Topic: Hardware wallet vs software wallet for daily transaction (Read 820 times)

For me at least, if you're offering wallet software the primary goal should be trust, as well as transparency. So, it should be open source. Although, for me I don't want to be pushed into a certain exchange or service, even if the exchange is like universally accepted as the greatest thing on the earth, I don't want to be pressured into it or only offered that option. By all means, link to documentation from multiple sources on what makes a exchange good, but definitely don't push a certain exchange. That's not because of the reasons you've mentioned above (those too), but the fact that we should be pushing for decentralisation, and therefore shouldn't be recommending a singular service.

I don't think you're being too paranoid. Safepal, and therefore Binance aren't exactly covering themselves in glory here. Although, unfortunately this is how they make money, and I suspect far more exchanges, and wallet software is indeed doing exactly the same.

My advice is to use a hot wallet for your daily expenses and keep huge sums into hardware wallets.

One more that is not mentioned is that safepal wallet and their app are sponsored and supported by Binance, and some people would say that is great news, but let's think about it.
Binance is recently kissing regulator asses much more than ever before, and it's safe to assume they are recording and reporting all addresses and transactions from safepal wallet.
They could in theory even stop or block access to safepal app and you won't be able to use wallet anymore if they connect you with any blacklisted or ''tainted'' addresses.
I would not trust seed phrase generated by safepal and I would send all coins to other wallet asap, but I could just be little paranoid about this.

I've never used Safepal, but from what I can find, it uses uses a mnemonic seed phrase. That's your fail safe
To be absolutely sure it can be recovered, I'd use Ian Coleman's Mnemonic site (offline, airgapped and running from RAM with the curtains closed) to check I can recover the same address before funding it. I never found any inconsistencies this way, which to me confirms my paranoid checks work

Which, is conveniently not mentioned in that image, and that is something I would consider a deal breaker, no matter what ever other benefits it has. It encourages centralisation first, and no wallet that you use should be limiting you to what services you can use. There's just no fail safe.

Wallets should always allow multiple ways to access, and manage your Bitcoin. Otherwise, leave them be. Although, we already have enough wallet software which is very much capable of the above, and we don't need all these new comers which try to convince others they're better. The current options in my opinion are perfect. Open source, have decent security implementations, and aren't pushing some sort of service or agenda on you.

Follow the same logic and safety precautions as you would on a computer. Don't visit bogus and unknown websites, don't open attachments and emails from strangers, and don't download and install non-essential software and games just to try them out or for fun. Use common sense, be smart about what you are doing, and you will be safe.

One big issue on iOS is that you can't have reproducible builds, because what is downloadable from the AppStore is actually compiled by Apple servers. I would still stick to something open-source non-custodial which supports connecting to my own node through Tor.

There is not, however unless you've jailbroken your device and don't hand your phone to strangers, border patrol guards etc. all the time, you are relatively safe. It's crucial that you run the latest version at all times, though. That's pretty much the best you can do. You could also jailbreak and install some random virus scanner app, but in my opinion it makes more sense to keep the device up to date and guard it from physical attacks.

What would be the best software wallet for the iphone if you want to use it for daily transactions?


is there a way to know your iphone is safe from any malware or virus first before you even create a wallet on your iphone?

It's obviously bias review, and funny thing to me was assumption that safepal has some professional anti-attack level.
Sure they have bigger IPS screen but I have seen many reports from people who claims it breaks much easier than on ledger or trezor.
How about the fact that you can't use safepal with any third party wallet, so you are stuck only with their app.

As soon as I check out such a device and I see it's closed source, that's game over for me. It boggles my mind how a 'cypherpunk product' can be completely closed source and people still buy it. Like, for what you know, you could be completely deanonymized by the hardware, firmware and host software (especially if it's a phone app) easily without noticing. They could also transmit your seed phrase or xpub to themselves through these unauditable encrypted QR codes to further deanonymize and even steal from you (the latter wouldn't be a very smart business decision though).

Now that I think about it, encrypted QR codes are probably the fishiest thing of them all about this wallet. I suppose that forces you to use their software (which knows how to decrypt them), while at the same time not allowing you to verify for instance with a phone app, that the QR code is a raw PSBT without anything else in it.

Not to mention that the image also seems a marketing ploy. I'm not sure where the image has come from exactly, and who's behind it. However, using the green coloured font, to try, and push it being better in almost every way, is a little suspect. Especially, considering the things they've already been caught for.

If you do want a hardware wallet, you want to be using a company with integrity, and for me SafePal aren't that, and pretty much any other alternative out of the big three would be better solely based on that.

Price is now more expensive for Safepal than image is showing, and I don't consider it safe at all, you can't even verify what is hidden in those encrypted QR codes they generate.
Not to mention how they stole GPL open source code and made it proprietary, and later they got busted by Kraken team long time, but they are simply ignoring this.
You can read Kraken report here and Safepal reply in this post, and my point is that Safepal has some serious security flaws and there is a reason why they are the cheapest wallet you can find.

nankers isn't very good with English and maybe he wasn't talking about scanning QR codes. Maybe he wanted to say that you need to check and physically confirm the transaction details on your hardware wallet. The screen will show you the destination address, the fees, and the amount being sent.  

