Topic: Bitcoin wallet on phones (Read 485 times)

For almost 4 years been using a crypto wallet (3rd party/non-custodial), it is all just fine, never encounter troubles unlike the other platforms. But, I wasn't holding and stocking huge amounts in there as we know that it was not a safe wallet, and to anticipate hacking that can be possible. The good thing about this is we can make transactions anytime, less hassle.

Only the thing we need to do is to keep our phone untouchable to others as this might lead to some leaks especially when they access sites that contain viruses.

If you are active of making transactions phone wallet is your choice but of course, it will depend on how you want to balance everything. Like how you leave a certain amount of Bitcoin on your Trezor wallet if you are just planning to put it on-hold. It's not necessary you bring/put everything your Bitcoin on a single wallet especially in your phone wallet. So it just depends actually on what case or circumstances you think owning Bitcoin would be dangerous. It's just like bringing your wallet with full of cash instead of CC and I think you picture out already what I want you to see.

Phone wallets are ok , I have been using them since years now and been going along fine (possibly because amounts are peanuts, but let's not talk about it), I even locked myself up and realized these things are quite secure: https://bitcointalk.org/index.php?topic=5289504.40

It depends. The frequently asked question and continuous advice for traders especially for newbies is to never use the amount of money they can not afford to lose to trade which is actually true. But for holders, they have a kind of different mindset that believes fiat is not advisable to be used for holdings because of how the governments continually devaluing fiat. So they have most of their holding in bitcoin and other assets, not fiat.

This reminds me when my Blackberry phone whitened out when I was using it to play minions. All I heard was that the motherboard was faulty. I took it to slot for repair but I was told it can not be repaired. If I had my seed phrase on the device and never back it up on paper or metallic sheet, that would be all to my bitcoin which will be lost forever. I was not using bitcoin at the time, it was 2015, but supposing I have bitcoin wallet on the device without any offline backup.

I don't recommend using the Eclair Mainnet/Lightning Net Android wallet for storage of funds other than to test and then remove after a short while (and even then, don't create too many open channels which you will loose if there is a problem).

Same goes with BLUE wallet.

OTOH  From the little I have used the Ballet Wallets, this platform is stable.

The Phoenix Mainnet/Lightning platform whilst it appears to be stable, has absurdly high TX fees for both the Mainnet/Lightning Networks, so use it with that in consideration.

I have installed an instance of "Trust Wallet" for Android as well, but have used it very little to give a resounding thumbs up.

This is why it's advisable to copy out the passphrase on a piece of paper that one keeps safe and secured. It's bad idea to leave one's passphrase on one's phone. A real bad idea, I must add. Apart from the phone being stolen or lost, the device can jam and malfunction abruptly. It once happened to me. My device just went down without any warning sign while I was in the middle of something. I had to ransack all my documents for my passphrase and was able to recover my funds after several attempts as I could identify where I wrote it down initially. So, it was series of trials before I was able to get the right seed sequence. A lost passphrase or access to one's wallet is a nightmare no investor should experience.

We are the same ill put a password and enrolled my fingerprint to secure my wallets like you said if our Mobile phones are lost or be stolen the person who try to access the passwords won't be successful in the short period of time. And this proves that the gadgets or especially mobile phones are very high-tech and secure that previous models.
But we ned to remember our recovery seeds/phrase in order to secure our wallets and if our phone will stolen we have a chance to recover our funds inside our wallets.

Hardware wallet is much recommended to the whales since there huge balance is not secured if they used  mobile app wallets or web wallets. But for average joe for sure they will not think buying an expensive hardware wallet since for sure they will think twice since instead of spending there money on such thing they will just used a secure mobile app wallet which have strict 2fa requirements. That's why if you are a user of mobile app wallet just make sure to activate the 2fa feature and bind it to your email and phone which is separate to the device you used so that if the phone got stolen then the intruder will not get an easy access to your balances.

That's very correct. Even if I don't put a password on my phone, anyone who steals it will find it a hard time accessing my wallets as I put passwords and fingerprint locks on them. Even if they're able to view the funds in them; they still won't be able to move out the funds or assess the passphrase or private keys. But putting a password on phones even goes beyond wallets. There are other vitals one stores on phone. A thief can gain access to such if there's no password. With password, there's nothing a thief can do than flash it. That action will erase any data on the phone. So, it's a great idea to always put a password on one's phone no matter how trivial or cheap one thinks that phone is.

In 2022 mobile phones are very much secured as they have multiple levels of security features. The only drawback I think with mobile phones are people tend to lose it more often  and like computer devices they can be hacked. A lost phobe won't affect anyone who has created a backup of their Bitcoin wallet. But, a hacked phone can be of concern. Therefore hardware wallet and paper wallet are recommended as they fall under the category of cold storage.

If a phone is secured with a password and it got missing it will be very hard to have access to the wallet because a phone password can't be hacked.  The phone can only be flashed which will erase all the information on the phone including the wallets. But if the phone is not secure it can be somehow easy to get access the wallet, not all wallet though, depends on the wallet.

I use mobile wallets, mainly electrum. I know what consequences I will consider and I must know how I can minimize the risk. Using a mobile wallet of course we have to face some risks especially regarding damage or loss of the device and possible deletion of the app from the app market so we can't find any update. These two things should always be considered if you have a lot of bitcoin and want to keep them.

The main point is that your bitcoins are your bank and it is your responsibility to keep them safe. I practiced a few ways to worry less about mobile wallet security so far,

• Don't hold large amounts of bitcoin as a long term investment asset, just keep an amount you can afford to lose. The solution is to have a hardware wallet.
• Do not install any application carelessly.
• Use a strong password and back up your wallet include Private key and seed which allows you to access the wallet in the event of a demage or loss of the device.
• Make sure you scan for viruses and malware regularly.

