blixt-wallet
blixt-wallet copied to clipboard
Android keyboard stores seed phrase
Upon restoring my wallet for the second time I noticed that the Android keyboard started to predict and fill in all my seed words in order. This is a security flaw.
Expected behavior:
The seed phrase box should not have the default keyboard auto complete enabled that stores what you type.
The default keyboard should not be used at all. Those might be any keyboard with features that even send all you write to some servers.
Agree, I think creating Blixt Wallet's own software keyboard component in react-native with View
s could work.
The text should be shown in a Text
instead of a Textarea
.
Addressed in 5805b9b1d38b4c1ed3c099348a6dae24b1cbb0c9.
In-app keyboard would be nice, maybe at a later time.