Hello, First I want to thank you for your effort to the open source community.
I saw in the doc you said that:
"It will not be secure against an attacker that inspects the source code of the page (eg: browser extensions) to find the key and can run arbitrary scripts on your origin to decrypt the stored state."
Can you please give some light on this statement, or give us a real world example on how an attacker could reach the private key?
Thank you.
Hello, First I want to thank you for your effort to the open source community.
I saw in the doc you said that:
"It will not be secure against an attacker that inspects the source code of the page (eg: browser extensions) to find the key and can run arbitrary scripts on your origin to decrypt the stored state."Can you please give some light on this statement, or give us a real world example on how an attacker could reach the private key?
Thank you.