A whole lot can happen. People store vital information on SIM cards apart from the mere contacts and those could be used to harm the victim by assessing sites whose passwords they've stored there. Another is that someone could assess the phone number and use it to get a loan from microfinance banks. That's very easy in my country. I've this sad experience happen to a cousin of mine. Her phone was snatched from her, she hesitated in blocking that sim in hope that it could be returned to her. Two days later she got debit alerts from her bank. I didn't even know she had that challenge until I got two different texts from two different microfinance banks as one of her supposed guarantors where the thieves had also gone to get loans with her phone number. It was when I put a call across to her to see how things took a downturn for her financially (she's someone financially independent) that I discovered what happened to her. It wasn't her but the thieves who took her phone. They accessed her SIM card and got some regular numbers she called and submitted them as guarantors to get loans. If her SIM had been locked, the thieves wouldn't have been able to assess her contact or known her sim number to the point of submitting it in getting those loans.

My SIM card allows me 16 characters.

Exactly! I've all three (that's four, if we add SIM lock) – password, facelock and fingerprint on my phone too. Occasionally, I tend to unlock it with the password for two reasons. One being that so I don't forget it. The second is that sometimes I'm forced to when the phone refuses to recognise my face or fingerprint.

Can I ask you a question? What can you learn if you pull out someone else's SIM card and insert it into another phone? I always thought it was just contacts. For me, it is not critical. In your case, I think that some important data can be stored in the SIM card? But I won't argue. We are from different countries, likely, I do not know something.
And also, a complex password on the phone, how many characters should it consist of in your opinion? How long will it take for the owner to regularly use it by logging in?
I prefer a fingerprint, or a photo, and the phone in the cold sometimes does not recognize my fingers and face. 

It depends on what are your capabilities to secure your assets such as bitcoin. In computers mostly we are using the Electrum wallet which comes from their website to prevent using fake/phishing platforms of course still there's a risk on it if you are using different suspicious files, downloads and platforms that you are allowing access to your computer. Next is the bitcoin wallet in phones previously im using the exodus and electrum wallet only I have is the seed phrase neglect mostly the passwords the problem is again you access and download applications to your mobile. Lastly, I'm upgrade into the HArdware wallet the probability risk is to lose the wallet and lose the seed phrase.

Some people don't like F-Droid and they can't find apps they use there, but great alternative is open source Aurora Store, if you like shiny look that is probably better than original G-store.
I didn't know about Sandboxed Google Play, but I guess it's good for people addicted on google software

One thing different from Firefox browser, most images you see browsing with Librewolf are in .webp format (developed by google) not in original formats, but I don't mind this and maybe it helps opening pages faster.

You've got F-Droid for most things, and if you really need to run Google Play or something dependent on it, then most good custom OSs will give you a safe and secure way to do that. See, for example: https://grapheneos.org/usage#sandboxed-google-play

I've poked about a bit more and found this in their documents: https://librewolf.net/docs/faq/#how-often-do-you-update-librewolf
Alright, so you've convinced me. I'll give it a go next time I'm setting up a new device or installing a new OS.

Android is not really open source but it is based on Linux open source operating system, in similar way like Chrome browser is not open source, but Chromium browser is.
I was not mentioning iOS because Android have bigger market share, but it's similar situation and only way is using degoogled phone with LineageOS, GrapheneOS or CalyxOS.
Installing Bitcoin wallet should work just fine after doing this, but you won't have access to any G-aps, and you will have to use alternative options.
You can always remove all ads from your phone with open source applications like Blokada 5 or some other alternative.

This was true for Waterfox, Palemoon and some other forks, but LibreWolf browser is most serious from all of them and there are almost no delays for receiving updates compared to normal Firefox.
I know that settings tweaking is always possible for Firefox, but some things you can't remove on your own and I am not sure how to completely disable telemetry.
I can say only good things about Librewolf, I think it is lighter on system resources compared to Firefox, and for full list of feature you can check the link bellow:
https://librewolf.net/docs/features/

Maybe some people don't know this but they accepto cryptocurrency donations:

- DivestOS is accepting Bitcoin and Monero donations.
- GrapheneOS is accepting Bitcoin and Monero donations.
- CalyxOS is accepting Bitcoin,Ethereum, Litecoin, Bcash, Dogecoin, and USDC donations.
- LineageOS is NOT accepting crypto donations.

Don't play with such things if you are not 100% sure what you are doing, because you can brick your smartphone. In addition, if the device is under warranty, you may lose it. Besides, as @o_e_l_e_o says, you probably won't achieve anything special if you change the OS on your smartphone, you'll just be fooled by some fake security.

I have had a well-known smartphone brand for years with Electrum, and I have never had a problem even though significant amounts have gone through it. It is crucial that the device regularly receives security/critical updates for the OS, and that I do not download any suspicious apps other than those that have millions of downloads and are relatively secure. Should I mention that an antivirus program on a smartphone also makes sense, and very few people pay attention to it.

Depends on your phone. GrapheneOS only really supports Pixel phones. If you have a different phone you might be better off looking at LineageOS, or its fork DivestOS. You'll find links to their websites and GitHubs here - https://privacyguides.org/android/ - where you will find documentation and install guides. If you want to revert back, then you'll need the original OS files to reinstall, so you'll need to look in to making a back up or sourcing the installation file from an official source first.

Be aware, though, that just because these are open source doesn't mean they are infallible. Plenty of open source software has bugs, vulnerabilities, or even malicious code slipped in to it. You shouldn't just switch to these for the sake of it and then think you are safe.