When the client opens, it invites the user to enter their password and decrypt it. The original purpose of this was to get users decrypting for minting.
However, the initial decrypt opens the wallet entirely (including for transactions).
Can this be fixed for the next release, so the initial decrypt applies only to minting? Otherwise, it represents a potential security risk.
I had this issue about a year ago. The whole wallet was unlocked without me realizing it. At any time, anyone could have made a transaction from my wallet without needing to enter my password. Either it needs to be changed or be made more clear what is happening, that entering the password fully unencrypts the wallet and cancel lets you bypass this.
I believe at the time I thought the only way to get into my wallet was by entering the password, and clicking cancel would just close the wallet. Obviously this is not what these buttons do, but it’s what I thought at the time.
I think the options should be “Decrypt wallet for minting only” and - in place of “Cancel” - something like “Leave wallet encrypted”.