From 138c13adb3036b9fff2d06e7c0ecd9224b6c7adf Mon Sep 17 00:00:00 2001
From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
Date: Tue, 7 Oct 2025 20:56:49 +0700
Subject: [PATCH] Potential fix for code scanning alert no. 84: Insecure
 randomness

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com>
---
 packages/wallet/dapp-client/src/DappTransport.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/packages/wallet/dapp-client/src/DappTransport.ts b/packages/wallet/dapp-client/src/DappTransport.ts
index 072fa056f..2dc898f74 100644
--- a/packages/wallet/dapp-client/src/DappTransport.ts
+++ b/packages/wallet/dapp-client/src/DappTransport.ts
@@ -513,6 +513,10 @@ export class DappTransport {
   }
 
   private generateId(): string {
-    return `${Date.now().toString(36)}-${Math.random().toString(36).substring(2, 9)}`
+    // Use crypto.getRandomValues for cryptographically secure randomness
+    const array = new Uint32Array(1);
+    window.crypto.getRandomValues(array);
+    const randStr = array[0].toString(36);
+    return `${Date.now().toString(36)}-${randStr}`;
   }
 }