Warn in Suite if Trezor has safety checks enabled

[tsusanka]

Let's add a warning similar to "backup needed" that informs the user that they have "safety checks" enabled.

Related to #2242. Needs trezor/trezor-firmware#1133 and trezor/trezor-firmware#1193.

[matejzak]

After a brief discussion, we came to a conclusion (or rather hypothesis that needs to be verified) that since the safety checks Settings automatically reset with device reconnect, we don't need the banner notification.

• @tsusanka will kindly check whether this is indeed true and will let us know 👆🏽 🙏🏽

cc @goodhoko

[tsusanka]

@mmilata it is true that when safety_checks are set to Prompt they will default to Strict on next Trezor replug, correct? Only PromptTemporarily does not do that but we have decided not to have that in Suite for now.

[mmilata]

They are two distinct values, PromptTemporarily and PromptAlways (in addition to Strict), PromptTemporarily is only until next reboot.

In trezorctl we expose these as:

trezorctl set safety-checks prompt
trezorctl set safety-checks prompt --always

i.e. PromptTemporarily is the default

[prusnak]

Let's add a warning similar to "backup needed" that informs the user that they have "safety checks" enabled.

@tsusanka by "enabled" you mean set to something else then "strict", right?

[tsusanka]

@prusnak yes indeed. Hm, so the user could have set PromptAlways via trezorctl and then go to Suite and they should probably see the warning there @matejzak 😕.

[goodhoko]

Hm, so the user could have set PromptAlways via trezorctl and then go to Suite and they should probably see the warning there.

Good point! We definitely want to show the warning when safety-check == PromptAlways.

The remaining question is: should the warning appear for PromptTemporarily too? I'd say, yes, for the sake of consistent UI and principle of least surprise. This is however mainly a product design question @matejzak .)

I'll assign this to myself to do it along #2242. Hope that's ok. .)

[matejzak]

The remaining question is: should the warning appear for PromptTemporarily too? I'd say, yes, for the sake of consistent UI and principle of least surprise. This is however mainly a product design question @matejzak .)

Let's do it. Here is the notification design: Zeplin
Currently being implemented by @tomasklim btw. 💡

• Color: type-orange (Warning)
• CTA link to Device Settings
• Banner notification for PromptTemporarily should be dismissible: (1) the user made an action to reach that particular state and (2) it will be set to Strict with the next device reconnect. PromptAlways on the other hand, should not be dismissible: User could have set it via trezorctl.

[matejzak]

(1) Agreed — priority #6 sounds reasonable with respect to the scale of other items on the list.
(2) I would still prefer to link the CTA to the Device Settings to 'teach' the user where that particular options is located. That being said, I agree it's problematic (similar to what we are trying to solve in #2208) and it would be great to fix in the future, i.e. to give the user a visual cue where they should focus their attention (component blink, scroll to the page aka anchor link etc.). Putting on my things-to-clean-up list.
(3) I believe so, but no strong opinion, since it is "hard core" feature anyway and the device reconnect will reset it to default.
(4) Feel free to word it as you would and add it to CrowdIn (I guess you might have already), it will be later proofread there.

Many thanks!

[goodhoko]

@matejzak

1. ACK
2. Ok then. I mentioned this in the issue and I'll also leave a TODO in the code.
3. I'll opportunistically take the other approach and make the dismissal last only for a session. For two reasons 1) implementation simplicity 2) it's more defensive. The worst case is an user annyoed by the warning. The worst case of persistent dismissal is an user unaware of disabeld safety checks approving non-standard (trans)action.
4. Ack.

[matejzak]

3. Got it - no objections.

Thanks!

[goodhoko]

Done in #3681. Closing.

[bosomt]

QA OK

Info:

• Suite version: web 21.5.1 (4d09d88)
• Browser: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0
• OS: MacIntel
• Screen: 1440x900
• Device: model T 2.3.6 regular

[STew790]

QA OK

Info:

• web 21.5.1 (4d09d88)
• Browser: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36
• OS: NixOS
• Device Model T 2.3.5 regular

[wendys-cats]

QA OK

• notification panel is visible when safety checks are disabled through Suite or when trezorctl set safet-checks prompt (--always) is used.

Info:

• Suite version: web 21.5.1 (4d09d88)
• Browser: Chromium Version 88.0.4324.182 (Official Build) (64-bit)
• OS: NixOS 21.03
• Device: TT 2.3.6 regular