Scatter now supports deep linking!

This means you can use Scatter without any libraries if you don't need return results. You can also use links inside of Twitter, Youtube, Telegram, or anything else.

Here's an example link for a Transfer that works in telegram or twitter.

• https://forward.get-scatter.com/?action=transfer/?payload=scatterfunds

Here's an example link for a Transfer that works in a website you control the html for.

<a href="scatter://transfer/?payload=scatterfunds">
    <button>Donate</button>
</a>

This special "transfer" action accepts the following structure to/amount/memo/chain_id For instance scatter://transfer/?payload=scatterfunds/1.0000/helloworld

If the amount is left at 0 or is missing then the user will be able to select the amount, otherwise it will be a fixed amount.

NOTE: The transfers will always be in base tokens. ( EOS, ETH, TRX, etc )

The deep links also accept any API route that Scatter accepts.

So you can interact with Scatter the same way you would with a native application but using deep linking instead of a socket. For instance:

• scatter://requestSignature/?payload={...}

In the future you will be able to pass in an optional return deep link which will return results.

---

Changes

• Signature Requests ( Actions ) now shows you whether the network you are signing on is the "Endorsed Network" by displaying a Shield next to the network name.
• Signature Requests also now show you the accounts involved at the top of the popup.
• Minor UI fixes to switches to make it more apparent which is active.
• Autofocus single serving input fields ( login / key input )
• Explanation of value transfers
• When switching between value transfers and custom transfers it now autoparses the amounts into the token/value.
• Added update button in settings which is shown next to the version number when an update is available.
• Changed network protocol to be a drop-down to avoid confusion.
• Added right-click menu to input fields to allow for copy/paste without keyboard shortcuts.

Bugfixes

• Fixed MacOS icons.
• Scatter no longer allows you to open multiple instances of it.
• Fixed issue with long texts in the app explorer.
• USD Balance is now only taken from specified tokens to fix the GrandpaETH EOSIO token issue.

Changes

• eosjs2 support. Block.one is deprecating the eosjs library. Scatter has already added eosjs2 support to our SDKs and this version includes support for eosjs2 within Scatter Desktop as well.
• Added Ledger Paths/Indexes as well as ledger support for Ethereum.
• Added "Quit" button to Login Screen
• Added a way to destroy Scatter from the Login Screen after pressing "d" 10 times.
• Added a private key input revealer into the import private key field ( eye icon )
• Reformatted the permissions section to be a self-curated dapp explorer with meta-data and images
• Added a warning when whitelisting transfer actions.
• Changed icons
• Added login splash screen.

Bugfixes

• Removed key export button for hardware wallets
• Fixes maximize from MacOS dock icon ( previously only from tray )
• Fixed issue with permissions which made you not be able to permissions the same action twice with elevated fields. Now each whitelisting of an action for a specific contract on a specific origin overwrites the previous one.
• Fixed resource margin for displaying CPUEmergency button in EOSIO account panel
• Fixed issue with 2 ledgers not being able to add keys
• Fixed issue with Scatter and Ledger needing to be completely restarted in order to get them working
• Fixed a speed issue with slow popups when Ledger keys exist

Patch 9.3.1

• Fix for ledger paths
• Fix for login with no blockchains specified

New Blockchain: Tron

Scatter now has Tron support. It defaults to the test network for now but will be updated in a later version to default to the mainnet. You can already point it to the mainnet manually by adding a node you know of with a chainId of 1.

scatterjs-core now also has basic Tron support. Check it out here.

