Bitcoin Forum
December 12, 2019, 05:19:12 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: Which is best Bitcoin wallet? Other than hardware  (Read 346 times)
Lucius
Legendary
*
Offline Offline

Activity: 1624
Merit: 1413


Fortis Fortuna Adiuvat


View Profile WWW
May 16, 2019, 09:47:39 AM
 #21

coinfunda, since you ask for long term holding this should mean that you have or want to buy some bitcoin and forget on it for few years. I am not sure why the hardware wallet is not option, but I guess it is because of price. Although the prices have dropped fairly in comparison to a year ago or two, for some users even $50 is still too expensive. But if you invest a few hundred dollars in BTC, investment of $50 in security should not be a problem.

If you still want some solution for free, any desktop wallet will serve the purpose, you only need to pay attention what you downloading and from where. Most wallets are safe, but problems is in users who not use them in the correct way.

1576127952
Hero Member
*
Offline Offline

Posts: 1576127952

View Profile Personal Message (Offline)

Ignore
1576127952
Reply with quote  #2

1576127952
Report to moderator
1576127952
Hero Member
*
Offline Offline

Posts: 1576127952

View Profile Personal Message (Offline)

Ignore
1576127952
Reply with quote  #2

1576127952
Report to moderator
1576127952
Hero Member
*
Offline Offline

Posts: 1576127952

View Profile Personal Message (Offline)

Ignore
1576127952
Reply with quote  #2

1576127952
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1576127952
Hero Member
*
Offline Offline

Posts: 1576127952

View Profile Personal Message (Offline)

Ignore
1576127952
Reply with quote  #2

1576127952
Report to moderator
1576127952
Hero Member
*
Offline Offline

Posts: 1576127952

View Profile Personal Message (Offline)

Ignore
1576127952
Reply with quote  #2

1576127952
Report to moderator
ZenGo
Newbie
*
Offline Offline

Activity: 14
Merit: 4


View Profile
June 25, 2019, 11:43:43 AM
 #22

An option you could consider is ZenGo

Zengo is the first wallet based on threshold cryptography. ZenGo eliminated the need for a private key while still remaining non-custodial.

Mashable just covered the wallet.

bob123
Legendary
*
Offline Offline

Activity: 1106
Merit: 1580



View Profile WWW
June 25, 2019, 12:12:32 PM
 #23

An option you could consider is ZenGo

Zengo is the first wallet based on threshold cryptography. ZenGo eliminated the need for a private key while still remaining non-custodial.

What the hell is this approach...
That's even worse than a web wallet.


With no single point of failure

So many points of failure.. Roll Eyes


Backing up your wallet is just as simple. An encrypted copy of your device share is stored on the ZenGo server, and the decryption code is stored separately in your personal iCloud account. Only with your 3D biometric face map can you access the encrypted share.

I really can't believe what i am reading here..

So.. both of the 2 necessary secrets are on your server.
The decryption key is also stored online.

And oh.. i forgot.. the bio-metric features of a mobile phone are sooo secure.
You guys realize that most of them can be circumvented by holding a printed image in front of the camera ?


I would NOT recommend to use that wallet. The whole concept is flawed.

ZenGo
Newbie
*
Offline Offline

Activity: 14
Merit: 4


View Profile
June 25, 2019, 12:32:07 PM
 #24

An option you could consider is ZenGo

Zengo is the first wallet based on threshold cryptography. ZenGo eliminated the need for a private key while still remaining non-custodial.

What the hell is this approach...
That's even worse than a web wallet.


With no single point of failure

So many points of failure.. Roll Eyes


Backing up your wallet is just as simple. An encrypted copy of your device share is stored on the ZenGo server, and the decryption code is stored separately in your personal iCloud account. Only with your 3D biometric face map can you access the encrypted share.

I really can't believe what i am reading here..

So.. both of the 2 necessary secrets are on your server.
The decryption key is also stored online.

And oh.. i forgot.. the bio-metric features of a mobile phone are sooo secure.
You guys realize that most of them can be circumvented by holding a printed image in front of the camera ?


I would NOT recommend to use that wallet. The whole concept is flawed.

The necessary secrets are split between the user’s device and ZenGo’s servers. It’s not correct that both are stored on the server. If either the server or the device is hacked or lost, the funds remain secure. I'll say this again, even if someone hacked ZenGo’s server, the user would stay protected. There is no single point of failure.

The biometrics are based on ZoOm technology. It’s extremely secure. A printed picture is completely ineffective as it fails to pass the liveness. Even 3D masks are ineffective.

bob123
Legendary
*
Offline Offline

Activity: 1106
Merit: 1580



View Profile WWW
June 25, 2019, 12:43:33 PM
 #25

The necessary secrets are split between the user’s device and ZenGo’s servers.

