First of all, I still don't understand how can people just keep money on a phone which then then they keep unlocked in the back pocket.
Then, as shown by OP website, what you download is not exactly what you expect, even in the case of reputed publishers (like Electrum, Samourai, ..)
What I want to tell is that crypto wallets on Android should really use hardware wallets if we talk about a bit bigger funds.
May I pick on the "reputed publishers" there? Do you know who they are? If the publisher hides in secrecy, that on its own is a huge red flag for me.
I totally agree on hardware wallets being the way to go but my list involves wallets with a combined download count of 20 million and a hardware wallet still costs over $100. You only invest $100 if your expected loss of not doing so is greater than $100. If you estimate your chance of the wallet losing funds at 5%, you won't use a hardware wallet for anything up to $2000. The exit scammer though may empty a million accounts at once, so here there is a lot of money to be made. Lets spot the black sheep and kick them out.
Now about the website. The initiative is great, but the implementation needs a bit more care for the newbies. In the way it's shown now it's big, it's scary for the newbies and most would not know how to read between the lines the info they need. Maybe those big diff pages should be shown only "by request" by the ones who what to see more than the conclusions (and even those would have a "show more" and a "show all" option?)
Thanks for the feedback! Scary landing page was certainly intended. Boring techy stuff was more the result of us wanting to justify our conclusions. To not show what we tried would look like we didn't try and we don't want to call out wallets on a whim. Maybe we can move the "analysis protocols" into separate documents for the more technically inclined audience?
Perhaps a community rating might be a better solution [I do know that there's already a column for google play ratings but some of them tend to artificially inflate those ratings].
So far nobody has discovered the donate button but I was thinking of adding one per wallet and make it kind of a popularity contest that also pays for the project.
I have gone through the site to check the android wallets but found only 3 wallets to be verified. Can you tell me what does it mean by Non - Verifiable ?
Currently it's even worse: Only three are publicly verifiable which is not the same as actually being verified which would be an expensive and ongoing process.
As nobody cares, it probably doesn't mean much yet, as I refuse to believe that the other 34 are scammers but if people wake up to the idea that verifiability matters, we will see which wallets will actually come forward and make their apps verifiable and which don't.
I only started the project and most wallets don't care cause users don't care yet. I expect many of the non-verifiable ones will slip into the verifiable section if people care.
The thing is if the companies behind it were to hear from the actual voices of their users, maybe they would. I doubt it would happen any time soon because I think they don't want someone making their programs open source, especially with the public. Is this the only reason why you started this project?
I don't understand sentence 2 and 3. Many wallets are open source but not verifiable. Those I hope to win over. The closed source wallets I consider outright evil.
Once people care, wallets that remain non-verifiable turn more into red flags by my estimate. Also I intend to raise the bar once people move towards caring.
I do think that it would help your project if you conducted a mini-survey before visiting your site to see if users "care."
You mean like a pop-up on the landing page?
Do you care?
O Yes
O No
?
I noticed you did not review Trust wallet though it is one of the widely used cryptocurrency wallet.
You mean
this wallet?
Also can you consider the review of these hardware wallets in the near future?
I am considering to mark Android wallets that support hardware wallets for a start but hardware wallets on their own are a very different kind of tool than Android apps.
It's so relieving to see my favourite wallet Mycelium in the verifiable section. I think this post will spur cryptocurrency wallets to be more secured in safeguarding the assets of their users. A big thumbs up to all the developers of this project. I would be glsd if you can cinsider looking at HubrisOne wallet, I think that wallet might scam users someday to come.
Honored by your trust but as stated on the detailed analysis of that wallet, contributors to walletscrutiny are also contributors to Mycelium. In fact I introduced verifiability to Mycelium a year or so ago and it's an integral part of our release protocol to have each build be verified by at least a second engineer. No malware on the release manager's machine should be able to sneak in backdoors.
