the "Classic" subdomain has been moved (e.g., to a path like mimo.exchange/classic) and update the link accordingly. DNS Configuration: If the URL is correct, ensure the DNS records for the classic subdomain are properly configured. Temporary Removal: If the Classic version is no longer supported, remove the "mimo Classic" option from the menu to prevent user confusion. Error Handling: Implement an internal redirect or a "Coming Soon/Under Maintenance" page instead of letting the browser throw a raw DNS error. Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren Device & Environment: -Operating system: Android 13 -Device model: Redmi Note 10 Pro
cryptotestnet 1 day ago