Author

Topic: Generating wallet on custodial exchanges is what you should avoid (Read 172 times)

staff
Activity: 2436
Merit: 2347
On the OKEX exchange, it's a common case where they ask for additional data. I have encountered this myself several times. Usually it happens after some break between your sessions or frequent deposit/withdrawal operations with no trading activity.

In general, it is not clear who this option is intended for, because if I need a non-custodial wallet, I will create it outside the exchange. For convenience? But where maximum convenience, there tends to be less safety.
staff
Activity: 3304
Merit: 4115
I have been using custodial wallet but I didn't have problem as the platform itself is trusted. I don't know about custodial wallet out there if it is trusted or not. You can see it in 777coin signature spreadsheet that I used my custodial wallet to receive Bitcoin and I can also use the custodial wallet to exchange my Bitcoin to fiat. Honestly, it is the only custodial wallet that I used. I don't know if there are other custodial wallet like coins.ph.
Plenty of trusted exchanges or wallet hosts have gone either rogue or been compromised. I don't like the idea of trusting someone else with handling security, as even some of the biggest security focused firms in the world have made some awful, amateur mistakes. So, personally I believe blindly trusting someone you don't know, but only has a reputation from other people, is a no go.

If I were you, I'd be moving my Bitcoin right this second. I do understand, some users have different views, and threat models, but it just doesn't sit right with me. Being online, you're basically adding an entirely new attack vector too.
legendary
Activity: 2114
Merit: 2248
Playgram - The Telegram Casino
I have been using custodial wallet but I didn't have problem as the platform itself is trusted. I don't know about custodial wallet out there if it is trusted or not.
When using Bitcoin, it's expected you verify and not trust. Banking on the reputation of an exchange is not a good strategy, as popular and trusted exchanges have been involved in hacks with users losing their funds.

There's also the risk of data theft where the platform can be hacked and personal details of users stolen. The exchange also would need to conform to government regulations and can at any ti e submit your details to the government without informing you, or a third party server could sell your data.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
I have been using custodial wallet but I didn't have problem as the platform itself is trusted. I don't know about custodial wallet out there if it is trusted or not. You can see it in 777coin signature spreadsheet that I used my custodial wallet to receive Bitcoin and I can also use the custodial wallet to exchange my Bitcoin to fiat. Honestly, it is the only custodial wallet that I used. I don't know if there are other custodial wallet like coins.ph.
legendary
Activity: 2702
Merit: 4002
I used OKX recently, I was not verified because unverified users do have option to withdrawal limit. I left the exchange for like a month and I deposited to the exchange like three weeks ago. I wanted to withdraw from the exchange after successful trading and it made it mandatory for me to provide my phone number.
Wait, is phone number verification applied for all exchange withdrawal (even non-kyc accounts) ? I have less than 1000 $$ on that platform and I did not withdraw it because I thought that the price might change in the coming days, but it is strange that the platform requests data from users.

Regarding your question, there are a lot of open source wallets and options for open source bitcoin processors, so why would you try to risk that wallet?
hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
I can only see the password not the private keys, because both are different and how can you connect your non custodial wallet to a centralized exchange? Its just a trick to keep the funds in the exchange itself instead of withdrawing it everytime but no exchange is safer for holding and another reason to mention " not your keys not your coins".
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
I didnt know OKX has some noncustodial wallet generator. But that would definitely still custodial since they are inside of the centralized exchange. Id rather make a lot of metamask or noncustodial L1 prooject token wallet than trust one inside the exchange.

I am trading on some of cex, and making sure limit it to few ones Ive been using. Since privacy also matters, and putting up big fund on unknown cex isnt advisable. Even bigger one could be at risk too.
hero member
Activity: 1064
Merit: 843
You can generate a noncustododial wallet on a OKX exchange, the people using the exchange can be forced to do KYC but have used the site to generate a noncustododial wallet. This is just a way to link centralized exchange to what supposed to be a noncustododial wallet. Which means privacy is totally gone for those that make use of this together. I will not recommend this method to create a noncustodial wallet, it will link your noncustododial wallet to your exchange and no privacy possible again for such person.
Noncustodial and privacy are different stuffs, noncustodial is make sure you're the only one who had access about the wallet by seed phrase or private key, while privacy it depends on your personality. Some people doesn't really care with his personality, but they always need to have a non custodial wallet to hold his coins for safety. I'm not against privacy oriented person, honestly I support it and I completely understand why privacy is a matter.

Anyway, why should someone need to use new wallet instead of trusted and old one? I don't see any advantages from this.
staff
Activity: 3304
Merit: 4115
software like electrum or bitcoin core though - you're probably better off using one of them
Right, I think everyone that has access to either of the two, and learns how to verify the software should be using them over every other piece of software out there. They're tested, and proven to work. They're widely compatible, and personally I don't feel comfortable recommending any other software to newbies, that has the potential to either compromise their Bitcoin due to not being open source, and custodial, but also through compatibility issues. Newbies aren't necessarily going to understand the compatibility issues that they might face using other software, therefore it's always best to recommend the fool proof way. 

At first it might be daunting verifying software, but the sooner you do it, the better. Plus, you'll probably want to reinstall your operating system, and everything else then just so you can verify they came from legitimate sources, and remained unchanged.
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
OmegaStarScream said it wasn't open source in your last thread (first response).

There's a chance okx have called it decentralised because I'm assuming you can dowlaod a wallet file or something's saved on a plugin (blockchain.info used to have downloadable wallet files which made it a bit more reputable - those wallet files aren't ever directly compatible with software like electrum or bitcoin core though - you're probably better off using one of them).
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
I used OKX recently, I was not verified because unverified users do have option to withdrawal limit. I left the exchange for like a month and I deposited to the exchange like three weeks ago. I wanted to withdraw from the exchange after successful trading and it made it mandatory for me to provide my phone number. There can be a time that I can be forced to provide my identity documents like driver's licence, nation ID or international passport. We should not forget to differentiate between centralized and decentralized exchanges. But I like the exchange service and it is one of the best exchanges I have used thus far, but it still remain a centralized exchange, you can be asked to verify at anytime if you have coins on the exchange or not in a way you may not be able to withdraw just as I was unable to withdraw until I added phone number.

Let us go into the real matter. Recently I on the exchange, I saw wallet, I clicked on it, I was thinking it would be a centralized wallet, I asked on this forum about it, but later checked it also myself too through a link because I can not use a centralized platform to create a wallet. This is how it looks like:



You can generate a noncustododial wallet on a OKX exchange, the people using the exchange can be forced to do KYC but have used the site to generate a noncustododial wallet. This is just a way to link centralized exchange to what supposed to be a noncustododial wallet. Which means privacy is totally gone for those that make use of this together. I will not recommend this method to create a noncustodial wallet, it will link your noncustododial wallet to your exchange and no privacy possible again for such person.

I am not recommending the wallet, people should not use it. But just a question left, is it open source or close source, I did not see anything related to the wallet on GitHub, not to talk of checking the code, or am I missing something?
Jump to: