WalletKit: Secure storage conflicts with app’s FlutterSecureStorage (overwrites/deletes app keys after pairing)

[PhillipWong0627]

🐛 Bug: WalletKit clears/overwrites app’s secure storage after pairing

Packages:
flutter_secure_storage: ^9.2.4
reown_walletkit: ^1.3.8

Problem:

• After calling walletKit.pair(...), my app's secure storage keys (PIN, secret, token) are deleted or overwritten. Logs show values becoming null immediately after pairing.
• WalletKit appears to use FlutterSecureStorage() with default configuration and clears values during pairing/session initialization.
• Because my app also uses the default secure storage namespace, both conflict.

Workaround I used:

static const _androidOptions = AndroidOptions(
  encryptedSharedPreferences: true,
  sharedPreferencesName: 'xxxx_secure_store',
  preferencesKeyPrefix: 'xxxx_',
);
static const _iosOptions = IOSOptions(
  accountName: 'xxx_secure_store',
);
static Future<FlutterSecureStorage> initSecureStorage() async {
  return _secureStorage = const FlutterSecureStorage(
    aOptions: _androidOptions,
    iOptions: _iosOptions,
  );
}

With custom storage namespace, the issue disappears.

Expected behavior:
WalletKit should not override or delete global secure storage keys.
It should:
use namespaced keys (wc_*), OR
use its own storage instance with custom prefix, OR
allow users to inject their own storage backend

Impact:
Apps using FlutterSecureStorage for user credentials (secret/PIN/etc.) are vulnerable to data loss when WalletKit pairs.

[linear]

APKTN-683

[aadarsh-patel]

Also can we upgrade flutter_secure_storage to v10.0.0

[quetool]

Hello! This shouldn't be happening indeed. We use prefixed keys so it baffles me. Thanks for reporting, I will be taking a look after Christmas. Thanks!