You can access Object Search while app is locked. You cannot open the Object, but the titles might be enough data to leak already
Edit: this also works for Export (leaking all data while app is locked) and import (potentially importing an exploit).
- Open Anytype and wait for the app to ask for the pin
- Locate the systray icon of Anytype and right click on it
- Click “Search object”
- See that you can see a list of recent Objects with the pin entry in the background
You cannot use search while you are not “logged in” with your pin. Either hide the option in the context menu, or only show the pin and after verification show the search menu.
Dell XPS 15