Author

Topic: Trust Wallet - is it secure? (Read 228 times)

legendary
Activity: 2730
Merit: 7065
March 16, 2021, 05:47:10 AM
#16
Yes, that's correct. You'll get the same addresses as long as you're using the same derivation path when restoring the wallet.
A custom derivation path is what creates issues with certain wallets like Abra. There was a thread from a few months ago that discussed this issue. Abra claims to be a non-custodial wallet and even though it is (apparently), it uses custom derivation paths for each of their users. If you were to attempt to restore an Abra-native seed in another wallet using the standard derivation paths, you would never re-create the same addresses. Without the exact derivation path, you are just creating a wrong set of addresses.   
sr. member
Activity: 1232
Merit: 379
March 16, 2021, 05:10:56 AM
#15
Do I get it right that any wallet that bases itself on mnemonic phrase (12 words) can be imported to any other wallet which also supports mnemonic phrase?

For example, I create a wallet on Trust Wallet. Then I get Exodus, put my mnemonic phrase from Trust Wallet to Exodus and I get the same addresses and private keys for every single coin and token on both Trust and Exodus? For instance KAVA and ENJIN would both have the same receiving addresses and private keys on Trust and Exodus and Coinomi and every other BIP39 wallet if I use the same mnemonic?
Yes, in one way, you are right, importing your mnemonic seed phrase from trust wallet to other BIP39 supported wallets will reflect your coins and same address except for web wallet like blockchain.com,
Mind you, importing mnemonic seed phrase from electrum wallet to trust wallet would be invalid and impossible since they use different format to the normal BIP39 protocol.
legendary
Activity: 2702
Merit: 4002
March 14, 2021, 05:08:17 AM
#14
Hi there,

Anyone here using Trust Wallet? On the website it says it's a decentralized and fully open source wallet (I have not checked the code) where individual has a full control over their assets. But the problem is it does not allow to export (or even view) private keys, so how safe and secure this wallet actually is?
What is the benefit of obtaining the private key? If you intend to export to another wallet, you will increase the possibility of losing your coins.
Most wallets allow you to obtain a backup copy (wallet seed) through which you will be able to recover your coins.

Generally, it is difficult to find a multi-currency open source wallet, so if you want to keep large amounts, it is better to download several open source wallets.
hero member
Activity: 2520
Merit: 952
March 13, 2021, 10:29:15 PM
#13
Anyone here using Trust Wallet? On the website it says it's a decentralized and fully open source wallet (I have not checked the code) where individual has a full control over their assets. But the problem is it does not allow to export (or even view) private keys, so how safe and secure this wallet actually is?

I would not trust or use Trust wallet and I would switch to some open source alternative wallets like Electrum for Bitcoin, but if you want to have support for multiple coins you can do that with Trezor hardware wallet, because there is no open source software wallet doing that.

You can export and see your recovery phrase that you can use to recover your funds in any other wallet following this steps:
- Open your Trust Wallet
- Click on Settings
- Click on Wallets
- Click on the 3 dots

You can also follow the guide to backup your recovery phrase or private key:
https://community.trustwallet.com/t/backup-your-recovery-phrase-or-private-key/81996

or use this video instructions:
https://www.youtube.com/watch?v=YQaMYZhsq6g


If you gonna extract the pvk from wallet that you don't deem secure then it defeats the purpose of security. Better just make 'new wallet' in whichever wallet you deem secure and transfer funds there manually.
staff
Activity: 3500
Merit: 6152
March 13, 2021, 09:33:19 AM
#12
Do I get it right that any wallet that bases itself on mnemonic phrase (12 words) can be imported to any other wallet which also supports mnemonic phrase?

For example, I create a wallet on Trust Wallet. Then I get Exodus, put my mnemonic phrase from Trust Wallet to Exodus and I get the same addresses and private keys for every single coin and token on both Trust and Exodus? For instance KAVA and ENJIN would both have the same receiving addresses and private keys on Trust and Exodus and Coinomi and every other BIP39 wallet if I use the same mnemonic?

Yes, that's correct. You'll get the same addresses as long as you're using the same derivation path when restoring the wallet.

And no, I wouldn't necessarily say they're lying because they used to be fully open source at some point, and still are ... sort of, since they're probably using the wallet core library that I linked above.
full member
Activity: 248
Merit: 112
Time is money so I went and bought a Rolex
March 13, 2021, 09:04:46 AM
#11
The wallet itself is no longer open source. The source code got archived and hasn't been updated for a very long time.
Does it mean that the creators behind it are lying?

https://trustwallet.com/developer/#:~:text=Trust%20Wallet%20is%20a%20community,the%20low%2Dlevel%20implementation%20details.

I use it as one of my wallets for alts. I'd say it is good enough but I don't feel confident if I need to store a large amount of money in it. I'd rather use it to trade or do some activities like claiming airdrop and then move the balance to my main wallet.

which wallet do you recommend as main wallet then?
hero member
Activity: 2800
Merit: 595
https://www.betcoin.ag
March 13, 2021, 07:13:54 AM
#10


You don't have the private key to the wallets created inside trustwallet.

But its almost like a hybrid wallet that you can connect your wallet to the DEX. But like they said its not opensource as it's owned by Binance.  Some users don't trust binance since the time they manipulate the Steem. Now they are starting over again of the staking coins in trust wallet.  Its good if you just store a small number of coins there. I have mine where I just use to buy BNB.
legendary
Activity: 1624
Merit: 2481
March 13, 2021, 06:58:56 AM
#9
This wallet might or might not be as secure as any other random closed-source wallet.

If you want to use a secure mobile wallet without verifying its source code, choose a reputable open-source wallet which has been examined by others.
Depending on your exact use case, there is most probably a better wallet available for you. Especially in regards to privacy and security.

However, since mobile wallets are meant to store only a small amount of coins (i.e. what you would carry with you in your pocket in cash), most wallets should be fine for that purpose.
If you like any specific feature of it (or simply just the UI), nothing speaks against using it for small amounts you'd also carry with you in cash. The risk is not too high here.

For larger amounts, that obviously is not the case and you definitely shouldn't use such a wallet in that case.
legendary
Activity: 2212
Merit: 7064
March 13, 2021, 04:39:49 AM
#8
Anyone here using Trust Wallet? On the website it says it's a decentralized and fully open source wallet (I have not checked the code) where individual has a full control over their assets. But the problem is it does not allow to export (or even view) private keys, so how safe and secure this wallet actually is?

I would not trust or use Trust wallet and I would switch to some open source alternative wallets like Electrum for Bitcoin, but if you want to have support for multiple coins you can do that with Trezor hardware wallet, because there is no open source software wallet doing that.

You can export and see your recovery phrase that you can use to recover your funds in any other wallet following this steps:
- Open your Trust Wallet
- Click on Settings
- Click on Wallets
- Click on the 3 dots

You can also follow the guide to backup your recovery phrase or private key:
https://community.trustwallet.com/t/backup-your-recovery-phrase-or-private-key/81996

or use this video instructions:
https://www.youtube.com/watch?v=YQaMYZhsq6g
hero member
Activity: 2520
Merit: 783
March 13, 2021, 04:24:28 AM
#7
Hi there,

Anyone here using Trust Wallet? On the website it says it's a decentralized and fully open source wallet (I have not checked the code) where individual has a full control over their assets. But the problem is it does not allow to export (or even view) private keys, so how safe and secure this wallet actually is?

Trust wallet is non-custodial wallet and that means you are the only one who can access your wallet by using your very own passphrase so make sure you save it on safe area so that once you lost your phone or uninstall the app you can still recover your wallet.

Also they don't save your details so there's nothing to worry about.



legendary
Activity: 2730
Merit: 7065
March 13, 2021, 03:39:05 AM
#6
What device are you planning to install the wallet on, and are you looking for a Bitcoin-only or a multi-coin software wallet? Depending on if you use an Android or iOS operating system, we might recommend better alternatives. Trust Wallet allows you to exchange different coins from within the app and you can purchase bitcoin with a credit card. If these features aren't that interesting to you, you might want to check out Mycelium or the Samourai wallet for its privacy features.   
sr. member
Activity: 1297
Merit: 294
''Vincit qui se vincit''
March 13, 2021, 02:58:48 AM
#5
Yes! They do not store or record your private keys or phrases. Like Imtoken and Metamask.

Also there are other features that you can use while using Trustwallet, like directly exchange your tokens or connecting to other Dapps.
legendary
Activity: 2170
Merit: 1789
March 13, 2021, 02:46:40 AM
#4
I use it as one of my wallets for alts. I'd say it is good enough but I don't feel confident if I need to store a large amount of money in it. I'd rather use it to trade or do some activities like claiming airdrop and then move the balance to my main wallet.

staff
Activity: 3500
Merit: 6152
March 13, 2021, 02:00:58 AM
#3
The wallet itself is no longer open source. The source code got archived and hasn't been updated for a very long time[1]. Now, you've only got the Trust wallet core library[2].

As stated above, the wallet uses BIP39 so you can always restore your wallet in Exodus, Coinomi, MetaMask, etc, or use https://iancoleman.io/bip39/ if you want to view the private keys (and that's valid for all the blockchains that the wallet supports).

[1] https://github.com/trustwallet/trust-wallet-android-source
[2] https://github.com/trustwallet/wallet-core
legendary
Activity: 2758
Merit: 6830
March 13, 2021, 01:45:21 AM
#2
I believe you can see and restore the wallet somewhere else with your recovery phrase (a.k.a backup seed).

They are also owned by Binance, so I would say it's pretty safe compared to other unknown random wallets.
full member
Activity: 248
Merit: 112
Time is money so I went and bought a Rolex
March 13, 2021, 01:20:21 AM
#1
Hi there,

Anyone here using Trust Wallet? On the website it says it's a decentralized and fully open source wallet (I have not checked the code) where individual has a full control over their assets. But the problem is it does not allow to export (or even view) private keys, so how safe and secure this wallet actually is?
Jump to: