[AgentME]

I think that explanation was just a little too jargony.

If you have the Metamask browser extension (or another compatible web3 extension) and press its browser button to enable it while on a webpage, then the webpage can see your wallet address and suggest transactions for you to make. When that happens, the browser extension then shows a window under its own control explaining the transaction and allows you to choose to sign or reject the transaction.

The webpage never sees anything about your wallet if you don't activate the extension on the page specifically, it never sees your private keys, and it can never silently sign a transaction from you.

[patch_cable]

The UX is similar to buying something with Apple Pay from a website in my experience.

[Phlarp]

Apple Pay doesn't run as a browser extension with a nasty habit of granting bad actors full access to drain your funds in a totally irreversible way.

Does any of that fall under "user experience" for you?

[patch_cable]

The distinction between “browser extension” and “baked into Safari” didn’t seem like an important distinction for this discussion.

The similarities are that in both use cases the user is presented with a request to approve or deny.

[Thorrez]

Yeah, I think the main differences are:

* Phished Apple Pay transactions can be reversed. Crypto transactions can't be reversed.

* Actors who phish Apple Pay transactions will be banned. Crypto bad actors generally can't be banned.

[tatertots1234]

Banned from what?

If somebody sets up a phishing website in the US with intent to steal funds, they are equally as liable whether their target is a crypto wallet or Apple Pay.

[lupire]

Banned from the banking network. You can't receive credit card payments directly.

[nieve]

Has there ever been a prosecution for theft of crypto via phishing/draining?