Add the feature to display the private key as a QR code in extension

There is a possibility to import an account into MetaMask mobile via scanning a QR code (as it is described here as well: https://metamask.zendesk.com/hc/en-us/articles/360015489331-How-to-import-an-account) - paste private “or Scan a QR Code”

However, it is impossible to display/show a private key as a QR code in the MetaMask extension, which pushes users to copy the private key and transfer it as text between devices which is much less secure than just scanning a QR code.

Copying the private key between devices can be intercepted by cloud providers, various software improving buffer management, and chats.

So, please add the possibility to show the private key as a QR code in the MetaMask extension.
It is especially important while sync with mobile function is still not working.

Hey @Crypt0cean ,

Sorry, I’m not following (I may need more coffee!) but can you share why you would be sharing or sending someone else your private key in a situation?

You never would want to share your secret recovery phrase or private keys with anyone :

3 Likes

To import account to MetaMask mobile from MetaMask extension (it can be also imported to extension before as separate account from another wallet/seed phrase)

2 Likes

@Crypt0cean

Copying the private key between devices can be intercepted by cloud providers, various software improving buffer management, and chats.

Can u please elaborate on how this is possible?

3 Likes
  1. Usually, Mac/iOS users use the cross-device clipboard to copy from Mac to iPhone for example. We don’t know how safe is this way for transferring the private key.
  2. Some users can use special clipboard management software which syncs the clipboard and its history across several devices. This software or its cloud servers can be hacked and searched for any private keys inside to steal left money.
  3. Another way is to send private key in chat program, for example, Telegram, again:
    a. we don’t know how safe is this
    b. telegram account can be hacked and history can be searched for left private keys

So, probably the safest way is to type the private key manually which is pretty boring and exhausting :smiley:
Or scan QR code, which is not possible right now, because MM Chrome extension doesn’t show private key as QR code.

It’s pretty strange that MM Mobile can scan QR codes for importing private keys, but MM extension can’t provide such QR codes.

3 Likes

Hope, it will be reviewed by MM team