TechFlow reported on December 24 that SlowMist founder Yu Xian posted on X stating the blockchain identity platform Humanity Protocol has a critical security vulnerability. Upon verification, when users log in via Web2 methods such as email, the project automatically assigns wallets and stores plaintext private keys directly in the browser's sessionStorage. Yu Xian pointed out this is a basic yet high-risk security flaw. Fortunately, the project is still on testnet and no actual asset losses have occurred.
Navigating Web3 tides with focused insights
Contribute An Article
Media Requests
Risk Disclosure: This website's content is not investment advice and offers no trading guidance or related services. Per regulations from the PBOC and other authorities, users must be aware of virtual currency risks. Contact us / [email protected] ICP License: 琼ICP备2022009338号




