Enforce Dev‑Only Confirmations for Allow‑Mode

Apps
1

Enforce Dev‑Only Confirmations for Allow‑Mode

Having spoken to many developers (initially publicly advocated by Cryptodude on X which received wide support), we’ve come to a general consensus that, Allow‑Mode should only be a developer feature that bypasses Post Conditions.

In consumer contexts, this increases the risk that malicious sites can prompt unsafe or unexpected asset movements.

We should make Allow‑Mode explicitly dev‑only and add friction at the point of approval.

Action

  • Work with Wallets (Leather, Xverse) to disable “Confirm” button for Allow‑Mode transactions by default.

  • Require users to enable a wallet‑level “Dev Mode” to re‑enable Confirm button.

  • Show an Allow‑Mode risk warning directly beside Confirm, and keep it visible even in Dev Mode.

Why

  • Prevents malicious sites from bypassing guardrails and tricking users into unsafe txs, which would have prevented many drainer attack in the past year in Stacks.

  • Allow‑Mode is for developers only; consumers should use Post Conditions.

Benefits

  • Protects consumer users from unintended asset movement.

  • Clear separation of developer vs. consumer paths.

  • Consistent, transparent UX at the moment of approval.

Call to Action

  • Leather & Xverse: Implement Dev Mode gating + adjacent warnings for Allow‑Mode in the next release cycle.

  • Builders: Use Post Conditions for consumer flows; reserve Allow‑Mode for dev contexts only.

Would appreciate if people can relay the message to wallet providers.

I think this function will be great to activate at the same time as SIP-033 Clarity 4 Upgrade - currently targeting 16:00 UTC on November 6, 2025.

Do we want to have a safer DeFi on Stacks to safe-guard users funds? Here it is low hanging fruit which can boost the security massively.

@brandon @yukan

6 Likes
2

Would love to see this!

1 Like
3

Thanks for sharing @HeroGamer. Leather team is supportive of this.

Whether implemented as a “developer mode” as you suggest, or alternatively, adding some serious UX friction with a “I absolutely understand this could drain my funds” checkbox, making Allow mode more difficult to use protects users.

5 Likes
4

With the friction for allow mode, we should also improve the UX of post conditions.

Users should be able to understand the effect of the tx better. Ideally, together simulations.

2 Likes
5

Yes, this update to wallet’s would greatly reduce the risk of wallet drain.

2 Likes
6

Strong +1 to this proposal. It is actually something I have discussed with the Leather team and they were in favor of supporting it, but they have not gotten around to implementing it yet. I will share this post with them.

3 Likes
7

Seems like a no-brainer to me, making it more difficult for users to get drained without adding any friction for necessary functionality.

1 Like
8

Great to hear Leather is supportive of it! I think will be an amazing feature to go live along with Clarity 4 that’s why I’m bringing up now.

Regarding “checkbox”, if I think about how people or degens typically wanna do something in a hurry or the malicious link pressures them into proceeding in a hurry, it is my belief that they will try to just tick whatever warning boxes (sometimes without even reading) they need to make that transaction happen.

Given the potential monetary loss consequence in a malicious attack, as a user, I’d prefer just be disallowed to press the confirm button at all. Protecting myself from doing stupid things.

2 Likes