I don’t have any particular knowledge of Mutiny’s design, but I assume that all of the pros and cons of client-side browser data storage apply. It’s stored just as any data is stored. Keeping in mind that this is a spending wallet, so the risk profile is such. And the code is all there on GitHub to examine.