[HIGH] Plaintext token fallback without user warning #107
Description
Security Issue: Insecure Credential Storage Fallback
Severity: HIGH
Location: src/main/auth-store.ts:56-58
Description
When Electron's safeStorage is unavailable, credentials fall back to plaintext JSON with only a console warning.
Code
} else {
console.warn("safeStorage not available - storing auth data without encryption")
writeFileSync(this.filePath + ".json", jsonData, "utf-8") // Plaintext!
}Risk
- Credentials stored in plaintext JSON on systems where safeStorage is unavailable
- Only console warning, no user notification
- Migration from plaintext to encrypted doesn't inform user of previous security gap
Recommendation
Option 1: Fail Hard (Recommended)
} else {
throw new Error("Cannot store credentials securely - safeStorage unavailable")
}Option 2: Prominent UI Warning
- Show modal dialog warning user about insecure storage
- Require explicit user consent before storing plaintext
- Add persistent warning banner in UI
Option 3: Alternative Encryption
- Implement custom encryption for platforms without safeStorage
- Use user-provided passphrase
- Store encrypted locally
Impact
Medium-High - Affects security on systems without native credential storage support.
Labels: security, authentication