[ECO Bounty] ioPay Connection Enabled in "Watch Mode"

Description

When a wallet is imported using Watch Mode (Address-only), the ioPay application still allows the wallet to "Connect" to external dApps and websites.

In Watch Mode, the user does not possess the private key or mnemonic; therefore, the wallet should ideally block connection requests or display a "Read-Only" warning. Allowing a connection creates a confusing user experience where users may attempt to perform transactions that will ultimately fail because there is no private key to sign them.

Steps to Reproduce

1. Open the ioPay app.

2. Import a wallet using Watch Mode (enter a public IoTeX address without a private key).

3. Navigate to the in-app browser or an external site (e.g., a staking portal or DEX).

4. Click "Connect Wallet."

5. Observe that the app prompts to "Approve" the connection and successfully establishes a link with the site.

Expected Result

The app should either:

• Prevent connection entirely for "Watch Mode" wallets.

• Provide a clear warning: "You are in Watch Mode. You cannot sign transactions or interact with this site."

Actual Result

The wallet behaves as if it were a full-access wallet during the initial connection phase, misleading the user and potentially exposing the tracked address to unnecessary site permissions.

Wallet Address: io1tkw393kejmxwnd454twc6020sxcyvh5dxqmren

Device & Environment:

-Operating system: Android 13

-Device model: Redmi Note 10 Pro