How can you claim that the user does not have to store/protect a 'private key' (which basically just is sensitive information) if in your concept the user has to store and protect a 'mathematical secret' (which serves as sensitive information).

That's basically the same. Each wallet has to store sensitive information.

Your concept just creates more security flaws than it solves.



It’s not correct that both are stored on the server.

Well.. your website says the following:

An encrypted copy of your device share is stored on the ZenGo server, and the decryption code is stored separately in your personal iCloud account.
So.. one of you is lying.



If either the server or the device is hacked or lost, the funds remain secure.

No. That's not true.

If the device is hacked or lost, the attacker can simply start a transaction.
All he needs to do that is 1) the shared secret and 2) biometric data.

Both can be found on the mobile. The data of the fingerprint is stored on the mobile.
The same applies to the shared secret.



I'll say this again, even if someone hacked ZenGo’s server, the user would stay protected.

Which makes it as secure as a web wallet (in this specific case only).

Your concept only creates downsides. A standard mobile wallet is - by far - more secure. By design.

ZenGo
Newbie
*
Offline Offline

Activity: 14
Merit: 4


View Profile
June 25, 2019, 03:06:04 PM
 #26


How can you claim that the user does not have to store/protect a 'private key' (which basically just is sensitive information) if in your concept the user has to store and protect a 'mathematical secret' (which serves as sensitive information).

That's basically the same. Each wallet has to store sensitive information.

Your concept just creates more security flaws than it solves.

You are right. Well nearly. Some sensitive information is definitely saved on the client side. But it’s not the full information, meaning that stealing it does not allow the hacker to spend it. (unlike private key)



Well.. your website says the following:

An encrypted copy of your device share is stored on the ZenGo server, and the decryption code is stored separately in your personal iCloud account.
So.. one of you is lying.

It’s encrypted by the client and stored encrypted on the server. The server cannot access it.


No. That's not true.

If the device is hacked or lost, the attacker can simply start a transaction.
All he needs to do that is 1) the shared secret and 2) biometric data.

Both can be found on the mobile. The data of the fingerprint is stored on the mobile.
The same applies to the shared secret.

For starters, with our solution the attacker must spend the money through our services which gives us another point of intervention.
Secondly, getting past Apple authentication is not easy, as shown with the FBI-Apple case https://en.wikipedia.org/wiki/FBI%E2%80%93Apple_encryption_dispute (and most attackers are not FBI grade)


Which makes it as secure as a web wallet (in this specific case only).

Your concept only creates downsides. A standard mobile wallet is - by far - more secure. By design.

Our solution makes the attacker mission much harder: Instead of needing to 1 piece of secret information, they now need to get 2 pieces of secret information stored in different places. Of course, once they get 1 piece then they need the other piece. This is the same as claiming multiSig is irrelevant because when you steal one key, then it’s not multisig and you need just one extra key.

Btw if you want to try for yourself we have a fun security challenge with 1BTC for you if you manage to get in. And we make it very easy for you to get in. https://zengo.com/the-zengo-challenge-win-1-btc-and-prove-us-wrong/

We invite you to try it. Also check out our github, all the cryptography is open source...

bob123
Legendary
*
Offline Offline

Activity: 1106
Merit: 1580



View Profile WWW
June 26, 2019, 07:31:58 AM
 #27

You are right. Well nearly. Some sensitive information is definitely saved on the client side. But it’s not the full information, meaning that stealing it does not allow the hacker to spend it. (unlike private key)
[..]
Our solution makes the attacker mission much harder: Instead of needing to 1 piece of secret information, they now need to get 2 pieces of secret information stored in different places. Of course, once they get 1 piece then they need the other piece.

If an attacker gains full access to the mobile, he can spend the funds (just like with private keys stored on a mobile wallet).

Biometric data (e.g. fingerprint) is stored on the mobile. Together with the shared secret, that's all one needs to initiate a transaction using your server.

So.. in the end it again comes down to only the security of the mobile.



It’s encrypted by the client and stored encrypted on the server. The server cannot access it.

But it IS stored online. And that's a huge problem already.



This is the same as claiming multiSig is irrelevant because when you steal one key, then it’s not multisig and you need just one extra key.

With multisig (and someone i know holding the second key out of a 2-of-2 multisig) an attacker can not simply steal my mobile with one of the keys and initiate a transaction by claiming he is the real person.
Your server (i.e. with fingerprint) does exactly this.. I steal a mobile, initiate a transaction using the shared secret and the fingerprint data on the mobile.. and your server happily signs it.

ZenGo
Newbie
*
Offline Offline

Activity: 14
Merit: 4


View Profile
June 26, 2019, 08:41:29 AM
 #28

You are right. Well nearly. Some sensitive information is definitely saved on the client side. But it’s not the full information, meaning that stealing it does not allow the hacker to spend it. (unlike private key)
[..]
Our solution makes the attacker mission much harder: Instead of needing to 1 piece of secret information, they now need to get 2 pieces of secret information stored in different places. Of course, once they get 1 piece then they need the other piece.




If an attacker gains full access to the mobile, he can spend the funds (just like with private keys stored on a mobile wallet).

Biometric data (e.g. fingerprint) is stored on the mobile. Together with the shared secret, that's all one needs to initiate a transaction using your server.

So.. in the end it again comes down to only the security of the mobile.


So you are assuming here that the attacker will by bypass the user device biometric and find a way around the device biometrics and that the owner during that time will not notice his device is not available. Is that reasonable?

What you described is also valid with a hardware wallet stolen from you. The attacker will also need the pin and, just like on a mobile device, will be locked out after a few trials.

Finally, we are introducing soon additional protection to cover exactly that case. I want to draw your attention to the fact that unlike hardware wallet there is no back up that can be stolen by an attacker and result in the loss of funds. It's better to look at the security set up from all angles.



It’s encrypted by the client and stored encrypted on the server. The server cannot access it.


But it IS stored online. And that's a huge problem already.

Why is that a problem exactly? the file is unusable and unreadable. What exactly could we or anyone do with it?


This is the same as claiming multiSig is irrelevant because when you steal one key, then it’s not multisig and you need just one extra key.


With multisig (and someone i know holding the second key out of a 2-of-2 multisig) an attacker can not simply steal my mobile with one of the keys and initiate a transaction by claiming he is the real person.
Your server (i.e. with fingerprint) does exactly this.. I steal a mobile, initiate a transaction using the shared secret and the fingerprint data on the mobile.. and your server happily signs it.

Yes indeed. Multisig can help you the way you describe. That said, anyone with access to one of the multisig keys can impersonate who you think he/she is and you will validate the attacker transaction. On ZenGo only the owner can access his funds.

You are assuming here you will be able to "steal the secret" from the phone. How will you be able to do that exactly?
By the way if you are so confident in your ability to hack ZenGo, we provide you all account access and even the picture to an account that holds 1BTC.  Tongue
https://zengo.com/the-zengo-challenge-win-1-btc-and-prove-us-wrong/
To be compared with a hardware wallet where the Backup/Mnemonic would be provided. Are you ready to share yours?
CryptoInsights
Member
**
Offline Offline

Activity: 115
Merit: 15


View Profile
June 27, 2019, 08:47:11 AM
 #29

There is no "best" bitcoin wallet. It's pretty much down to personal preference.
Exactly! Also, it all depends on one's requirements. If a person is looking for a wallet just to store temporarily with the main motive being trading then an online wallet would be the best choice as trading by using cold storage wallet can be a bit troublesome.
If safety is the main priority then I'd recommend you to go for cold storage, preferably the hardware one. They're the safest wallet out of all the others.

Pmalek
Legendary
*
Offline Offline

Activity: 1148
Merit: 1185



View Profile
November 30, 2019, 02:48:28 PM
 #30

Shill your Taki waki network or whatever it is called somewhere else, not in the Bitcoin boards. Nobody cares about that here.
All the above accounts who posted in the space of a few minutes were created on the same date, a few minutes apart and the few posts they have are mostly Taki waki network shills.

████████████████████████████
████████▀▀ █▀ █▀ ▀██████████
█████████▄ ▄▄▄▄▄▄███████████
██████████▀     ▀  ▀████████
███████▀ ▀  ▄█▀▀▀█▀▀████████
██████▄      █▄  ▀▀  ▀██████
██████         ▄▄█▄ ▄ ▀█████
█████ ▄         ▀▀ ▄ ▀ █████
██████▌          █▀█▀ ▐█████
███████  ▄▌         ▄ ██████
████████▄█         ▄████████
█████████▀     ▄▄ ▄█████████
████████████████████████████
.JACKMATE'S...........
.
MAJESTIC..
████████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
████████████████████████
.
..WIN 1 BITCOIN ON EVERY PREMIER LEAGUE MATCHDAY..
████████████████████████████████
████████████▀█▀ ▀█▀█▀███████████
███████████▄ ▄▄▄▄▄▄▄████████████
███████████▀▀▄▄▄▄▄▄▄▄███████████
█████████▀▄ ██▀▄▄▄ ▀ ▄▀█████████
███████▀ ▀█████▄▄▄█▄▄▄██████████
███████▀▄████████▀  ▀█ █▐███████
███████ ▀█████████▄█▀▀██ ███████
████████ ███▀██████ ▄ ██ ███████
████████▌▐▀▄ ██████████ ▄███████
█████████▄██▌▐█████▀██ █████████
████████████▄▀▀▀▀▀▄ ▀▄██████████
████████████████████████████████
.
.JOIN US - IT'S FREE! .
Cc12
Newbie
*
Offline Offline