---

Changes

• SSL Sockets now enabled to allow for Safari, Firefox, Edge, and most likely all browsers to be supported.
• ETH and TRX now transferable from the "Send" panel. ( alt-coins not yet supported )
• Reverted "dumb" naming conventions back to blockchain centric names to clear up some confusion.
• Added "refresh" button for tokens.
• Changed Vault, Receive and Send buttons to be textual.
• CPU Emergency now linked to from the EOSIO Account dashboard when out of CPU.
• Added a way to export one-time manual backups to specified location.
• F12 now opens the console from any window/popup.
• "Find more apps" button now showing when permissions exist

Bugfixes

• Fixed all blockchain names to their proper names instead of shortnames.
• Fixed issue with accounts being removed not removing tokens.
• Fixed search bar for permissions list
• Fixed numeric formats for tokens and values on the dashboard-head.
• Fixed issue with self-selected endorsed networks and sending internal transfers
• Fixed a few issues with ethereum message parsing support

Changes

• Added multi-key-type export for private keys
• Added "Tour" mechanism for onboarding
• Added optional secondary PIN for internal transfers. Can add from Settings panel.
• Added tokens panel which allows you to view all tokens and select a token type to make as your main display instead of USD
• Added a way to see all accounts in Transfer panel, and token balances for mainnets
• Modify account resources from within the vault.
• Permissions list is now a user-curated DApp explorer, clicking on any of the items' name will lead back to the dapp.
• Merged multi-auth accounts into one in the vault.
• Removed nonce from popups and settings.
• "Sign Transaction" has been changed to "Actions" and has a new design.
• "Sign Arbitrary Data" has been changed to "Arbitrary Data"
• Added "Minimize" button

Bugfixes

• Fixed issue with Sign Arbitrary Data popups
• Go to locked settings panel after unlocking it sucessfully
• Fixed network addition issue with host allowing protocols
• Fixed issue with duplicated balances due to multi-authority accounts.
• Fixed issue where half-keys would validate as private keys preventing users from being able to type in keys manually

v9.1.1 Patch

• Prices fix by caching them at api.get-scatter.com
• Fix for version not updating and continuously pushing update alerts

v9.1.2 Patch

• Fix for arbitrary signature

Huge Revamp!

This Scatter update includes an almost entire re-write of the UI/UX for Scatter. The only things that haven't changed yet are the "Settings" panel, and the "Sign Transaction" popup.

This massive update was due to an article I wrote recently. https://medium.com/@nsjames/blockchain-ux-should-just-be-ux-529c9ca55a8e

Changes ( oh god.. )

• Onboarding flow reduced to just setting up automatic Backups ( which is now enforced )
• Keys are now based on buffers to be compatible with all blockchains. Any key you import can now be used on every blockchain.
• Update notifications within Scatter for new releases.
• Semi-Automated Resource allocation with warnings when you are about to use your last resources.
• Automatic importing of all key-based accounts for EOS
• Vault entries are automatically named if they do not have one.
• Scatters only have 1 identity now in order to remove a step from the login process.
• If you only have 1 account that an app wants within your Scatter it will not ask you to accept it when providing an identity, it will automatically be provided after you accept the identity request.
• Transfers of value along with transfers of tokens.
• Added ability to save named "Contacts" from the transfer panel for easier resending of transfers.
• Users no longer have to accept network suggestions, but apps can only add on every 24 hours.
• Users no longer have to accept application links unless the link is tainted/broken
• When using linkAccount it no longer accepts the account parameter, and does everything internally by forcing a total keypair relinking. This also prevents a bug that allowed dapps to add accounts to scatter which did not exist.
• Receive panel which also provides POS style functionality with QR codes
• QR Code import for private keys
• No more mentions of blockchains, keys, or anything else technical.
• authenticate now requires a 12 character nonce and returns the following format sha256(sha256(origin)+sha256(nonce)) signed by the private key of the identity.
• And a lot more.

Coming Soon:

• Incremental Identity building by interacting with apps that need identity fields you don't have. You can add them in the popup and they will autosave to your identity for next time.
• Free accounts for EOS by proving long-standing social accounts ( uniqueness ) such as facebook which will use a hash pushed to the blockchain for singularity.
• Token breakdowns
• Custom token transfers need to show tokens available.
• Signature Popup needs a redesign
• CPUEmergency needs to be implemented for users who are already stuck without resources
• Ability to click an account from the vault and perform basic blockchain specific account actions like unstake and refund.
• Multi-node networks to solve intermittent network errors and countries with IP blockers.
• Minimizing ( derp, just forgot this one )
• New blockchain

Pre-Launch!

