I'm working on a Chrome extension built with React that deals with crypto wallets, and I need to preserve their wallet object, so they don't have to decrypt it after every time they close the extension and open it again. So I need to store either the user's password or the wallet's mnemonic securely somehow.
Metamask uses a persistent background script to keep the object alive, but that requires manifest version 2, which is no longer supported for new extensions.
So is there any way to store a string securely in a Chrome extension in manifest version 3? Chrome storage and HTML5 local storage are no-gos.
Use chrome.storage.session, which is created for this exact purpose: to store variables in memory without persisting to the disk.
The API is the same as any other chrome.storage API, so the data must be JSON-compatible: string, number, boolean, null, array/object of these types.
The maximum capacity of the storage is currently 1MB.
async function foo() {
// reading
const foo = await chrome.storage.session.get('foo');
// writing
await chrome.storage.session.set({foo: 'bar'});
}
manifest.json:
"permissions": ["storage"]