Using the ethereum browser, Mist may endanger the cryptocurrency private keys, according to an article in the Ethereum Foundation released today.

The threat comes from a newly discovered vulnerability, which the blog calls "high severity" and affects all existing versions of the browser. However, the compatible Mist Ethereum Wallet browser is not affected, the message clarifies.

As a result, Mist users are advised to avoid "unreliable" websites, and by default to Ethereum Wallet to manage the funds.

The vulnerability comes from the underlying software framework, Electron. Electron's delay in updating to fix known security issues has led to "an increasing potential attack surface over time," said the author of the message, the developer from Mist, Everton Fraga.

As a result, Mist is planning to migrate to an Electron fork since Brave – named Muon – which has a more frequent release schedule.

In the post, Fraga pointed out that Mist is still in beta mode, and users who engage with the browser do so without warranty.

He said:

"The beta version of Mist Browser is provided" as is "and" as available "and there is no warranty, express or implied, including, but without limitation limit, warranties of merchantability or fitness of purpose. "

The developer described security as an "endless battle" in browser development, writing, "Making a browser (an application that loads unreliable code) that handles private keys is a difficult task."

Sponsored by the Ethereum Foundation, Mist is the most popular ethereum browser for navigation in decentralized applications (dapps).

Image Code via Shutterstock

Leader in blockchain information, CoinDesk is an independent media company that strives to achieve the highest journalistic standards and adheres to a strict set of editorial policies. Do you have any breaking news or a tip to send to our journalists? Contact us at news@coindesk.com.

