@muneeb It appears that Phantom leaks the seed phrase unencrypted via the browser when users login. So, if a user clicks on malware or visits a malicious site then the vulnerability is opened up.
A good lesson though for people on the importance of key generation and storage security.
@muneeb 似乎 Phantom 在用户登录时通过浏览器泄露了未加密的助记词。因此,如果用户点击恶意软件或访问恶意网站,那么漏洞就会被打开。
不过,对于人们来说,这是关于密钥生成和存储安全重要性的一个很好的教训。