Activity: 19
Merit: 0


View Profile
December 03, 2019, 10:43:06 AM
 #31

Even banks with their huge safes do not have an ideal storage system. But still, when you yourself are responsible for the safety of your assets, this disciplines. It is better to be prepared to lose everything through your own fault than if hackers crack you and the data falls into the hands of third parties. Although, of course, you should always make copies to store keys in several places
Lkj67
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
December 03, 2019, 10:45:12 AM
 #32

Even banks with their huge safes do not have an ideal storage system. But still, when you yourself are responsible for the safety of your assets, this disciplines. It is better to be prepared to lose everything through your own fault than if hackers crack you and the data falls into the hands of third parties. Although, of course, you should always make copies to store keys in several places

The funny thing is that despite the fact that you often talk about the importance of choosing a wallet, not many users will listen to tips and protect themselves from theft. The number of hacker attacks and the loss of access to wallets still prove that people often use the same tactics, hoping that nothing bad will happen to them
Bigbon89
Newbie
*
Offline Offline

Activity: 18
Merit: 0


View Profile
December 03, 2019, 10:47:32 AM
 #33

Even banks with their huge safes do not have an ideal storage system. But still, when you yourself are responsible for the safety of your assets, this disciplines. It is better to be prepared to lose everything through your own fault than if hackers crack you and the data falls into the hands of third parties. Although, of course, you should always make copies to store keys in several places

The funny thing is that despite the fact that you often talk about the importance of choosing a wallet, not many users will listen to tips and protect themselves from theft. The number of hacker attacks and the loss of access to wallets still prove that people often use the same tactics, hoping that nothing bad will happen to them

Yes, therefore simple truths are called wisdom. that it needs to be repeated again and again. This is why newcomers need honest guidance on what to do in order to learn about cryptocurrency trading and digital asset management. Educational crypto courses on taklimakan network are available to everyone. Materials are created by experienced traders so that you can gain knowledge directly from practice.
Boyko1297
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 03, 2019, 10:51:50 AM
 #34

Even banks with their huge safes do not have an ideal storage system. But still, when you yourself are responsible for the safety of your assets, this disciplines. It is better to be prepared to lose everything through your own fault than if hackers crack you and the data falls into the hands of third parties. Although, of course, you should always make copies to store keys in several places

The funny thing is that despite the fact that you often talk about the importance of choosing a wallet, not many users will listen to tips and protect themselves from theft. The number of hacker attacks and the loss of access to wallets still prove that people often use the same tactics, hoping that nothing bad will happen to them

Yes, therefore simple truths are called wisdom. that it needs to be repeated again and again. This is why newcomers need honest guidance on what to do in order to learn about cryptocurrency trading and digital asset management. Educational crypto courses on taklimakan network are available to everyone. Materials are created by experienced traders so that you can gain knowledge directly from practice.

Although software wallets, the key to which you can store separately, are completely safe. but, unfortunately, one cannot always rely on technology. Storage devices suddenly stop working when you reconnect them to a computer. and the problem cannot be predicted. although the percentage of loss of their crypto coins is not high. but there is always a risk
Poi1234
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
December 03, 2019, 10:57:12 AM
 #35

Even banks with their huge safes do not have an ideal storage system. But still, when you yourself are responsible for the safety of your assets, this disciplines. It is better to be prepared to lose everything through your own fault than if hackers crack you and the data falls into the hands of third parties. Although, of course, you should always make copies to store keys in several places

The funny thing is that despite the fact that you often talk about the importance of choosing a wallet, not many users will listen to tips and protect themselves from theft. The number of hacker attacks and the loss of access to wallets still prove that people often use the same tactics, hoping that nothing bad will happen to them

Yes, therefore simple truths are called wisdom. that it needs to be repeated again and again. This is why newcomers need honest guidance on what to do in order to learn about cryptocurrency trading and digital asset management. Educational crypto courses on taklimakan network are available to everyone. Materials are created by experienced traders so that you can gain knowledge directly from practice.

Although software wallets, the key to which you can store separately, are completely safe. but, unfortunately, one cannot always rely on technology. Storage devices suddenly stop working when you reconnect them to a computer. and the problem cannot be predicted. although the percentage of loss of their crypto coins is not high. but there is always a risk

Encryption technologies are being improved, but there is always a human factor. so the good old way to write down on paper and put key data in your passport can really be one of the most encouraging ways to ensure the security of digital assets.
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!