Some thoughts about wallets. Random thoughts from Dave.

[o_e_l_e_o]

Do you trust it more or less then say Mycelium?

Probably less.

For starters, an exchange is almost certainly going to release a custodial web wallet as opposed to a non-custodial wallet, so it's an immediately fail for me on that front.

However, assuming we are talking about it releasing a non-custodial wallet similar to Mycelium or Electrum, my answer is still probably less, for the exact reasons you have stated in your previous post. Release a genuine wallet, have the auditors examine it and state that it's all clear, become evil, keep updating as normal for a while, maybe have a second all clear audit performed to build even more trust, release a malicious update, steal coins.

I appreciate the above is also possible if you auto-update open source wallets without checking the code first, but at least with open source, checking the code is possible.

You should teach everyone. Please open a new topic about your method, and which services you use. I believe avoiding KYC has become its own art form. Hahaha.

I'll consider that sometime, but there's no big secret to it. There are more and more on ramps for fiat now than ever before - P2P trading locally, P2P on this forum, decentralized exchanges (I generally use BISQ), ATMs, and so forth. I have little interest in most altcoins, but the couple that I do buy, again I simply trade peer-to-peer. There are also plenty of centralized exchanges such as Binance which will let you trade altcoins without KYC.

[BrewMaster]

Release a genuine wallet, have the auditors examine it and state that it's all clear, become evil, keep updating as normal for a while, maybe have a second all clear audit performed to build even more trust, release a malicious update, steal coins.

it is worth keeping in mind that risks aren't just about security and having your coins stolen. the bigger risks is usr privacy being invaded. a closed source wallet may not be stealing your coins but it can easily gather all kinds of information from your wallet and sell that!
for example Windows is closed source and Microsoft is not stealing your money but it is obviously gathering a lot of information by invading your privacy and abusing that.

[Pmalek]

let me add an additional thought. when it comes to wallets and being open source i have seen some beginners think that just having a github link means they are open source. but unfortunately it is becoming a common scam method where the hacker releases the compiled malicious wallet on github and tries fooling beginners into thinking it is safe.

It is not about if a wallet is open source and on GitHub, it is about how long they have been there, how many issues and fixes have their been and how many people have had a chance to inspect the code. I would never download a piece of software just because it is open source but it got released 2 days ago. 

[o_e_l_e_o]

it is about how long they have been there, how many issues and fixes have their been and how many people have had a chance to inspect the code.

But all that becomes irrelevant whenever an update is published. Taking the example that I discussed in a previous post, the Copay wallet is open source and has been on GitHub for 5 years. It has 75 contributors and over 16 thousands commits. Even then, malicious code managed to be introduced without people noticing for a short period of time.

I would never download a piece of software just because it is open source but it got released 2 days ago.

Precisely, but you need to apply that same logic to all updates of existing software, and not just new software. Open source is only good if you ensure the code you are downloading matches the code that is published, and the code that is published is thoroughly vetted prior to you downloading it. Allowing automatic updates of anything that is pushed defeats the whole point.

[Wind_FURY]

You should teach everyone. Please open a new topic about your method, and which services you use. I believe avoiding KYC has become its own art form. Hahaha.

I'll consider that sometime, but there's no big secret to it. There are more and more on ramps for fiat now than ever before - P2P trading locally, P2P on this forum, decentralized exchanges (I generally use BISQ), ATMs, and so forth. I have little interest in most altcoins, but the couple that I do buy, again I simply trade peer-to-peer. There are also plenty of centralized exchanges such as Binance which will let you trade altcoins without KYC.

Don't trust Binance. They can do shotgun-KYC, and hold your withdrawal anytime they want.

I want to see your guide for P2P trading plus BISQ done efficiently.

[Pmalek]

Don't trust Binance. They can do shotgun-KYC, and hold your withdrawal anytime they want.

You can withdraw up to 2 BTC each day from Binance without verifying your identity. Have their been incidents where they have help user funds without reasonable grounds? They are on top of my list and I don't think they would damage their reputation just like that.

[DireWolfM14]

I'm not saying leave real amounts of BTC there.

Although I agree with your argument, the critical and most important thing to note is that we're talking about mobile wallets, which are only as secure as your ability to prevent your phone from being lost, stolen, or unlocked.  Any mobile wallet should be considered the same as having cash in your pocket.  If you can't afford to lose your leather wallet and $20 cash, don't have more than $20 worth of BTC in your mobile wallet.

[pooya87]

Don't trust Binance. They can do shotgun-KYC, and hold your withdrawal anytime they want.

You can withdraw up to 2 BTC each day from Binance without verifying your identity.

that's the problem with centralized exchanges, they can do whatever they want. of course when they "promise" not to ask for KYC for below 2 BTC they stick to that promise most of the times but there are always cases where they simply break that promise!
for instance Bittrex which was  the number one exchange before Binance was promising not to want KYC at all for old accounts and not change that rule. then overnight they changed that rule and blocked all accounts that hadn't completed KYC verification and also banned half a dozen countries from accessing their website and stole the balance of every user from those countries.

[DaveF]

I'm not saying leave real amounts of BTC there.

Although I agree with your argument, the critical and most important thing to note is that we're talking about mobile wallets, which are only as secure as your ability to prevent your phone from being lost, stolen, or unlocked.  Any mobile wallet should be considered the same as having cash in your pocket. If you can't afford to lose your leather wallet and $20 cash, don't have more than $20 worth of BTC in your mobile wallet.

Taking that to the next step. Should be, any "hot wallet" that is not securely encrypted with a very safe encrypted backup.

It's nice that I have a PC in my house with a full node on it that has BTC on it.
It's secure in the fact that it's an Intel NUC ( https://www.intel.com/content/www/us/en/products/boards-kits/nuc/mini-pcs/nuc7i3bnhxf.html ) that unless you know where it is even if you rob the place you are probably not going to find it.
It's secure in the fact that it has a somewhat complex password on it that with current computing power and BTC price it's going to cost more to crack it then it's worth.
I have a backup of the wallet.dat file in a secure location with some other documents and recovery stuff.

But to say it's REALLY secure is a stretch. It's secure enough that if it does get stolen I am out more for the cost of the unit and the drive then the BTC I have on it if they do manage to actually crack the password before I get to the secure location and move it.

If my leather wallet with $20 get's stolen then I am out the cost of the wallet and the $20

If my phone get's stolen then I am out the cost of the phone.
Because I have the recovery words someplace safe and..the phone is pin / fingerprint protected and the wallets are both password / fingerprint protected and I can remote wipe the phone.

The security of the phone and PC are both moot however, if we go back to the original thought of what happens if the wallet software itself is compromised.

So multiple layers people. Hardware signing only for wallets with large amounts, cold properly created offline wallets for storage and hope that the hot wallets we use day to day with non critical amounts are properly written.

-Dave