TechFlow reports that recently, ScaleBit Security Team under BitsLab discovered a vulnerability in Uniswap Wallet (iOS version), which they named "Unauthorized Access to Recovery Phrase." This vulnerability allows attackers with physical access to the device to bypass the wallet's authentication mechanism and directly access the recovery phrase stored on the device. This means anyone who gains temporary access to an unlocked device could obtain the wallet's recovery phrase within three minutes. In daily life, briefly borrowing someone else's phone is not uncommon—especially among couples or friends. However, due to this vulnerability, such seemingly harmless behavior could directly lead to the exposure of a wallet's recovery phrase.
Alarmingly, this vulnerability still exists even in the latest version available on the App Store (Version 1.42). The BitsLab security team urges all users: until this issue is patched, exercise extreme caution in protecting device unlock credentials and biometric data such as facial recognition, and stay informed about official updates to prevent potential asset loss.




