Sentry tracking on SDK initialization without user consent (GDPR issue) #1027
Description
Issue
The Porto SDK sends error tracking requests to Sentry when the wallet connector is initialized, before users interact with the passkey login UI.
Configuration
import { portoWallet } from '@rainbow-me/rainbowkit/wallets';
import { Mode } from 'porto';
const connector = portoWallet({
merchantUrl: 'https://example.com/porto/merchant',
mode: Mode.dialog({ theme: customTheme })
});Tracking Observed
- Sentry:
o4509056062849024.ingest.us.sentry.io/api/.../envelope/ - Multiple error tracking requests sent on connector initialization
- This happens before any user clicks "Continue with Passkeys"
Note: Tracking after user authentication would be acceptable, but tracking before any user interaction violates GDPR consent requirements.
Problem
- GDPR requires consent before tracking
- Porto documentation (https://porto.sh/llms-full.txt) does not mention Sentry tracking
- Users are tracked even if they never use Porto
- No documented way to disable Sentry
Request
- Defer Sentry initialization until user actually authenticates with Porto
- Add option to disable Sentry tracking
- Document the Sentry integration and data collection