MetaMask Demonic Vulnerability Analysis

  1. It’s unclear which file on the hard drive stores the cache.
  2. It’s unclear when the cache is recorded to the disk.
  1. The mnemonic data is stored in plaintext on the local disk and may be read by other programs. Securing the Sessions cache file on a PC from being accessed by other programs is a challenging task.
  2. Data containing mnemonics in plaintext are stored in a local cache. The mnemonic may be retrieved by direct contact if the disk is not encrypted. The mnemonic data may be read from the hard drive in situations when unauthorized parties have physical access to the machine, such as during periods of maintenance.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.