Veriphi Bitcoin startup analyzed cryptocurrency wallets, comparing them according to 48 criteria. Researchers rated services in the context of security, privacy and sovereignty. Find your wallet now!
related article: He was bullied at school but now lives a lavish lifestyle thanks to trading in Bitcoin and other cryptocurrency
Article translated by ForkLog Hub resident Tony ₿ from BITCOIN TRANSLATED with the support of the P2P exchange HodlHodl specifically for ForkLog.
related article: Australian investor bought a 2,800sqm property in Charleville with money he earned by innovative financial tool
In this study, we use a four-color gradation system:
- green (recommended);
- orange (pretty good);
- red (not recommended);
- black (stay away).
We rated the following types of wallets:
- Web wallets (most often private keys are stored on the side of the service provider);
- desktop wallets (most often private keys are stored on the user's side, but the probability of theft is high due to the low level of PC security);
- Mobile wallets (convenient to use, but with serious security risks).
This rating will be useful for:
- beginners who have not yet chosen a wallet;
- for existing users who can verify the reliability of service providers;
- people who are interested in the device of bitcoin in general.
We will briefly explain each of the analyzedcharacteristics. However, some functions are more significant than others. Before drawing conclusions, it is necessary to understand that usability and safety of funds are polar things. The user always compromises in favor of one thing.
Wallet comparison by ForkLog on Scribd
Connection to a full node
For transactions, the wallet must be connected to the Bitcoin network. Sooner or later, it interacts with a full node - it depends on the emphasis on convenience / security.
Full Node is software forBitcoin networks. By launching the node, you become an equal participant in the network and get significantly more control over the funds due to the high level of security and anonymity.
In the table we show which walletsprovide the ability to connect to your node. We consider these wallets more secure, since you are not required to use the service provider's node. A node that does not belong to you can store and analyze the history of your addresses.
Connect to backend server
If your wallet does not connect directly throughfull node, then this is an API wallet that needs a backend server to connect to the network. This is a must for all web wallets. This is usually a centralized server infrastructure that manages the interactions between its users and the bitcoin network.
Some API wallets reveal backend code. This allows users to launch their own versions, to anyone who wants to conduct an audit, and to strengthen their wallet reputation. Open source is a positive feature of software.
API wallets by default connect to the node of the service provider and fully open the user xpub (main public key) to automatically receive information and addresses of the wallet.
An API is a way of connecting a wallet to a server, so you can connect to your full node if the backend is open.
SPV (no backend)
SPV Wallets (Simple Payment Verification)Connect to random nodes and request information about user transactions, as well as about transactions in which the user is not involved. This makes the user less visible to the network, given that it is difficult to determine which transactions are associated with it.
This connection method is considered moreclosed, but it does not provide the benefits of anonymity available when starting a personal full node. Most SPV wallets use a Bloom Filters implementation that provides very low privacy.
Different wallets can be written inseveral programming languages, depending on the features and level of security that developers are focusing on. They mainly depend on the platform for which the wallet is developed.
Wallet backup is the most importantsecurity element. It can be implemented in several forms: a sequence of 12/24 words or an encrypted computer file. A backup copy allows you to restore funds in the event of loss or lack of access to the wallet.
Some wallets allow the userskip the backup step, but many make it a must. The latter is inconvenient for those who just want to test the interface, and the first is bad for security.
Multiple Signature Scheme Enhanceslevel of security, sharing access to the wallet. This function is very flexible: the user can determine the total number of signatures and the amount needed to access the funds.
The service provider acts as a co-sponsor
In a wallet with a joint signature function, a second party signature is required to confirm the transaction. This is tantamount to placing funds under a 2-of-2 contract.
This will provide protection against possible theft of the backup, but will require trust in the other party and lead to a loss of anonymity.
2FA is short for two-factor authentication. This method combines several methods to confirm the identity of the user.
Wallets use several generation methods.user private keys to ensure randomness and unpredictability of the process. The level of randomness (also called entropy) depends on the quality of the algorithms used.
An additional entropy option is an excellent security measure and allows the user to use their own source of randomness.
Custodial / non-custodial
The user's choice depends on his technicalskills and size of bitcoin capital. If the user independently stores the coins, then he uses the financial sovereignty of Bitcoin, however, he bears full responsibility for security (non-custodial).
The user can also delegate this responsibility to the wallet (custodial).
Mobile wallets use a PIN or biometric identifier, while desktop wallets use a password.
This function allows you to set an additional passphrase in case the backup is compromised.
Hardware Wallet Integration
Some software wallets allow integration with hardware - this allows you to use the interface of the first and rely on the security of the second.
Using standard interfaces, such as Ledger Live, the user transfers a significant portion of the financial information to Ledger.
The hardware wallet integration feature is highly recommended by Veriphi experts.
CoinJoin protocol allows you to mix transaction inputs of different users, providing increased anonymity.
Using TOR onion routing to interact with the Bitcoin network is desirable for maximum anonymity.
Choice of transaction fee
Some wallets allow the user to set a commission on their own. Thus, users control the speed of translation and its cost.
Some wallets may display the amount in Satoshi.
Others demonstrate the value of bitcoins in real time, but this requires communication with an external server, which implies trust in the service provider.
RBF (change in commission size)
RBF - replacing an existing transaction with a new onetransaction with increased commission. The new transaction will use the same inputs as the old one, and this will not be considered a double waste. Only one transaction will enter the blockchain (probably with a high commission).
Some wallets allow you to create multiple accounts, providing the flexibility to manage your bitcoins.
Individual coin control (Coin Control)
This feature allows you to manage customUTXO (unspent transaction outputs). Each coin has its own story. Exchanges often block those accounts that receive bitcoins previously recorded on darknet markets.
An e-mail wallet always requires a link to an external server. This harms anonymity.
Only a few wallets allow you to broadcast transactions created outside the service. So-called “raw” transactions are created in a low-level interface using the command line.
Signature Messages / Verification
This function allows the user to prove that he has a private key by signing the associated public key / address, thereby confirming ownership of the coins.
Bitcoin Test Network Support
Some wallets allow you to use the Bitcoin test network to familiarize yourself with various functions without the risk of losing funds.
Transaction grouping is a method thatallows you to combine multiple transactions. This method is used to better manage transaction costs. Grouped transactions take up less space in a block.
PSBT (partially signed transactions)
This feature allows wallets to exchange information about the transaction and the signatures necessary for its transmission. This is an extension of multi-signature capabilities.
Ability to exchange BTC for altcoins
Some wallets offer the ability to directly exchange bitcoins to altcoins.
PRIV (ability to import private keys)
This function allows you to import a private key created in another wallet.
Support for different types of addresses
- Bech32 is preferred.
- P2SH (payment for a Bitcoin script hash).
It is necessary to be careful about free versions, as they often offer their services in exchange for collecting user information.
Multi Coin Support
Multi-coin support makes wallet security more difficult. Veriphi recommends using wallets with Bitcoin support only.
Contact Support Method
There are several ways to contact forsolving user problems. Knowing that some wallets are based on open source software, some types of help come directly from the community.
Ability to buy and sell BTC
This function requires communication with a third party that exchanges bitcoins for fiat currencies. Almost all of these services require KYC (know your customer).
Terms and Conditions
When a wallet is a commercial service, its operator puts forward a number of requirements and assumes a number of obligations. The user must read such agreements before depositing funds.
Custom user interface
Some wallets offer the ability to change the user interface. For example, enable the night mode option.