How secure is PIN unlock feature?

Hello everyone,

I’m looking for some insight into the PIN unlock feature? I’m for one is excited that the new PIN unlock feature landed for desktop users. Albeit, I had a cursory look at the code, and the bugs encountered since 1.39. It seems to me, it’s useful if you at the desktop, or at least locking manually with Master Password. However, it seems to me, if a host is compromise, a hacker can simply patch the extension unbeknownst to the user, may have access to the vault? Specifically, how is the validation is done?

It’s how I’ve been expecting, little to no response from the developers. I support OSS and will stick around and help. I know as Premium user doesn’t gain you extra privileges but support the project. I will E-Mail my question instead.