[rkagerer]

Maybe you could shed some light. The landing page says No username, no password, no recovery phrase to backup. Just use your phone number.

Does that mean my wallet can be stolen via SIM swap?

Later it says In the event where your phone is lost or stolen, your private key (recovery phrase) can be safely used to recover your funds.

...which seems to contradict the "no recovery phrase" bit?

[zilebune]

That's a good question and I've seen it partially answered on their Telegram group: Maiar offers the option to back up your private key to an off-chain location (eg. Google Drive), so if you do choose to back it up it can be used to regain control of the wallet.

However, the app is still in beta, with GA date on 31st Jan via both Google & Apple stores, so I don't know precisely if its linked to the IMEI or if it fingerprints the phone in other ways to allow recovery of said wallet & prevent SIM takeover attacks.

Looking fwd to the official docs/FAQ addressing this topic as well, which I expect the team will publish along with the app release soon...