Arbor wallet insecure

For those who haven’t seen it, the recently released Arbor wallet from DFI (intentionally not linking to it) is known to have serious security flaws, namely:

  • For signing transactions, the wallet sends your private key to their servers.
  • For recovering an account, the wallet sends your seed phrase to their servers.


While the communication with their servers is HTTPS-encrypted, you’d still need to trust the developers that their backend is not storing/logging/leaking the private keys, and that their servers are absolutely secure and won’t get hacked. Note that with this issue being known, they have now painted a giant target on their back for blackhats, so we’ll see.

The developers seem to acknowledge this problem and promise it will get fixed in the future (e.g. transactions will be signed locally on the client) but in its current state I would strongly advise not to use their wallet.

Arbor Wallet sends private keys off device - The Chia Plot

My thoughts here. As long as you working inside their ecosystem, and not bringing in wallets (or keeping them after this is fixed) its probably not a huge deal, just treat it as DFI’s keys and not your own.

Reddit is being awful pitchforky over this, which I don’t agree with.

1 Like