-
Notifications
You must be signed in to change notification settings - Fork 974
Backing up wallet to file creates recovery file in AppData #11419
Comments
When you click on import recovery key, default location opened is cc: @NejcZdovc |
Maybe it is a non-issue at the moment, but I was assuming that the Brave wallet could somehow be encrypted (perhaps in the future). Especially since it will at some point it will be possible to move BAT from the wallet to elsewhere (which supposedly is not possible now). And then you don't want people to have access to your funds simply by copying a file (in a known location) from your computer. |
until #10705 is done, the Brave wallet recovery data is also stored in the session state file (unencrypted) in the appData directory, as you mentioned. so there seems to be no reason to have the recovery file also in the directory. |
Resolves brave#13274 Resolves brave#7512 Resolves brave#7511 Resolves brave#11419 Auditors: Test Plan:
Resolves brave#13274 Resolves brave#7512 Resolves brave#7511 Resolves brave#11419 Auditors: Test Plan:
Verified on no recovery code file created in profile folder when building from source. Need to verify once on packaged build as well. |
Testplan
see #13279
Description
The
brave_wallet_recovery.txt
file is stored in%appdata%\brave\
before offering it for saving.The file's content contains this sentence "Save this key in a safe place, separate from your Brave browser.", so Brave acts against its own advice by saving this file in the profile.
Steps to Reproduce
Actual result:
The file being stored in
%appdata%\brave\
as well as the location specified by the user.Expected result:
The file only being stored in the location indicated by the user.
Reproduces how often:
Each time.
Brave Version
about:brave info:
Reproducible on current live release:
This is the live beta release.
Additional Information
Technically, all information to get the wallet would already be available in
%appdata%\brave\
, but having the recovery file there seems a bit overdoing it.The text was updated successfully, but these errors were encountered: