Author

Topic: To Trustwallet users. Vulnerability. Repayment. (Read 382 times)

legendary
Activity: 2184
Merit: 1302
Bitcoin is not that way, and such people may feel reluctant about securing their coins because they believe it's safe regarding the fact it's saved on a blockchain.
Whilst their Bitcoin is stored in the Blockchain network, their seed phrase and keys to spend it is not, it has to be stored by them, and these are some of the basic things that a Bitcoin user should know, failure to know these and things go awry, definitely it is on them, and not because they find research hard to do.
So, what I'm driving at is that most people don't research because nobody, physically, discuss with them regarding bitcoin.
Nobody has to discuss it with you personally, most of us in Bitcointalk joined the forum because we were curious about Bitcoin, if someone wants to know more about Bitcoin before using it, they'll find their way into this forum and get some of the best knowledge. Mind you that this issue of research isn't only peculiar to Bitcoin, it is a rule of thumb that one should research before using something, you cannot be ill and just take any drug because no one has previously personally talked to you about your symptoms, you obviously go to a doctor who has done all the research about it in school.
hero member
Activity: 1316
Merit: 787
Rollbit - The #1 Solana Casino
The latest development of Trustwallet is heartbroken. For Binance CEO to repay/refund such big amount to the hack victims. Is it that their security firewall is weakened? How can hackers just penetrate an exchange website just like that. And the company knows that other people funds are inside. They would have used a strong defensive mechanism for this cyberattacks. In some ways I will not also blame the company security team. Because those hackers use different ways to attack sides like that.
I don't even want to take a risk with such an incident even though Trust Wallet will guarantee compensation for their users' losses.
When a wallet like Trust Wallet is associated with an exchange party, then it will not guarantee the security of each user's privacy.
It seems to me that a situation like what happened to Trust Wallet with their latest announcement is not going to increase their number of users.
Every wallet user wants the best for the storage of assets.
hero member
Activity: 1274
Merit: 561
Leading Crypto Sports Betting & Casino Platform
A week later after doing his research he came back to me and testified that he was wrong. I understand the feeling but what you know, others don't know a tip of it. That's why when they make these mistakes they tend to leave the market because it seems complex to them.
You can see the problem stems from lack of research right, and it is the fault of the users, is there anyone who doesn't secure their money in fiat, they either put it in the bank or in other places they consider secure, they also safeguard their sensitive banking information, thus for someone who wants to use Bitcoin, knowing fully when that it's also a currency (their own money for that matter), and can be stolen the very same way their fiat currency can, why won't that person do their due dilligence and do what's right. Nobody was born with Bitcoin knowledge, so i don't make excuses for people who want to use Bitcoin, but what to skip the part where they have to research about it.

That's a good side and I don't understand why users focus mainly on the few information they've harnessed about crypto, which is how to receive and send crypto, and neglect the most important duty; how to secure the crypto. In your view, since they can protect their MasterCard details from criminals, how then do they find it difficult to practice same measures on cryptocurrency. I'd blame it on companionship, aside research, the banking system is used by many people, I mean our neighbors, friends and family use banks. So, such measures keeps ringing into many people's memory as it's discussed around them by close friends. Bitcoin is not that way, and such people may feel reluctant about securing their coins because they believe it's safe regarding the fact it's saved on a blockchain. Hence, if that person, has a friend that talks to them about bitcoin they'll feel the need to do necessary adjustments. For instance,  in the case of my colleague, without our argument he wouldn't have done his research. He felt satisfied with the information he knew without researching, maybe he heard it from someone close to him, that was why he relaxed and even argued with me about that. So, what I'm driving at is that most people don't research because nobody, physically, discuss with them regarding bitcoin.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
"Best stocks to invest" and "cars and bids" are pretty much frequently searched.
Absolutely, but my point is you might Google "Which stock to buy" and then read a few articles about a bunch of different stocks. You don't just Google "stocks" and see $WTF pop up and immediately put all your money in to it.

But for some reason people Google "bitcoin wallet", click on the first thing they see, and end up with some trash like blockchain.com or Trust wallet, and do no further research until they run in to problems.
I have noticed this about Google search engine since long time ago and I know they will not disappoint to list bitcoin wallets that are not recommended along which can even be the first on the list.

Another thing I noticed about google are the suggestions they bring up, the title can be different while the answers in the suggestions are different. Example is if you ask about watermelon seeds, the suggestion can give you answer of a watermelon and labelling it as watermelon seeds.

As usual, google will not disappoint of wrong information, see what I searched just now.

I searched for best bitcoin wallet, see what I saw:

   

I searched for best bitcoin wallet, not most popular bitcoin wallet. Coinbase that was referred to is Coinbase.com which is a custodial wallet. Most of the wallets like Exodus, Trustwallet and Coinomi are close source. Is bitpay even a wallet? It is a payment processor. Metamask and Myetherwallet are not even bitcoin wallets.


See google suggestions below when I scroll down, just below that image that is above:



See another one:




I am tired of google suggestions, I have to stop it right now before the wrong information from google search engine will kill me. There are still many of them but I have to stop seeing rubbish.
legendary
Activity: 2268
Merit: 18748
"Best stocks to invest" and "cars and bids" are pretty much frequently searched.
Absolutely, but my point is you might Google "Which stock to buy" and then read a few articles about a bunch of different stocks. You don't just Google "stocks" and see $WTF pop up and immediately put all your money in to it.

But for some reason people Google "bitcoin wallet", click on the first thing they see, and end up with some trash like blockchain.com or Trust wallet, and do no further research until they run in to problems.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
You would not
And yet, people do google likewise. Maybe googling "bank account" is very uncommon, but that's because the banks give you everything necessary to access during registration. Googling cars and stocks randomly is common, according to Google Trends. "Best stocks to invest" and "cars and bids" are pretty much frequently searched.
legendary
Activity: 2268
Merit: 18748
You would not open a bank account by Googling "bank account" and clicking on a random result.
You would not buy a car by Googling "car for sale" and clicking on a random result.
You would not choose a stock or ETF to invest in by Googling "buy a stock" and clicking on a random result.

Why then would you pick a bitcoin wallet by Googling "bitcoin wallet" and clicking on a random result?

A simple search of this forum would quickly reveal many topics about Trust wallet where people point out it is closed source and a poor choice of wallet.

While Trust Wallet is not open source, it has an open-source component called "Wallet Core," which is used in the Trust Wallet Browser Extension.
Meaningless. You have no idea what is happening in the closed source portions of the code. Perhaps they are sending your seed phrase in plain text to Google, as other closed source wallets have done in the past.

Binance, in reality, has a dedicated team and resources committed to investigating and preventing fraud and security breaches.
So dedicated that Binance have been hacked multiple times and now Trust wallet has a critical vulnerability as well. Roll Eyes
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
What does laziness have to do with it?
It discourages you from doing research. You google "bitcoin wallet", bitcoin.com, Coinbase and blockchain.com show up, you don't take the time to even figure out how bitcoin works, and you use their closed-source, not private and neither secure wallet software. That can happen to someone who's lazy.

This does not mean that he is lazy, it means that to the best of his intellectual abilities, he decided that this is enough and there is no better result.
When you have absolutely no competence in the subject, it's utterly obtuse and arrogant to consider what's "enough".
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
Let's face the facts - do you see a lot of people here besides me who dig to the truth, while not being afraid to show that they didn't know something from the beginning?
Tough shit, but this is life. Being so arrogant and lazy that you think bad things won't happen to you due to Google throwing it to your face as "legit", without further research, is the recipe for disaster. If you don't know shit about cryptocurrencies, and you think you can overnight figure out what's the best software, then you're deeply ben.

What does laziness have to do with it? Anyone can rest on the result found - in our case, a wallet - and consider it satisfactory. This does not mean that he is lazy, it means that to the best of his intellectual abilities, he decided that this is enough and there is no better result.

Quote
For what disputes are you talking about?

Disputes about the wallet of course.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Let's face the facts - do you see a lot of people here besides me who dig to the truth, while not being afraid to show that they didn't know something from the beginning?
Tough shit, but this is life. Being so arrogant and lazy that you think bad things won't happen to you due to Google throwing it to your face as "legit", without further research, is the recipe for disaster. If you don't know shit about cryptocurrencies, and you think you can overnight figure out what's the best software, then you're deeply benighted.

The forum is behind this and is needed to carry the truth in disputes.
For what disputes are you talking about?

They can afford to do similar for Trust wallet security problems.
I don't understand the slightest how you can trust them for such compensation. Say you lost $100B worth of bitcoin, due to an exploit found in Trust wallet. How do you expect them to pay you back if they don't own that much in the first place? Your coins don't touch their wallet, supposedly.
member
Activity: 966
Merit: 25
Ton Together | Save Smart & Win Big
Hey guys! I just wanted to remind you all that security breaches are unfortunately all too common in the crypto world and can happen to anyone. Stay vigilant and make sure to take all necessary precautions to protect your assets. When it comes to keeping your crypto safe, you can never be too careful. That's why it is preferable to choose a secure wallet that is open-source, non-custodial and free from the internet (maybe hardware is the best one). But, talking about TrustWallet, I think it's good that they have backup plans in place. Trust Wallet is a non-custodial mobile wallet for cryptocurrencies that allows users to store their own private keys and has no access to users' funds. While Trust Wallet is not open source, it has an open-source component called "Wallet Core," which is used in the Trust Wallet Browser Extension.

Although it is not ideal to place our cash in an un-open-source wallet, if we have to, it is necessary to evaluate the company's reputation and history. One of the top cryptocurrency exchanges in the world with a long history of putting security and consumer protection first is the owner of Trust Wallet. Binance, in reality, has a dedicated team and resources committed to investigating and preventing fraud and security breaches. Binance's commitment to client protection and brand trust played a significant role in their response to the Trust Wallet security incident. It's reassuring to work with well-established organizations that have a solid reputation for security and client safety because they're more likely to have procedures in place to deal with unanticipated situations.
full member
Activity: 504
Merit: 144
The latest development of Trustwallet is heartbroken.
What are problems with their wallet development?

Quote
For Binance CEO to repay/refund such big amount to the hack victims. Is it that their security firewall is weakened? How can hackers just penetrate an exchange website just like that. And the company knows that other people funds are inside. They would have used a strong defensive mechanism for this cyberattacks. In some ways I will not also blame the company security team. Because those hackers use different ways to attack sides like that.
If Binance could afford to pay compensation for their past hack in 2019 when they were smaller than now. They can afford to do similar for Trust wallet security problems.

They run Binance Hacker Bounty that is $250,000 equivalent to chase hackers.
hero member
Activity: 700
Merit: 577
Hire Bitcointalk Camp. Manager @ r7promotions.com
The latest development of Trustwallet is heartbroken. For Binance CEO to repay/refund such big amount to the hack victims. Is it that their security firewall is weakened? How can hackers just penetrate an exchange website just like that. And the company knows that other people funds are inside. They would have used a strong defensive mechanism for this cyberattacks. In some ways I will not also blame the company security team. Because those hackers use different ways to attack sides like that.
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
Everything is so obvious to you because you are Legendary - you have been in the world of cryptocurrencies for a long time, and are active in them.  And I think you already know without me how rarely people really deeply understand the issue . Even I, Hiro, am just now starting to draw the right conclusions. The powerful advertising campaign of this wallet makes you believe in its security. Which is in fact questionable, or rather it is absent compared to, for example, Electrum.
I understand what you mean that information is easy to Google. But the fact is that you need to find arguments that will make you doubt. I did it - but how many people won't stop to say: Trust wallet prety well I will use only it.
It is not about forum rank, there are quite a lot of people who aren't registered users on Bitcointalk forum, but they know the right thing to do, that's because these people have done their own due dilligence, i don't think there is an excuse for not doing doing your research. Your crypto funds is your money, so just the way you safeguard your fiat currency is the same way you should do to your crypto.

Having said that, part of the reasons why people do not care about getting the right information is because they came into the network to become rich quick, thus their only goal and focus is how high their funds can pump and not how safe their funds is in the wallet they put it. If one actually believes in Bitcoin and in what it offers, the'll study about it, and they'll make their way to forums such as this one to discuss with individuals of like-minds and in the process exchange knowledge.

Everything is so obvious to you because you are Legendary
If you look in my past self, at around 2020, you will notice that these things weren't as obvious as they are today, but I did use common sense. My first wallet to use was Bitcoin Core. My second was Electrum. And in fact, I was even lenient with security and verified the signature. I have never used a closed-source wallet, and haven't lost a single satoshi. Why? Because I had taken the time to read Internet boards, and even ask some questions myself.

The most obvious thing to do if you acknowledge unawareness of the subject, is to seek for help.

I'm not saying that there are no such people, I'm saying that they are a minority. Let's face the facts - do you see a lot of people here besides me who dig to the truth, while not being afraid to show that they didn't know something from the beginning?
The forum is behind this and is needed to carry the truth in disputes. If this happens, everything works correctly, the forum lives.

I hope that now as many people as possible will read this topic and think about what is written here and above.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Everything is so obvious to you because you are Legendary
If you look in my past self, at around 2020, you will notice that these things weren't as obvious as they are today, but I did use common sense. My first wallet to use was Bitcoin Core. My second was Electrum. And in fact, I was even lenient with security and verified the signature. I have never used a closed-source wallet, and haven't lost a single satoshi. Why? Because I had taken the time to read Internet boards, and even ask some questions myself.

The most obvious thing to do if you acknowledge unawareness of the subject, is to seek for help.
legendary
Activity: 2184
Merit: 1302
Everything is so obvious to you because you are Legendary - you have been in the world of cryptocurrencies for a long time, and are active in them.  And I think you already know without me how rarely people really deeply understand the issue . Even I, Hiro, am just now starting to draw the right conclusions. The powerful advertising campaign of this wallet makes you believe in its security. Which is in fact questionable, or rather it is absent compared to, for example, Electrum.
I understand what you mean that information is easy to Google. But the fact is that you need to find arguments that will make you doubt. I did it - but how many people won't stop to say: Trust wallet prety well I will use only it.
It is not about forum rank, there are quite a lot of people who aren't registered users on Bitcointalk forum, but they know the right thing to do, that's because these people have done their own due dilligence, i don't think there is an excuse for not doing doing your research. Your crypto funds is your money, so just the way you safeguard your fiat currency is the same way you should do to your crypto.

Having said that, part of the reasons why people do not care about getting the right information is because they came into the network to become rich quick, thus their only goal and focus is how high their funds can pump and not how safe their funds is in the wallet they put it. If one actually believes in Bitcoin and in what it offers, the'll study about it, and they'll make their way to forums such as this one to discuss with individuals of like-minds and in the process exchange knowledge.
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
That's exactly why (unfortunately) cryptocurrencies are not widely distributed: in order to simply save bitcoin, you need to be able to dig for information at the expert level. To know what a github is, how to view a commit and draw conclusions about the relevance of the repository for your bitcoins. Is an ordinary ordinary person going to be able to figure it out?
You don't need to be an expert. You just need to use common sense. Software which is not maintained likewise, is portrayed as one of the worst choices in wallet reviewing sites, and is quickly revealed to being prone to vulnerabilities, should not be used.

If you're going to put your money where your mouth is, at least take the time to study where you're putting it. Bitcoin.org is one of the best sources to start, and fortunately, is the first result when you google "bitcoin".

Everything is so obvious to you because you are Legendary - you have been in the world of cryptocurrencies for a long time, and are active in them.  And I think you already know without me how rarely people really deeply understand the issue . Even I, Hiro, am just now starting to draw the right conclusions. The powerful advertising campaign of this wallet makes you believe in its security. Which is in fact questionable, or rather it is absent compared to, for example, Electrum.
I understand what you mean that information is easy to Google. But the fact is that you need to find arguments that will make you doubt. I did it - but how many people won't stop to say: Trust wallet prety well I will use only it.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
That's exactly why (unfortunately) cryptocurrencies are not widely distributed: in order to simply save bitcoin, you need to be able to dig for information at the expert level. To know what a github is, how to view a commit and draw conclusions about the relevance of the repository for your bitcoins. Is an ordinary ordinary person going to be able to figure it out?
You don't need to be an expert. You just need to use common sense. Software which is not maintained likewise, is portrayed as one of the worst choices in wallet reviewing sites, and is quickly revealed to being prone to vulnerabilities, should not be used.

If you're going to put your money where your mouth is, at least take the time to study where you're putting it. Bitcoin.org is one of the best sources to start, and fortunately, is the first result when you google "bitcoin".
legendary
Activity: 3136
Merit: 1172
Leading Crypto Sports Betting & Casino Platform

If you use Trustwallet browser extension between November 14 and 23, 2022, you need to read this:

https://community.trustwallet.com/t/wasm-vulnerability-incident-update-and-recommended-actions/750786


If you have not been affected, send your coins to another address, I will suggest you to use an open source wallet instead of Trustwallet or other close source wallets.

Just for double confirmation, only the trust wallet browser extension is affected and those users who are using the trust wallet app in their phone are not affected due to this vulnerability ? I am not saying that the Trust wallet app is safe, but i think it is just the extension in this particular case, otherwise it would have created panic among the people as mostly use the app.

No it isn't. Trust Wallet is closed source, and ran by a company (Binance) which makes money from gathering data on its users and selling that data to blockchain analysis. It is one of the worst possible wallets you can use.

Ever since theymos mentioned the "Unstoppable wallet" in Reminder: do not keep your money in online accounts, i have shifted majority my altcoins from trust wallet to Unstoppable wallet. I hope it is 100% safe now Huh
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
I see that iOS version really has a open code

https://github.com/TrustWallet/trust-wallet-ios
Last commit December 10, 2018.

Software which is almost 5 years out of date is meaningless. Trust wallet is closed source.

Therefore, we can understand how the wallet works.
Which is absolutely irrelevant. If there is no up to date source code then you have no idea what the wallet is actually doing, what bugs exist, what vulnerabilities could be exploited, or what malicious code might be there.

So tell which one is better, but not a Ledger and Trezor.
Hardware - Passport
Software - Electrum or Sparrow

That's exactly why (unfortunately) cryptocurrencies are not widely distributed: in order to simply save bitcoin, you need to be able to dig for information at the expert level. To know what a github is, how to view a commit and draw conclusions about the relevance of the repository for your bitcoins. Is an ordinary ordinary person going to be able to figure it out? But this is the storage of Money, which is difficult to earn, and easy to settle because of scammers in the world of cryptocurrencies.
legendary
Activity: 2268
Merit: 18748
I see that iOS version really has a open code

https://github.com/TrustWallet/trust-wallet-ios
Last commit December 10, 2018.

Software which is almost 5 years out of date is meaningless. Trust wallet is closed source.

Therefore, we can understand how the wallet works.
Which is absolutely irrelevant. If there is no up to date source code then you have no idea what the wallet is actually doing, what bugs exist, what vulnerabilities could be exploited, or what malicious code might be there.

So tell which one is better, but not a Ledger and Trezor.
Hardware - Passport
Software - Electrum or Sparrow
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
But in Trust Wallet code it is open.
No it isn't. Trust Wallet is closed source, and ran by a company (Binance) which makes money from gathering data on its users and selling that data to blockchain analysis. It is one of the worst possible wallets you can use.


I see that iOS version really has a open code

https://github.com/TrustWallet/trust-wallet-ios

Therefore, we can understand how the wallet works. As for. Android copies, that is, information that it was deleted due to the fact that fake versions of the application appeared on Google Play. Although the reason seems far-fetched to me. Also, the information about the audit also confuses me.

Quote
It is one of the worst possible wallets you can use.
So tell which one is better, but not a Ledger and Trezor.
hero member
Activity: 686
Merit: 403
DGbet.fun - Crypto Sportsbook
Stop talking about this already, this hack happens because it's a browser extension, I have always warned people about browser extensions, they are more vulnerable to attacks than main crypto wallet.

And since the Trust wallet team is aware of this, they take responsibility and reimburse all those affected, this is another reason why I like everything about Binance, reputation means a lot to them.

It's true that hot wallets are the safer option but I will still keep using trust wallet as my main hot wallet, anytime any day, I still don't see a better hot wallet than trust wallet.
legendary
Activity: 2268
Merit: 18748
But in Trust Wallet code it is open.
No it isn't. Trust Wallet is closed source, and ran by a company (Binance) which makes money from gathering data on its users and selling that data to blockchain analysis. It is one of the worst possible wallets you can use.

Are they blatantly lying to us?
Yes. This really shouldn't be a surprise to anyone given that CZ is quite happy to lie about literally anything in order to promote Binance and make more profit.

See my previous post that un_rank linked to above. You can also see the Wallet Scrutiny report here: https://walletscrutiny.com/android/com.wallet.crypto.trustapp/. "No source for current release found".
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
People should understand one thing, that Trustwallet is a close source wallet. People should avoid bitcoin close source wallets when there are many bitcoin open source wallets.

This once again shows that Trust Wallet is the number one wallet.
What kind of number one wallet? The hacker reviewed itself to Binance and Binance has to compensate him for that. But the hacker would be the one that stole the coins and caused the hack. Binance did not talk about that but you people are thinking Binance did something good when the money stolen would have been given back to Binance by the hacker.
hero member
Activity: 644
Merit: 661
- Jay -
I do not know on what basis you made such a conclusion, but the official Trust Wallet website states that "Trust Wallet is a community driven, open-source, multi coin crypto wallet" - https://trustwallet.com/developer/ Are they blatantly lying to us?
Yes they are blatantly lying to us.
They themselves announced that they would be moving to closed source development in early 2018[1] and have since done that as can be seen on their Github repositories. Links to the Github are in a reply made by o_e_l_e_o here[2].

Maybe they lie hoping no one would actually verify if they are open source and just take their word for it. This would improve reliance on their wallet and eliminate any form of doubt. A dubious marketing strategy.

[1] https://trustwallet.medium.com/why-open-sourcing-android-app-could-be-a-harm-to-the-crypto-community-fb3ae1707dc6
[2] https://bitcointalksearch.org/topic/m.61049268

- Jay -
hero member
Activity: 910
Merit: 507
Trust Wallet to reimburse users after $170,000 security incident: https://cointelegraph.com/news/trust-wallet-to-reimburse-users-after-170-000-security-incident

Quote
“We want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users [to] move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible."
Trust wallet has done really well. It has proved to haters of decentralization that there are reputable wallets that will take responsibility for their actions or inactions. Reimbursing these losses will boast the confidence of its users and attract more clients to use the wallet. They must increase their security because they might not be able to repay their clients if the loss is a huge amount. I think it is important to study more about exchanges before selecting because lack of knowledge could be disastrous.
That is what you get when you used a wallet that have centralized relation under licence and insurance, good to hear that trust wallet return users money after the hack as. As a result of their vulnerability, trust Wallet is reputable enough and has some traction of success and wider public adoption this incident has shown the team the lip hole that needs to be worked on in the wallet, and this incident may negatively affect their public trust.


Just like FTX refunding their customer or can only serve as a Relief but it will not change the distrust users already have with them, the vulnerability with trust wallet has been around for awhile and there has not been any tangible development toward tracking and eliminating those bugs for years now.
legendary
Activity: 2604
Merit: 2353
They is a saying that; “what you don't know is bigger than you". We all know about hardware wallets and different kinds or types of wallets; cold and hot wallets etc and because we know these things we assume that the millions of people into the cryptocurrency market are aware of them too. I've had an argumet with a close business partner and he meant it eye ball to eye ball that blockchain.info is the best wallet and even the only wallet in the cryptocurrency market. And he draws the line because the name began with blockchain. I had to explain to him that they're other wallets like Electrum which are better than what he thinks is the best. A week later after doing his research he came back to me and testified that he was wrong. I understand the feeling but what you know, others don't know a tip of it. That's why when they make these mistakes they tend to leave the market because it seems complex to them.
It's a nice story but unfortunately Electrum only supports one cryptocurrency currently : Bitcoin, and they don't seem to be ready to add any other cryptos for now, so it can't replace multi-coins wallets like the one of your business partner or Trust Wallet. Today, if you want to avoid leaving your crypto assets on platforms you need to have a multi-currency wallet. Unfortunately only few of those available are really reliable and trustworthy.


I do not know on what basis you made such a conclusion, but the official Trust Wallet website states that "Trust Wallet is a community driven, open-source, multi coin crypto wallet" - https://trustwallet.com/developer/ Are they blatantly lying to us?
It's not fully open source even if important parts of the code are publicly available. But if you can't build yourself the app from the code you can't be sure which code is actually used inside of the wallet you have downloaded.
hero member
Activity: 952
Merit: 552


If Trustwallet had been publicly available as open source software, a developer or an engineer with a good reputation could have detected the bug and reported it to the community promptly. I also use this wallet, but I have learned a lot from the mistake that many people have made by using it. This vulnerability has damaged the reputation of Trustwallet, and it may no longer be a trustworthy wallet to many people, they cannot afford to wait for another hacking incident to occur before their wallets are drained of funds, the next one can be a repeat of the similar attack or an inside job, it's difficult to trust people when it comes to money. Embarrassed
hero member
Activity: 1498
Merit: 785
The fact that Trust Wallet guarantees compensation for losses that arose as a result of hacking due to vulnerability is a positive signal for the entire cryptocurrency market. Thus, Trust Wallet is trying to preserve its community, which would inevitably decrease if there was no declaration on compensation for damage.
I think compensation is a good step for now from the Trust Wallet team, we has seen some exchanges and projects with similar situations and they did nothing of such.
If there is compensation, it means there is insurance applied by Trustwallet so that when there is a vulnerability attack that causes their funds to be lost, compensation will be given, so indeed it is a good step that Trustwallet has taken to guarantee all users with their assets.

There may be other reasons for exchanges or other projects to fail to compensate and this is usually where they lose the community a lot because they lose their responsibilities.

But it’s beyond compensation and it sounds dramatic to say trust wallet has lost some people’s trust in it, the crypto-currency space is constantly getting attacks so it’s best to save your own funds in your wallet.
I don't think it's too big a loss for Trustwallet considering it's a big project, so they are willing to compensate to maintain trust in the community and it's not going to be dramatic because they always act quickly.

If there is a loophole then it's an opportunity for hackers to look for it, if you want to be more secure then a hardware wallet is the best way to store your coins.
hero member
Activity: 1666
Merit: 709
Playbet.io - Crypto Casino and Sportsbook
The fact that Trust Wallet guarantees compensation for losses that arose as a result of hacking due to vulnerability is a positive signal for the entire cryptocurrency market. Thus, Trust Wallet is trying to preserve its community, which would inevitably decrease if there was no declaration on compensation for damage.
I think compensation is a good step for now from the Trust Wallet team, we has seen some exchanges and projects with similar situations and they did nothing of such.

But it’s beyond compensation and it sounds dramatic to say trust wallet has lost some people’s trust in it, the crypto-currency space is constantly getting attacks so it’s best to save your own funds in your wallet.
legendary
Activity: 2184
Merit: 1302
A week later after doing his research he came back to me and testified that he was wrong. I understand the feeling but what you know, others don't know a tip of it. That's why when they make these mistakes they tend to leave the market because it seems complex to them.
You can see the problem stems from lack of research right, and it is the fault of the users, is there anyone who doesn't secure their money in fiat, they either put it in the bank or in other places they consider secure, they also safeguard their sensitive banking information, thus for someone who wants to use Bitcoin, knowing fully when that it's also a currency (their own money for that matter), and can be stolen the very same way their fiat currency can, why won't that person do their due dilligence and do what's right. Nobody was born with Bitcoin knowledge, so i don't make excuses for people who want to use Bitcoin, but what to skip the part where they have to research about it.
hero member
Activity: 686
Merit: 987
Give all before death
Trust Wallet to reimburse users after $170,000 security incident: https://cointelegraph.com/news/trust-wallet-to-reimburse-users-after-170-000-security-incident

Quote
“We want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users [to] move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible."
Trust wallet has done really well. It has proved to haters of decentralization that there are reputable wallets that will take responsibility for their actions or inactions. Reimbursing these losses will boast the confidence of its users and attract more clients to use the wallet. They must increase their security because they might not be able to repay their clients if the loss is a huge amount. I think it is important to study more about exchanges before selecting because lack of knowledge could be disastrous.
hero member
Activity: 1274
Merit: 561
Leading Crypto Sports Betting & Casino Platform
I've also realized that users prefer storing money on exchanges because they feel most wallets are not secure too. And some wouldn't want to make use of hardware wallet for different reasons as lossing their keys or the hardware.
Isn't it quite comical to you that someone would be uncomfortable using a hardware wallet and an open source software wallet, but would be comfortable with storing their funds in exchanges, well i am not surprised, everyone wants to buy and hodl Bitcoin, but only a handful want to do their due dilligence to know the dos and don'ts.

They is a saying that; “what you don't know is bigger than you". We all know about hardware wallets and different kinds or types of wallets; cold and hot wallets etc and because we know these things we assume that the millions of people into the cryptocurrency market are aware of them too. I've had an argumet with a close business partner and he meant it eye ball to eye ball that blockchain.info is the best wallet and even the only wallet in the cryptocurrency market. And he draws the line because the name began with blockchain. I had to explain to him that they're other wallets like Electrum which are better than what he thinks is the best. A week later after doing his research he came back to me and testified that he was wrong. I understand the feeling but what you know, others don't know a tip of it. That's why when they make these mistakes they tend to leave the market because it seems complex to them.
legendary
Activity: 2268
Merit: 1655
To the Moon
Its community should indeed decrease and not exactly for the reason you sighted but cause it is closed source and its users cannot verify what is contained in their code or their mode of generating addresses. ..

I do not know on what basis you made such a conclusion, but the official Trust Wallet website states that "Trust Wallet is a community driven, open-source, multi coin crypto wallet" - https://trustwallet.com/developer/ Are they blatantly lying to us?
sr. member
Activity: 378
Merit: 258
Lohamor Family
Trust wallet has done great for them to take the responsibility of their users funds that was stolen due to the vulnerability in their system. This shows that they really care about their users and also want to build a good reputation. In my own opinion,it is better to switch a a decentralized wallet that you are in charge of your funds because if you have a proper back of your seed phrase and can keep your wallet safe,there will be nothing to worry about. Bitcoin was created to be used and store in a decentralized way,so let's not use it the other way round.
hero member
Activity: 1470
Merit: 790
ARTS & Crypto
If you use Trustwallet browser extension between November 14 and 23, 2022, you need to read this:

https://community.trustwallet.com/t/wasm-vulnerability-incident-update-and-recommended-actions/750786

Quote
In November 2022, a security researcher reported a WebAssembly (WASM) vulnerability in our open-source library, Wallet Core, through our bug bounty program. Our Trust Wallet Browser Extension uses WASM in Wallet Core, and new wallet addresses generated between November 14 and 23, 2022 by Browser Extension contain this vulnerability. We quickly patched the vulnerability, and all addresses created after those dates are safe.

Despite our best efforts, we proactively detected two potential exploits, resulting in a total loss of approximately $170,000 USD at the time of the attack. As a commitment to transparency and user protection, we want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible.

If you have not been affected, send your coins to another address, I will suggest you to use an open source wallet instead of Trustwallet or other close source wallets.

If you are affected, continue reading the link to know what to do: https://community.trustwallet.com/t/wasm-vulnerability-incident-update-and-recommended-actions/750786


Trust Wallet to reimburse users after $170,000 security incident: https://cointelegraph.com/news/trust-wallet-to-reimburse-users-after-170-000-security-incident

Quote
“We want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users [to] move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible."

This once again shows that Trust Wallet is the number one wallet. My personal experience: I have already encountered the vulnerability of a Bitcoin wallet - something about $ 600 was stolen from me with Jaxx. 
At that time, I didn't know that he was a scam. After that, I began to closely study all the wallets on which I was going to store money. So: I recently installed Exodus, on the advice of a beautiful UI and reliability.
But when I began to study it, I realized that the source code was CLOSED. But in Trust Wallet code it is open. It's not just like that, only a good wallet can trust itself with an open code for users. So I switched to the Trust Wallet.
legendary
Activity: 2184
Merit: 1302
I've also realized that users prefer storing money on exchanges because they feel most wallets are not secure too. And some wouldn't want to make use of hardware wallet for different reasons as lossing their keys or the hardware.
Isn't it quite comical to you that someone would be uncomfortable using a hardware wallet and an open source software wallet, but would be comfortable with storing their funds in exchanges, well i am not surprised, everyone wants to buy and hodl Bitcoin, but only a handful want to do their due dilligence to know the dos and don'ts. Of course there are unsafe wallets, and ironically Trust wallet might be one of them because it is closed source, and if you are scared you'd lose your keys if you have it, be rest assured that a centralized can also lose it, and anytime they control the keys to your funds, the funds isn't yours.
hero member
Activity: 644
Merit: 661
- Jay -
Thus, Trust Wallet is trying to preserve its community, which would inevitably decrease if there was no declaration on compensation for damage.
Its community should indeed decrease and not exactly for the reason you sighted but cause it is closed source and its users cannot verify what is contained in their code or their mode of generating addresses.
Needing to guarantee compensation could be cause they bear responsibility for losses of assets or private information submitted, which would not happen if it were a decentralized platform.

- Jay -
hero member
Activity: 1274
Merit: 561
Leading Crypto Sports Betting & Casino Platform
Trust wallet assures their users about securing their funds all the time, since they've failed this time, it's an obligation to reimburse all the affected people, to avoid the escalation of the wallet's vulnerability, it will affect their PR. Though trust wallet isn't a wallet to store a whooping amount of assets, people find it user friendly that's the reason I can see why lots of people recommended that wallet. I've also realized that users prefer storing money on exchanges because they feel most wallets are not secure too. And some wouldn't want to make use of hardware wallet for different reasons as lossing their keys or the hardware. To use cryptocurrency we must all be careful. Trust wallet has maintained the trust in the Brand's name on this issue.
legendary
Activity: 2268
Merit: 1379
Fully Regulated Crypto Casino
The fact that Trust Wallet guarantees compensation for losses that arose as a result of hacking due to vulnerability is a positive signal for the entire cryptocurrency market. Thus, Trust Wallet is trying to preserve its community, which would inevitably decrease if there was no declaration on compensation for damage.
Being a project owned or co owned by CZ, I think they dont want to taint their reputations so conpensations for the damage is something really expected of them. But good thing that they have done this, since community is important after all.

But on the other thought they should have been careful and added more ways yo secure their product or services.
legendary
Activity: 2268
Merit: 1655
To the Moon
The fact that Trust Wallet guarantees compensation for losses that arose as a result of hacking due to vulnerability is a positive signal for the entire cryptocurrency market. Thus, Trust Wallet is trying to preserve its community, which would inevitably decrease if there was no declaration on compensation for damage.
legendary
Activity: 1064
Merit: 1298
Lightning network is good with small amount of BTC
People should understand one thing, that Trustwallet is a close source wallet. People should avoid bitcoin close source wallets when there are many bitcoin open source wallets.

This once again shows that Trust Wallet is the number one wallet.
What kind of number one wallet? The hacker reviewed itself to Binance and Binance has to compensate him for that. But the hacker would be the one that stole the coins and caused the hack. Binance did not talk about that but you people are thinking Binance did something good when the money stolen would have been given back to Binance by the hacker.



If you use Trustwallet browser extension between November 14 and 23, 2022, you need to read this:

https://community.trustwallet.com/t/wasm-vulnerability-incident-update-and-recommended-actions/750786

Quote
In November 2022, a security researcher reported a WebAssembly (WASM) vulnerability in our open-source library, Wallet Core, through our bug bounty program. Our Trust Wallet Browser Extension uses WASM in Wallet Core, and new wallet addresses generated between November 14 and 23, 2022 by Browser Extension contain this vulnerability. We quickly patched the vulnerability, and all addresses created after those dates are safe.

Despite our best efforts, we proactively detected two potential exploits, resulting in a total loss of approximately $170,000 USD at the time of the attack. As a commitment to transparency and user protection, we want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible.

If you have not been affected, send your coins to another address, I will suggest you to use an open source wallet instead of Trustwallet or other close source wallets.

If you are affected, continue reading the link to know what to do: https://community.trustwallet.com/t/wasm-vulnerability-incident-update-and-recommended-actions/750786


Trust Wallet to reimburse users after $170,000 security incident: https://cointelegraph.com/news/trust-wallet-to-reimburse-users-after-170-000-security-incident

Quote
“We want to assure users that we will reimburse eligible losses from hacks due to the vulnerability and have created a reimbursement process for the affected users. And we urged affected users [to] move the remaining ~$88,000 USD balance on all the vulnerable addresses as soon as possible."
Jump to: