Mobile wallet for newbies?

[mersal]

I would definitely not recommend coinomi, jaxx or exodus.
All of these wallets have their own problems. And the developer of jaxx and coinomi are extremely incompetent and had severe vulnerabilities in their wallets without properly acknowledging them.

I'd keep away from those wallets.

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities? Then how these wallets are considered as best crypto wallets for everyone even in 2020?

[Coinomi]

I would definitely not recommend coinomi, jaxx or exodus.
All of these wallets have their own problems. And the developer of jaxx and coinomi are extremely incompetent and had severe vulnerabilities in their wallets without properly acknowledging them.

I'd keep away from those wallets.

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities? Then how these wallets are considered as best crypto wallets for everyone even in 2020?

Thank you for the great feedback. We have always been totally open and transparent about any issues with our wallet, but most importantly, no user has ever lost money with Coinomi due to these "bugs". Of course people are entitled to their opinion and it's not our job to prove them otherwise. Coinomi has a great reputation and track record and if these claims were true we wouldn't be here almost 7 years after the wallet's inception and we would definitely not have millions of happy users.

[Mandarava]

I'd keep away from those wallets.

In this case, it might be much easier to explain to a newbie, especially if he is going to store a large amount of bitcoins on his mobile wallet, that all wallets that can be installed on a mobile phone are less reliable than, for example, hardware wallets, or than an official bitcoin wallet from development teams. But for ordinary expenses (no more than $ 100 per day for example), he can safely use almost any mobile wallet.

[bob123]

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities?

Coinomi had a really severe vulnerability where they sent the mnemonic code to the google server to check the spelling of the words.
While mistakes can happen, the developer claimed that this isn't as sever since google employees stealing funds would be unlikely. They completely ignored any other attack surface coming from that vulnerability.

The really important thing is not that the vulnerability existed, but the missing competence from the developer to acknowledge it. There are better wallets with more competent developers available.

Then how these wallets are considered as best crypto wallets for everyone even in 2020?

There is no central authority who gives out a prize for the "best wallet".
People might choose them as the best wallets for random reasons (e.g. good UI and easy to use), they don't necessary have the technical knowledge to question it form a technical perspective.

[mersal]

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities?

Coinomi had a really severe vulnerability where they sent the mnemonic code to the google server to check the spelling of the words.
While mistakes can happen, the developer claimed that this isn't as sever since google employees stealing funds would be unlikely. They completely ignored any other attack surface coming from that vulnerability.

The really important thing is not that the vulnerability existed, but the missing competence from the developer to acknowledge it. There are better wallets with more competent developers available.

Thanks for the clear explanation, I didn't know that this vulnerability existed with Coinomi but luckily I am not affected by it. Still have that wallet but I don't think any considerable amount left in there. Still the vulnerability exists with it or they resolved it?

[bob123]

Still the vulnerability exists with it or they resolved it?

They fixed it.

That's one of the problems with closed-source wallets. You don't know what exactly they are doing.
For small amounts it should be fine, but definitely not for larger amounts.

[Coinomi]

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities?

Coinomi had a really severe vulnerability where they sent the mnemonic code to the google server to check the spelling of the words.
While mistakes can happen, the developer claimed that this isn't as sever since google employees stealing funds would be unlikely. They completely ignored any other attack surface coming from that vulnerability.

The really important thing is not that the vulnerability existed, but the missing competence from the developer to acknowledge it. There are better wallets with more competent developers available.

Then how these wallets are considered as best crypto wallets for everyone even in 2020?

There is no central authority who gives out a prize for the "best wallet".
People might choose them as the best wallets for random reasons (e.g. good UI and easy to use), they don't necessary have the technical knowledge to question it form a technical perspective.

This is a really weird misrepresentation of the facts. Did you even bother to read our official announcement on the incident? Apparently not. We totally acknowledged the incident and put together an action plan to make sure no user funds are at risk, this is why we were in contact with Google and the Police authorities from the very first day that this bug was disclosed to us. And since you brought this up it would be also nice of you to mention that this bug only existed in this very particular version of our then-newly-released desktop wallet so mobile clients were not affected at all and even in desktops it would only be present if the user would try to restore an existing wallet into their desktop app so it also wasn't present in newly set up desktop wallets. The most important thing that you also fail to mention is that no user lost money from this bug (or from any other bug for that matter) and that we went a really long way to make sure that sensitive user data was only available to their owners and nobody else. If you want to call this incompetence then so be it, we are here to serve the crypto community in the best way like we've been doing for the past 7 years, not to convince you or anybody else about anything but we would really appreciate it if you stopped misrepresenting the facts. It would also be nice of you to mention that there have been bugs in all wallet clients from every single vendor from time to time and that in most instances users have permanently lost their funds, and that includes many open-source wallets too.

We mentioned this in one of our recent posts on this forum and we do this again here: we are working on an open-source solution that will be released soon to address these concerns. Our 24/7/365 Customer Support will be happy to assist you along the way via Live Chat, email and on several media platforms. Thank you.

[Coinomi]

Still the vulnerability exists with it or they resolved it?

They fixed it.

That's one of the problems with closed-source wallets. You don't know what exactly they are doing.
For small amounts it should be fine, but definitely not for larger amounts.

Thank you. This is a much better way to put it indeed. And like we said, we are working on a solution to address these concerns.

[bob123]

This is a really weird misrepresentation of the facts. Did you even bother to read our official announcement on the incident? Apparently not. We totally acknowledged the incident and put together an action plan to make sure no user funds are at risk, this is why we were in contact with Google and the Police authorities from the very first day that this bug was disclosed to us. And since you brought this up it would be also nice of you to mention that this bug only existed in this very particular version of our then-newly-released desktop wallet so mobile clients were not affected at all [...]

Ok. So only the destkop clients were affected.
At least your mobile wallet is open-source so everyone can verify the code and check that you don't have other blatantly retarded mistakes there, right? Oh i forgot.. it's not.

Also, i'd like to quote you here:

Thank you for your comments. We don't believe that any side claims that the seed was sent in plain text, the "victim" (aka blackmailer) has always claimed that his seed was sent encrypted to Google and then a Google employee used it to steal his funds. We have millions of users but only his funds was stolen - and stolen by Google. We expect people on this forum to be smarter than that. And yes, you can verify that everything was broadcasted over HTTPS, just ask the "researchers" who made a case out of it in the first place to send you a copy of the wallet executable, install it on a sandbox and run a packet sniffer to see for yourself.

You were using HTTPS. Congratulations, that makes the vulnerability just a little bit less severe.
You see google as the only (?) person who can steal funds from this vulnerability because of HTTPS. This means you obviously don't have any clue.

There is no good reason to trust a closed source wallet from developers who have such a stance regarding this vulnerability.

[nakamura12]

I would recommend using trustwallet or imtoken. I have been using imtoken and trustwallet with no issues even used it to transfer some bitcoin and ethereum to my other wallet. I may have used a custodial wallet app for android and IOS (I think they support IOS too) but I think it's only available in my country but if that newbie is also where I from then I would suggest using it as I have been using it for almkst 3 years.

[AakZaki]

Trustwallet is my wallet of choice for beginners. Because trustwallet has many features and supports multi-coin wallets that support ERC-20, ERC-721, BEP2 wallets. Trustwallet also supports the main Blockchain in the Ethereum ecosystem.

Besides that, the trustwallet interface is also easy to use for beginners and supports the DApps Browser.

Trustwallet also prioritizes wallet security and user anonymity. Security standards continue to be improved so that assets remain safe.

[Cryptoababe]

What crypto mobile wallet can you suggest for newbie who doesn't know anything about Bitcoin and blockchain.
Wallet needs to be very simple to use, non-custodial and with Android OS.
(This is not for me but for my family and friends)

I suggest trust wallet. This wallet is very simple to use. Good UI and easy to understand. Newbies in my country use trust wallet.

[libert19]

Used Coinomi in the past for some altcoin storage and never had any issues with them personally, probably they have bugs but, Do they really have vulnerabilities?

Coinomi had a really severe vulnerability where they sent the mnemonic code to the google server to check the spelling of the words.
While mistakes can happen, the developer claimed that this isn't as sever since google employees stealing funds would be unlikely. They completely ignored any other attack surface coming from that vulnerability.

The really important thing is not that the vulnerability existed, but the missing competence from the developer to acknowledge it. There are better wallets with more competent developers available.

Thanks for the clear explanation, I didn't know that this vulnerability existed with Coinomi but luckily I am not affected by it. Still have that wallet but I don't think any considerable amount left in there. Still the vulnerability exists with it or they resolved it?

Only desktop version was affected and from their response article the vulnerability was in the plugin they used and not in wallet code itself.

You can read more here if you like: https://medium.com/coinomi/official-statement-on-spell-check-findings-547ca348676b

[bob123]

Only desktop version was affected and from their response article the vulnerability was in the plugin they used and not in wallet code itself.

This doesn't really make it less severe.

Just don't use coinomi or any other closed source wallets and you are most likely fine.

Closed source software should be avoided whenever possible. This does not only apply to wallets. But especially with a decentralized payment network, open-source should be preferred.

[mk4]

Bluewallet: https://bluewallet.io/

It's pretty slick and straight to the point, and it's bitcoin only. Especially knowing that the people who are going to use your recommendation don't know much about bitcoin and blockchain, I don't think it's a good idea to overwhelm them with multi-coin wallets.

[AakZaki]

Bluewallet: https://bluewallet.io/

It's pretty slick and straight to the point, and it's bitcoin only. Especially knowing that the people who are going to use your recommendation don't know much about bitcoin and blockchain, I don't think it's a good idea to overwhelm them with multi-coin wallets.

Blue wallet is also called Lightning wallet with lightning, segwit network and HD wallet.
Blue Wallet also has new features such as the Desktop App which is currently only available for Mac OS and will later be developed for Linux and Windows.

There is a Local Trader feature, namely the p2p trading marketplace which makes it easier to buy bitcoin without using KYC.

LNurl support, Cobo vault support, custom entropy, Coldcard support, Hardware Wallet and many others.

This is a fairly complete beginner's wallet that will support Multiple wallets later.