That's no longer good enough. There was a post here a few months ago about someone experimenting with clipboard hijackers for hardware wallets. I can't find it now though. Your generated address would be replaced with one that is made up of the same characters with only a few changes. Checking more than just a sequence of 3-4 characters is recommended. 

No, this is not safe, scanning QR codes for every transaction might sometimes lead you to a scam, there are too many reports about this, scammers tricking the QR codes since codes are almost similar and design and no one will notice if you will send your Bitcoin to the scammer address.  Manual input is still good because you can manually check like checking the Bitcoin address last 3 digits and the first 3 digits.

Trezor, SafePal S1, and Ledger Nano S are the most secure wallet and I tend to agree with this.  Both have a security feature and both also have pros and cons which do you prefer to use and the cheapest among them all is the SafePal wallet.

I saw a comparison of these 3 wallets that you may look at it too.

source.

IMO, if you don't have a budget to buy a hardware wallet, still good to use an open-source software wallet, as long as your device is safe and make it sure didn't have a malware infection.

I still recommend using a hardwallet for a secure choice which is more secure than a software wallet
why ?
on the hardwallet the wallet owner must scan the wallet for each transaction, otherwise the transaction will not be fulfilled
Besides that, using a hardwallet can be said to be one of the answers to what you are worried about if using a software wallet there are often scam tokens and what's worse, even loss of assets.
and here is one hardwallet that I have now is the safepal hardwallet, I prefer the safepal hardwallet because in addition to the many global wallets such as the multi-wallet that is in the trust wallet, it is a distinctive feature of the safepal hardwallet itself
especially the various kinds of hardwallets that are now available
so the conclusion is
hardwallet has a secured level which is more secure than software wallet which is prone to theft of assets.

True, mainly pointed out that fact for others that might not have the same mentality. I'm not against hot wallets at all, and I imagine quite a lot of people use something similar to this. I'm just hoping that they understand the risks of using it with a large amount of Bitcoin or anything that they deem more than they can afford to lose. I'm not automatically saying phones are insecure either, largely depends on how they're used.

I believe that legal issues can be a big hurdle. Depending on legislation, selling a car for BTC (then selling BTC for $ to keep the store running) could in the worst case make you legally an exchange, requiring you to collect KYC / AML data for instance.
In other cases, it could be seen as a simple trade of goods.
In the best case, such as in countries which accept Bitcoin as legal tender, it would be handled as a normal sale and you would probably then also pay tax on that sale in BTC.

In an older thread of mine I ended up collecting laws on how Bitcoin is seen in different countries, which could give clues where it is easier and where it's harder to really sell goods for BTC. Maybe there's something interesting to find there.

Absolutely. But I'm fully aware of the significant risks in using a hot wallet, and I am accepting of those risks for the small amount of bitcoin I store in my mobile wallet for the convenience of having those coins readily available to spend at all times when I'm shopping, traveling, etc. If my phone gets stolen and I lose my coins, I'll be far more bummed out about the cost of a new phone than about the small amount of bitcoin I had on it.

P2P as you say. I've also bought some electronics on a couple of occasions for more bitcoin than I would store in a mobile wallet. If I wouldn't carry that amount in cash, then I'm not storing it on a mobile wallet.

I think hardware wallets will always be more widely used among holders with deeper pockets no matter how widespread Bitcoin and crypto becomes. If we suppose that a good device costs around $200, it's not going to attract everyone. If you made a poll amongst bounty hunters in the altcoin section, for example, and asked them if they use hardware wallets to store their bounty tokens, the majority would probably say no. Their tokens aren't worth anything. Ask those interested in Bitcoin who are in good-paying signature campaigns and the answers are completely different.

That reminded me of a thread I started on that subject some time ago about car dealerships that accept crypto. You can check it out if you want > Cars That Can Be Purchased with Bitcoin

While I agree with you, there's been signs already of car dealers accepting BTC as a payment[1][2] - heck if this website is correct, there's even a small business in Italy that accepts it[3]! The adoption - in the wider sense of the world - is still miles ahead, but at least there are some stores that are taking baby steps in this field. I wonder what would be the first major car dealer to adopt it?
I think that your opinion can be applied in the broader sense - if we tend to wear attire / personal objects that directly state how "wealth" we are, then for sure we'll attract ill intended attentions in the long run (and even worse depending on the countries you're in). Like everything, one should think very carefully as to which kind of information it's transmitted to the outside world by means of one own lifestyle. A very basic example, and it isn't something that "valuable" - I've got a couple of friends that were robbed in Brazil for simply using their smartphone during their walks within the cities they were in (I can't remember which one was it atm). The robbers saw them and simply went up to them, in broad daylight, and took their smartphones away... And we're talking about just smartphones! Imagine what would be if a more "lavish" object was being used?

---

[1]https://spendbitcoins.com/places/c/car-dealers/
[2]https://www.autocoincars.com/
[3]https://www.autofesio.com/