Freighter Mobile: Fiat & Memo Bug Analysis

by Alex Johnson 43 views

In this article, we'll explore some critical bugs discovered in the Freighter Mobile app, specifically focusing on fiat conversion and memo display anomalies. These issues, identified in version 1.9.24, impact the user experience and could lead to confusion. Let's break down the problems and understand the potential causes.

Understanding the Fiat Conversion Bug

The fiat conversion bug presents a frustrating scenario for users attempting to convert tokens within the Freighter Mobile app. This issue, affecting all tokens except XLM, manifests when users try to input a fiat amount after initiating a token send. The core problem lies in how the app handles the initial fiat amount setting and subsequent input. This is a critical aspect of the application since many users rely on fiat conversion to better understand the value of their transactions in familiar currencies.

To replicate the bug, follow these steps:

  1. Select a token you wish to send.
  2. Tap the "Send" button.
  3. Immediately tap the "fiat conversion" button.
  4. Attempt to input any number. You'll notice that the input field doesn't register your entries.
  5. Tap the "backspace" button on the numeric keyboard as if to clear a digit.
  6. Try inputting a number again. This time, it will appear as "0.0n", where 'n' represents the number you entered. This indicates an underlying issue with how the app is formatting the input.
  7. Further attempts to input numbers will fail to register.
  8. Tap the "backspace" button twice more to clear the "0.0n" entry.
  9. Now, you should be able to input numbers without any issues.

The behavior suggests that the app might be pre-filling the fiat amount input field with "0.00" upon tapping the "fiat conversion" button. This pre-filled value seems to be interfering with subsequent user input, requiring the user to manually clear it before entering their desired amount. This is a clear usability issue that needs to be addressed to improve the user experience. The erratic behavior can be disorienting, especially for users who are not familiar with the intricacies of digital currency transactions.

Furthermore, another related issue arises when a token amount is pre-entered before initiating the fiat conversion. Consider this scenario:

  1. Select a token.
  2. Tap "Send."
  3. Enter "1" as the token amount.
  4. Tap the "fiat conversion" button.
  5. Attempt to input any number. The input will not register.
  6. Tap the "backspace" button.
  7. Try inputting a number again. This time, it will appear as "1.0n".
  8. Tap the "fiat conversion" button again.
  9. Now, inputting numbers will work as expected.
  10. Tap the "fiat conversion" button once more.
  11. Inputting numbers will fail again.
  12. Tap the "backspace" button.
  13. Attempt to input a number; it appears as "xyz.0n".

This pattern indicates that the app might be converting the token amount to fiat with a fixed two-decimal-place format (e.g., "x.yz") whenever the "fiat conversion" button is tapped. This conversion might be happening even if the user hasn't explicitly entered a fiat amount, leading to the observed input issues. For instance, if the token amount is "1", the app might be converting it to "1.00" in fiat, which then interferes with further input. The fluctuating behavior, where the input works after certain actions but fails after others, highlights a logical inconsistency in the code that needs to be rectified.

In conclusion, the fiat conversion bug is likely rooted in the way the app handles the initial setting and subsequent updating of the fiat amount. The pre-filled "0.00" value and the fixed-decimal conversion seem to be the primary culprits. Addressing these underlying mechanisms is crucial for a smoother user experience.

The Memo Display Issue with M Addresses

Another significant issue identified is related to memo display when sending tokens to M addresses. This bug occurs when a memo is added in the settings before inputting an M address. This seemingly innocuous action triggers a display error in the transaction details, even though the memo is not actually sent with the transaction. This discrepancy between the displayed information and the actual transaction can create confusion and potentially lead to user errors.

Here’s a step-by-step breakdown of how to reproduce this issue:

  1. Navigate to the settings within the Freighter Mobile app.
  2. Add a memo in the designated memo field.
  3. Initiate a token transfer to an M address (an address with a specific format).
  4. Wait for the transaction to be processed.
  5. Access the transaction details on the post-processing screen.

You'll observe that the target address is correctly displayed as an M address. However, the memo that you added in the settings is also shown in the transaction details. This is where the problem lies. The memo is displayed locally, giving the impression that it was included in the transaction. However, in reality, the memo is not sent to the blockchain because M addresses do not support memos. This misleading display is a critical bug that needs immediate attention.

The core issue stems from the app's failure to clear the locally stored memo when an M address is detected. The app should recognize that M addresses do not support memos and prevent the memo from being displayed in the transaction details. This requires a logical check within the code that verifies the address type and clears the memo accordingly.

The implications of this bug are significant. Users might assume that their memo was included in the transaction, which could lead to miscommunication or even financial errors if the memo contained important instructions or information. The fact that the display is local means that the user sees incorrect information, while the actual transaction on the blockchain is correct. This discrepancy can erode trust in the app and its reliability.

To resolve this issue, the development team needs to implement a mechanism that automatically clears the local memo when an M address is detected as the recipient. This will ensure that the transaction details accurately reflect the actual transaction, preventing any confusion or potential errors. This fix is essential for maintaining the integrity of the app and the trust of its users.

In summary, the memo display issue with M addresses is a serious bug that can lead to user confusion and potential errors. The underlying cause is the app's failure to clear the local memo when an M address is used. Implementing a fix to address this issue is crucial for maintaining the app's reliability and user trust. The resolution should involve a conditional check that identifies M addresses and clears the memo accordingly.

Impact and Conclusion

Both the fiat conversion bug and the memo display issue highlight the importance of thorough testing and attention to detail in mobile application development. These bugs, while seemingly minor on the surface, can significantly impact the user experience and potentially lead to errors. Addressing these issues promptly is crucial for maintaining user trust and the overall integrity of the Freighter Mobile app.

To resolve these issues effectively, the development team should focus on the following:

  • Fiat Conversion Bug: Investigate the logic behind the fiat amount pre-filling and conversion process. Identify the root cause of the input interference and implement a fix that allows users to input fiat amounts seamlessly. The fix should ensure that the app handles user input correctly, regardless of whether a token amount has been pre-entered or not.
  • Memo Display Issue: Implement a conditional check that clears the local memo when an M address is detected. This will prevent the misleading display of memos in transaction details. The check should be robust and ensure that the memo is cleared reliably every time an M address is used.

By addressing these bugs, the Freighter Mobile app can provide a more reliable and user-friendly experience. This will enhance user confidence and encourage wider adoption of the app.

For further information on best practices in mobile app development and testing, you can visit reputable resources like OWASP Mobile Security Project. This project offers valuable insights and guidelines for building secure and reliable mobile applications.