Security for Developers

Build safer dApps by validating inputs, minimizing permissions, and handling errors carefully.

Input Validation

Validate addresses, amounts, and message sizes before sending to the wallet.
Sanitize user inputs to prevent injection attacks in your UI.

Permission Scope

Request only required capabilities (read, sign, transact).
Explain clearly why you need each permission.

Error Handling

Handle common wallet errors (4001, 4100, 4200, 4900, 4901).
Do not leak sensitive details in error messages or logs.

Rate Limiting

Throttle high-frequency requests (polling, balance checks).
Debounce user-triggered actions where appropriate.

← Previous:External Audit Guide

16 of 27

Overview & CommandsNext →