How do we read globalThis.chrome.storage.session to get to password?

Hello! I’m trying to learn about MM, in particular how the credentials is stored safely in chrome.storage.session. I’m running the extension locally and tried to remove the scuttling done by Lavamoat, but I still cannot access the session data via chrome.storage.session.get(null) or similar in the console. Any help would be appreciated!
This following works for showing local encrypted data, which indicates I’ve turned off scuttling:

globalThis.chrome.storage.local.get(data, result => {
var vault = result.data.KeyringController.vault;
console.log(vault);
});
but I cannot get access to the password stored in globalThis.chrome.storage.local in a similar fashion. Are there multiple scuttling layers and I’ve not turned them all off perhaps?

Hi @user3409 could you try manifest V3: javascript - How to store sentitive data in Chrome extension Manifest V3 - Stack Overflow I need to check with the team. Also a question why are you removing Lavamoat scuttling

Hi 0xroosh, thanks, but that is just a description of V3 Manifest, which MM uses indeed. My question is more about how to disable scuttling because I’ve disabled Lavamoat according to the instructions I’ve found out there, but I still cannot access chrome.storage.session even though I would think it’d be possible. I’m doing this for educational purposes and to try to learn how to apply Lavamoat to my own project.

Hi could you please open a new issue: Issues · LavaMoat/LavaMoat · GitHub

here it is: [Metamask] With scuttling disabled I see chrome.session.local but not chrome.session.session. Why? · Issue #736 · LavaMoat/LavaMoat · GitHub