Topic: How can your funds be safe???????????????????????????? (Read 315 times)

Not all software you install and use is spyware... not all the data that you generate and store on your computer is automatically sent back to "Big Brother"...

Granted, there have been "malware versions" of popular wallet software that do exactly what you're talking about... they impersonate legitimate software and are designed by the thieves to steal your private keys or your seed or just automatically transfer all your BTC out to their addresses.

However, all the reputable wallets like Electrum and Bitcoin Core etc... are well known, open-source and provide digital signatures for the application executables/installers or digitally signed SHA256 checksums of the same. This allows the user to verify they have a legitimate copy of the application and because of the open-source nature of these applications, it's possible for users to review the code and make sure nothing nefarious is happening in the background.

That's not the case for legitimate and reputable Bitcoin wallets. Yes the wallet and seed phrase generation happens with their own application but it doesn't necessarily mean they also know the seed phrase you have been given since this day will almost certainly be encrypted in a one way direction where you only know the exact order and words given to you as a seed phrase. It's like how you create a password for an account, they don't know what your password really is but what they know is the data being translated by that password and it may be a long string of random letters and numbers which even them don't know the possible combinations for it. It is the same way how your seed phrase is something that you will only know.

The seed generation process and transaction signing can all be done offline. You don't need internet connection for that. That is how cold storage options work. You can try it for yourself. Download Electrum, disconnect your internet cable or turn off WIFI, open the app, and you will see that you can set up a new wallet and generate a seed without being connected to the Internet.

If you feat that Electrum and other wallets keep copies of the seeds they hand over to their users, you can be rest assured that such a malpractice would have been discovered by now. Electrum is completely open-source and everyone (including you and me) can download and inspect the entire codebase to see what is happening. 

The randomness required from the seed phrase is generated on the computer itself. Although the seed phrase is shown in the app, the seed phrase should, at no point in time, be transmitted out of your computer. Wallet providers DO NOT generate your seeds, the seed is generated on the computer and in the application itself.

They can't see the seed phrase unless you give permissions to record your screen at the time of installation, and it is encrypted I said so it is not also possible for them to reverse it.

Anyone can provide better technical explanation to this noob?!

But that doesn't make any sense, the seed phrase are shown on their application so they should be able to see my seed phrase and use it to recover and access to my funds right? How come these wallet providers don't know my seed phrase when they are the one giving it to me?

 

Nope, they are not creating the private keys for you atleast they don't know it since the private keys are random words generated at the time of address creation and you only know this even wallet developer can't find the private key because it is not possible to reverse anything due to the encryption code.

Almost answered above and I tend to agree with them.  At this moment we can trust Binance since they are a reputable exchange and the world's largest crypto trading exchange platform.  But it doesn't mean you totally safe on the exchange platform that you've, even though they offer a SAFU service for their customer, it's will remain vulnerable to hack and might result in shutting down the site.

The old saying of a wise Bitcoin Hodler, "Not your key, Not your coin", choose a Hardware or open-source wallets that you can trust to store your Bitcoin.  No, not on the exchange either on the custodial wallet that didn't allow you to hold your private key.

Here's my point, Binance is an exchange and it isn't good to store your Bitcoin there and leave for a long term.

Here's the difference:

- On one hand you have websites, accessible through a browser, made by companies that create the addresses for you and keep the private key, all of which you can access from a username and password. Exchanges and online wallets fall into this category. Now you know these aren't safe because the site can get hacked and their coins robbed, and they can chose not to reimburse their customers. Or someone can steal the username and password from your computer and pretend to be you!

- On the other hand you have wallet software built by a bunch of people that you install as an application on your computer and you don't need a browser to use it, and works even if WiFi and the Ethernet cable are plugged out. In other words it's an offline wallet. They don't require internet connectivity except to update the software. Naturally, these wallets are safer to use since there is no online service to hack. However, the wallet file/seed phrase/private keys can be stolen from your computer if you are not careful.

Note: If your wallet software running on your PC needs an internet connection to open it, then it is not an offline wallet, it is an online wallet and falls into the first category. In particular, Trust Wallet is an online wallet and not an offline wallet because it allows you to:


Which is only possible if an online service has your private keys. You should look into using the Electrum or Bitcoin Wallet for Android apps for a real offline wallet (assuming your phone runs Android).

There are lots of explanations about this and the important thing is if you are going to hold them for a long period of time you should use a wallet that you can able to recover anytime.
Holding them on exchanges is not the best practice they always suggest that you must use a wallet where you can have a backup seed or a private key.

The reason is if the exchanges got hacked the same as what happened in the past like on MT.gox you won't be able to recover your all holding or coins that you trade from that exchange.
That's why it's always safe if you keep coins in your wallet where you've full control of your seed.

The other thing is you can able to use the seed backup to any wallet that you want. Sample if you use a wallet which is no longer has an update or totally dead wallet you can able to use the seed backup to use another wallet sample Electrum you can import the seed backup to recover your wallet.

That's the purpose of having a backup seed and actually, non-custodial wallets don't know about our passwords or seed that generated from their wallet. It's not the same as exchanges that they have their own database for our accounts and passwords.

Exchanges are often hacked
If you use exchange, you are not having the full control of your bitcoin, the exchanges have the full control so far they have the private key
For privacy, noncustodial wallet, but also open source recommendable
With noncustodial wallet, you have the private key, no one to unlock the bitcoin for you on blockchain, but you alone.

For exchanges, the exchanges are in control of the seed phrase and private key, but on noncustodial wallets, you are in control of your seed phrase and private key.

I do not know, but they do not need your password to send your coins, the password is for user's to access the coins the user's is having on the exchange platform, but the exchange can still override it and make it useless and have access to your coins without need for anything because they have the private key, they have the full control.

On noncustodial, you have the private key and the seed phrase, I am not sure of trust wallet as it is close source wallet, but on open source wallet, nobody but only you will have and know the private key and the seed phrase.

They shouldn't. Wallets are not supposed to transmit the seeds to any external servers. The entropy for the seeds should be generated on the computer, then no one else should be able to access your seeds.

I'm sorry I'm just got into crypto world for less than 1 week, I just open an account on Trust Wallet to receive my BTC from Binance because people told me not to store my coins on exchange.

I don't understand how this is safer than storing my bitcoins on Binance??? Because when you create a wallet on Trust Wallet, they give you seed phrase for you to write down and remember right? So they are in control of seed phrase? That means they are in control of your private key too?  Basically when they give passwords, aren't they supposed to know the passwords too? And they can steal your coins anytime.

So how is this different than storing my funds on exchange??? Because every company are in control of your private key, Yoroi, Exodus, Trust Wallet and the lists go on.

I don't understand any of this??? Can anyone explain this to me?

Thank you in advance.