Still not signing yet just to get this version out quickly as it adds some support that users are waiting for.

Changes

• Ledger Support! You can now use your ledger within Scatter for basic EOSIO system stuff. This works both internally and through dapps.
• Keypair name UI/UX fixes to make it more prominent
• QR double authentication. You now need to enter your original password to re-pin a QR code.
• Made whitelist UI button easier to find on Signature Requests

Bugfixes

• Removed redundant requests from dashboard to speed it up and be nicer to nodes

Notes about Ledger Support

Currently only EOSIO is supported. Soon Ethereum will also be supported. You can not use Ledger for all dapps, only EOSIO system contracts like delegation and EOS token transfers.

Pre-Launch!

Though this is still an unsigned package Scatter Desktop is now a Consumer Ready Product! Expect the next releases to be signed and be released with accompanying checksums.

Changes

• Dashboard! - Recent History ( 20 items per account ) and Token Breakdowns plus Dollar value of holdings ( This might be a bit slow for now as it's all being pulled from chain )
• Send / Receive modals within the new Dashboard
• Importing backups is now available
• Version has been added to the menu bar above the Scatter logo to make sure it's always visible.
• EOS Account information has been prettified.
• PrettyJSON displays for all objects along with full transaction JSONs have been implemented
• Collapsable Side Menu
• Onboarding now includes a section for configuring Automatic Backups

Bugfixes

• Enforcing socket to 127.0.0.1 instead of localhost
• App now removes it's own data ( encrypted keychain ) on uninstall.

New APIs

Request Transfer - requestTransfer(network, to, amount, options = {})

Request Transfer is a new API method that allows for things like Donation buttons and eases development for plugins on frameworks like Wordpress and Shopify. Request Transfer does not need Identity pairing or signature providers like scatter.eos or scatter.eth! All token transfers are handled internally and you don't have to specify a from account as the user will be selecting it themselves.

Examples

scatter.requestTransfer(
	network, 
	'toaccount', 
	'1.0000', 
	{
		contract:'eosio.token', 
		symbol:'EOS', 
		memo:'', 
		decimals:4
	}
)

When specifying an amount ONLY that amount can be sent. When left as 0 then the user can specify the amount themselves.

This is a patch release which only includes a few minor bug-fixes.

Bugfixes

• Keeps the socket alive, preventing disconnects to apps
• Fixed filtering for imported EOS accounts which was pulling in the wrong permissions for multi-key accounts.
• Allow locally self-signed certificates for local network node connections

Changes

• Multi-chain support for EOSIO ( prefix keys )
• Aligning WS support with new scatter-js lib
• Added popup nonce so users can tell that a popup is really from their Scatter and not mimicked
• New onboarding helper ( getPublicKey and linkAccount ) APIs exposed

Bugfixes

• Remove permissions and accounts when deleting network
• Fixed icons for MacOS ( thanks SoleOne <3 )

---

Note: If you want to use the new API routes below from scatter-js just make sure that scatter.isExtension is false.

---

Get Public Key - getPublicKey(blockchain)

When an app requests this route the user is prompted to either return a key public key from their keychain, or generate a new one. The selected/generated key is then returned to the app so that the app can either create an account on top of it or continue onwards to linking it to an account on a network with the user's Scatter.

Link Account - linkAccount(publicKey, account, network)

When an app requests this route the user is prompted to accept linking this account to the key in their Scatter. If the network does not exist, it will be created as well as long as it does not conflict with existing networks.

2 way authentication of application origins

These changes are backwards compatible with older non-authenticated version of scatter-js. However whitelist action permissions will not be available when interacting with non-authenticated apps

This update allows stronger verification of origins to allow for permissions to be validated against specific apps.

Application Key

This key is given to Scatter from the app upon approved connections. The app then saves only a hashed version of it to validate itself against Scatter.

Nonce

Along with the application key a nonce ( randomized uuid ) is sent to Scatter along with every request as well as a hashed version of the next nonce. If a nonce is incorrect and doesn't match the assumed next nonce but the app key is correct permissions are dropped and the user is asked to re-authenticate with the application.