Suppose I have a simple web UI to connect wallet and click a button to invoke a solana program transaction. Since the call is happening actually on user’s host machine/the browser, it's possible somehow the sol smart contract request metadata can be altered by the transaction signing user.
Is there a way to validate that ?