Topic: walletscrutiny: the majority of "wallets" are either custodial or closed source (Read 1664 times)

Either I missed this earlier or I just forgot to comment.

It's more likely also about cost. Apple wants $99 a YEAR + a cut of the sales at a minimum to keep your app in their store. And getting the account setup is a lot more work. Google wants a $25 fee once and a lot smaller cut of the sales if they even take a cut. So for smaller / hobby projects it just might be that. Also, in poorer parts of the world Android phones due to their lower cost tend to be more popular.

And Android has a much larger market share as in 70% vs 28%

https://www.bankmycell.com/blog/android-vs-apple-market-share/

So a higher cost for less then 1/2 the userbase.
Oh, and IMO writing for IOS is a bigger pain then Android, but YMMV on that depending on what you know and how good a programmer you are.

-Dave

I do agree; I'm also totally fine with them showing which mobile wallets are reproducible, as they definitely have their place and use case.
WalletScrutiny themselves write in their FAQ that reproducibility and open-source is only one part of the puzzle.

It's just that having Square as a sponsor raises slight concerns e.g. whether Bitkey code will be checked more frequently than other wallets, or maybe even promoted on the front page; just some things that could happen and make the site less objective. But it's all hypothetical.

Let's hope that they just put the money to good use and continue doing a great job.

In theory that is not what they are looking for.
Is it open source and is it reproducible. Beyond that, I see it as 'out of scope' as to tell people good idea / bad idea to use it.

Not to go to far OT, but it's also amounts stored. A hot wallet on a phone with under $100 in it for me becomes more about convenience then anything else.
Long term larger amount cold storage is a different story.
If you don't care about the privacy hit and a few other things, if Bitkey works for someone in their use case then they should use it.
Knowing the code is good is all that should matter to them, not having our or anyone else's opinion about if it is a privacy nightmare should matter.

---

I still think having a place like walletscrutiny is good, but as I ranted a page or 2 ago in this thread is the simple fact that being able to reprodue builds is just one piece of the puzzle. There are a lot more places for compromise then just can I duplicate it.

-Dave

Yeah this could be problematic, thanks for noticing this connection n0nce.
This probably means that Bitkey/Square/Block wallet will be reproducible and supported, but let's wait and see what happens after they release it.
I would like to hear what Walletscrutiny has to say about this, unless they changed ownership in this process.

That does seem like an odd design choice, but the last tested version is given, which is what ultimately counts.

I personally prefer the old design, but I am glad to hear that they found some sponsors. This is a highly important project that needs to stay alive!
It seems to me like 'the sponsors' is just Spiral BTC, aka. Square? ^[1] The Bitkey / Square / Block ^[2] hardware wallet device guys?
I hope this won't have any negative effects (bias) on WalletScrutiny..


[1] https://spiral.xyz/blog/we-were-square-crypto-now-were-spiral/
[2] https://bitcointalksearch.org/topic/m.62555325

Agreed, new website really does look slick.

Suprised to not see a direct date indicating when the wallet was tested.
Under Application build you can see "xy time ago" notice, though, and they also show previous test dates on the bottom of each wallet's page (Previous application build tests).

I see there was a cool new re-design and new logo for WalletScrutiny website, they now have a dog like logo and new sponsors.
This looks much better than older version, it feels faster and it's easier to find what you are looking for, maybe because they hired a dog this time


https://walletscrutiny.com/

PS
If guys from WalletScrutiny are reading this, can you tell us when was the last time you checked CoolWallet Pro SE and other open source hardware wallets?

Thanks for the link, I didn't even know they were underfunded since June!

I'm happy to see that they got enough donations to continue; I wore an avatar that I made to promote their service in the hope to give them visibility and donations for a few months actually.

If anyone's interested in it, I can send a link to it later.

Good to see them coming back!
Many reviews are really outdated and I was starting to think they totally retired, but I understand why they did it.
It takes a lot of time to review wallets and monitor changes all the time, it's not simple task that is done once and than forgotten.

The fact that there are 4x the number of Android wallets than iOS wallets indicate that a large percentage of them are either counterfeits or outright malicious apps. Same for the App Store, but at a smaller scale. So I wouldn't include all those apps as legitimate wallets if I were you.

Make some leeway and put the headcount at about 70% of them being malicious, and then we'd be at a more accurate count.

It's an old post but I just wanted to point that out. Also you left out desktop wallets.

https://twitter.com/WalletScrutiny/status/1587545123067498497?cxt=HHwWgsC81Zr4i4gsAAAA

Thanks for continuing this project.

It doesn't end with that as well. WalletScrutiny is currently running a donation campaign.

>> Bare URL = https://walletscrutiny.com/donate

There are:

- 2790 in Cryptocurrency apps in Google Play
- 651 in the Apple Store
- 288 hardware wallets
- 44 bearer tokens
Roughly 3,770 ways, to HODL.

Proceeds go to manpower.

WalletScrutiny provides a great service for those who aren't technical and self custody is on the rise. Also, delete coinbase

There is only one wallet so far that donates to WalletScrutiny and that is Unstoppable. We made that transparent.

We are considering to add affiliate links wherever applicable - hardware wallets mostly - but it's problematic as it might color our judgement. Regarding the importance of hardware wallets as a whole for example. Not all agree that they are beneficial to users' security and prefer commodity hardware, preferably from before 2009.


Smoke and mirrors. The upside of keeping the keys around for a rainy day is gigantic and as any magician can explain to you, it's trivial to convince people there was no rabbit in the hat until you pulled it out. No matter how complex the ceremony of key generation, the designer can make sure to keep a copy.

I agree with you, but without a considerable public uproar (for example, at random internet company A selling your personal data to 3rd parties), it's quite difficult to get people to listen to review bodies for processes and methods, because it usually interferes with their budgets and cash flow, unfortunately.


... But I will say that if you're in the business of selling very valueable physical coins to people, you'd be quite mad to *not* have such a precautionary setup. Even better would be to have two geogeaphically distant locations where a "split-key" is generated at each of them and then combined at a 3rd location for final processing. This prevents any one person from knowing the exact PK.

Few people would consent to such an added expense of buildings, though.

This could turn into a dangerous thing because there is always a chance that the centralized "committee" could get corrupted very easily. We saw this in other centralized authorities when money was involved for example the ICO benchmarks that all ended up advertising the biggest scams that paid them the most amount of money.

Since it would be centralized, they could be pressured by the government too. Lets say there is a privacy wallet implementing CoinJoin without the shadiness that Wasabi has. The government could force this "committee" to remove it from their list or give it a negative rate.

Good luck collecting donations, and I am hoping this won't mean that you will close one eye if let's say ColdCard, Trezor or someone else donates to you for good code review of their wallet
I know it's a lot of work tracking all those wallets, so I would suggest that you keep everything related with donations public as much as possible.
It's in the best interest of both users and wallet creators that something independent like Walletscrutiny exist.

The issue is with the funding. You cannot possibly get enough funding to fund such an organization. The security professionals, or really any developers don't have that much time or money to audit codes all the time. The current system as it stands doesn't really have much problem; you have contributors auditing and several with commit access to push the changes. Wallets are generally not advertised because they rely on donations, except those that run some sort of services. If all the wallets were to come under the purview of some organization, then you would find tons of bureaucratic red-tape surrounding it. I'm sure most would rather not have this sort of stuff.

Code-signing doesn't do anything but provide a false sense of security. There has been instances where certs were stolen and used to sign fake versions of certain wallets (Electrum) for example. Making them untrustworthy based on this alone sounds quite unfair. Anyways, isn't Electrum code-signed?

IMO, it still goes back to what I have been saying. Code is only part of the battle. The procedures and processes are the other part. Everyone looking at the code today does not matter if one person with the ability to sign it goes evil tomorrow.

In addition to the code review an audit of the process and procedures done to run everything is also needed.

Kind of like a conversation I had with someone making collectable coins that had pre-generated private keys:

Them: "All keys are generated from a secure offline computer"

Me: "So it's BIOS password protected, boots from a read only device like a DVD that you verify the checksum on every boot, and nobody else has access to the room where it is, and you you verify the printer that it prints to has not been modified tampered with, and the cables are good and you are sure they have not been compromised by anything like this: https://hak5.org/products/omg-adapter

Me some more: And you have custom made holograms so if someone else gets a hold of the coin they just can't peel copy and stick on another hologram that looks the same?

Them: No, are you paranoid or just an ass?

Me: Both....

---

At a guess, I have no proof but it just looks like it from what I see here. Bad wallets, that were not deliberately malware / stealing from the start, have caused such a small percentage of loss vs user error, malware in general. I could be wrong but it really seems like although this is a good battle, there are bigger more important ones out there.

-Dave

Bump, with a radical security idea. There is no point in using a wallet if you can't feel secure updating it, as you will then be exposed to security vulnerabilities.



Specifically so that wallets can't say exaggerations like this, a wallet security commitee needs to be formed.

Its members should include contributors to various open-source wallets, as well as security professionals working for the big wallet companies.

Their sole function would be to review the source code of every wallet (an audit) and then assign it a rating like A+, A, etc. It would also give out 0 ratings to wallets which aren't code-signed (not a problem as you can buy these from second-hand TLS sites for $60/year). In my opinion, all wallets should be code-signed by a reputable CA (even Electrum, eventually).

The rating would be the only benchmark you are allowed to advertise in your wallet.

It worked with UL Benchmarks I don't see why it wouldnt work wih code & software.

That's not going to help someone against a rouge wallet.