We want to alert the community that Manifest V2 extensions that are not already available in the Chrome Web Store will have to be reimplemented in the Manifest V3 extension platform in order to be published.
As of January 2022, the Chrome Web Store stopped accepting new Manifest V2 extensions with visibility set to “Public” or “Unlisted”. Support for running Manifest V2 extensions will be removed completely in June 2023 in Chrome/Chromium browsers.
As a result, extensions developed using the Manifest V2 platform will not be able to utilize the Chrome Web Store. Users will have to rely on manual – and less secure – distribution channels to install such extensions and keep them up to date, which will leave them vulnerable to new attack vectors. At some point, these extensions will no longer be able to run on newer Chrome browsers.
Multiple browser wallet extension development teams have raised concerns about the upcoming transition, such as MetaMask.
Security Concerns in Manifest V3
Securing Decrypted Secrets
With browser wallet extensions, one critical security challenge is where to safely keep the decrypted secrets when the wallet is unlocked. In Manifest V2 extensions, background pages are used to store secret values in variables in memory, such that they can be persisted (at least as long as the browser is running), but are not stored to disk. None of this is possible with service workers, which are short-lived event handlers that typically do not maintain state. The only way to persist data between handled events in Manifest V3 using existing methods is by utilizing IndexedDB, Caches, or the chrome.storage API. However, all of these resources require that secret data is written to disk, thus creating a different set of security challenges.
A proposal was made to add the chrome.storage.session API to the chrome.storage API, which enables extensions to store variables in memory so that service workers and other parts of the extension can access these values as long as the session is active. Although the chrome.storage.session API is enabled in the newest chromium versions (starting from version 100 and higher), it has not been formally announced and, at the time of writing, is listed as pending in the chrome extension documentation. This modification to the API is not battle tested, and the impact that the usage of this API has on the security of browser extensions wallets is not yet known.
Unsupported Encryption and Key Derivation Packages
Another challenge caused by the switch to Manifest V3 is that encryption and key derivation packages that are considered to be secure, such as argon2 and libsodium-js, are currently not supported in Manifest V3 because of their usage of WebAssembly, which is disallowed for extensions in the new manifest version. For libsodium, this could be a bug in the code used to switch between wasm and asm, whereas argon2 is currently compiled only to wasm. Our team has previously discussed the common usage of insufficiently secure key derivation algorithms and weak encryption algorithms and we intend to publish a blog on this subject in the near future. The incompatibility of argon2 and libsodium-js with Manifest V3 currently limits the options for secure key derivation and encryption methods. It seems likely that WebAssembly will be supported for extensions in Chrome in the future, but the fix is not in production yet.
In Manifest V3, in order for secret data to be stored securely, the chrome.storage.session API must be used, even though it has neither been officially launched nor sufficiently tested and audited as a secure medium for persisting secret data. In addition, encryption key derivation and encryption packages that are known to be secure are currently incompatible with Manifest V3, which limits the options available for the implementation of sufficiently secure cryptography.
We encourage community members and stakeholders to closely monitor developments in chromium based browser extension security.