PANews reported on December 24 that SlowMist founder Yu Xian tweeted that a project had a serious security vulnerability in the testnet environment. Humanity Protocol stores the user's plaintext private key directly in the browser's sessionStorage . This problem occurs when logging in through Web2 (such as email login), the platform will automatically assign a wallet to the user, and the plaintext private key is directly exposed. He said that fortunately this is just a testnet and there is no actual harm.
SlowMist Cosine: The Humanity protocol stores the plaintext private key directly in the browser's sessionStorage
Comment
Recommend Reading
- 2024-12-25
Humanity Protocol responds to testnet private key storage issue: will be resolved as soon as possible
- 2024-12-24
Incubation mania! By the end of 2024, incubator Arweave India will bring 8 new projects
- 2024-12-24
One user lost $1 million to malware impersonating Zoom
- 2024-12-24
Gate.io launches the first risk control system with a single staff, leading a new trend in crypto trading security
- 2024-12-24
Gate.io Releases the Industry's First Single-Staff Risk Control System "Prometheus System"
- 2024-12-24
Moonhacker contract was attacked by flash loan, losing about $320,000