Light Wallet Apps and Privacy?

[mahomala]

So i have a question and i can´t fully figure it out.



For example a user has a non-custodial wallet at Trust wallet app or Exodus which states that they are fully non custodial and generation and seeds are stored only locally.


However those " light " wallet providers still uses dedicated or self hosted nodes, which means that they can still track the users IP and also when trying to update the balance of a specific seed/wallet, the amount held under an adress?


Also how privacy focused are those wallets then, if a surveillence firm can track a broadcasted transaction back to those wallet providers, because they use their own nodes?


Also can the app or the Wallet provider also link different generated seeds on the same device back to the user or are they seperated from each other even if the same app on the same device was used for those different seed phrases?


What is the better solution for an mobile application to use?

[OmegaStarScream]

If you are worried about the nodes you're connected to, you should run your own and use a wallet that allows you to connect to it, preferably also an open source one. Electrum, or Bluewallet for example.

Also can the app or the Wallet provider also link different generated seeds on the same device back to the user or are they seperated from each other even if the same app on the same device was used for those different seed phrases?

I would imagine they can tell that yes. Using the master public key which derives all of your addresses.

[LoyceV]

For example a user has a non-custodial wallet at Trust wallet app

I've seen far too many topics about frozen funds in that wallet to believe they're non-custodial.
If you want an SVP wallet, use Electrum.

However those " light " wallet providers still uses dedicated or self hosted nodes, which means that they can still track the users IP and also when trying to update the balance of a specific seed/wallet, the amount held under an adress?

If you don't want anyone to know your IP address, use a VPN or Tor. If you don't want anyone to know which addresses belong to the same wallet, don't use an SVP wallet.

Also how privacy focused are those wallets then, if a surveillence firm can track a broadcasted transaction back to those wallet providers, because they use their own nodes?

If you're concerned about privacy, it's better to use Bitcoin Core (through Tor).

Also can the app or the Wallet provider also link different generated seeds on the same device back to the user or are they seperated from each other even if the same app on the same device was used for those different seed phrases?

If you use those wallets from the same IP address, it's not that hard to link them together. But it's very easy to avoid all this: don't do it.

What is the better solution for an mobile application to use?

Mobile wallets are hot wallets, you shouldn't trust them with any amounts larger than what you can afford to lose in the first place. I'd go for Mycelium or BlueWallet on mobile, but much of this depends on personal preference. Phones are designed to spy on you, so if you want privacy, it's better to get a(n old) laptop (with Linux).

[BlackHatCoiner]

However those " light " wallet providers still uses dedicated or self hosted nodes, which means that they can still track the users IP and also when trying to update the balance of a specific seed/wallet, the amount held under an adress?

Most light wallets can see both your IP address and your list of Bitcoin addresses. Wasabi Wallet is the only one I know that has implemented a feature called "compact block filters", which hides the Bitcoin address list from the SPV server, and it also uses Tor by default on every activity, so it genuinely keeps you private. It also comes with built-in coinjoin, that can make your coins private on-chain.

[Cricktor]

From some very basic online search only core parts of Trust wallet are open-source but not its user interface of mobile apps. I don't like this and I wouldn't want to trust a wallet that has or needs "Trust" in its name.

And Exodus wallet isn't any better, definitely not fully open-source.

Do I want to use a non-fully open-source wallet? Not really, though I make an exception (only for small amounts) with Wallet of Satoshi as one of my Lightning wallets.


To maintain the privacy of my wallet's addresses I have an own full Bitcoin Core node and as Electrum server I use Fulcrum. My SPV (Simplified Payment Verification) wallets only connect to my own Fulcrum Electrum server. As blockchain explorers and if I want to use it privately, I use a local self-hosted copy of mempool.space. My Bitcoin node and wallets use a Tor proxy for communication outside my local network. Privacy doesn't come for free.

My mobile hot wallets, Electrum, Phoenix and Wallet of Satoshi, two of them are Lightning wallets, only hold pocket money amounts of coins. I don't consider a mobile phone a particularly safe environment. I prefer desktop wallets and I mostly operate my wallets on a dedicated Linux device which is not my daily driver. A hardware wallet secures my private keys.

[ABCbits]

Also can the app or the Wallet provider also link different generated seeds on the same device back to the user or are they seperated from each other even if the same app on the same device was used for those different seed phrases?

If they intend to track you, they may send unique device ID, where changing IP or connection won't help.

What is the better solution for an mobile application to use?

Find ones that have privacy feature, such as only connect to your own Bitcoin node or server. Electrum is one wallet that have such feature. And if you take privacy very seriously, you would need to use modified Android OS/ROM that have good privacy feature and reputation.

[FinneysTrueVision]

For example a user has a non-custodial wallet at Trust wallet app or Exodus which states that they are fully non custodial and generation and seeds are stored only locally.

These are some bad examples to use because they aren’t private at all. Trust wallet only gives you a single static receiving address for every transaction. Exodus’ website says that by default your receiving address is the same as your change address. It is the same as Trust, but at least there is an option to enable using multiple addresses.

What is the better solution for an mobile application to use?

Use a wallet with your own node. If that’s not an option, wallets using compact block filters give you better privacy by not leaking your addresses and balance to third party observers. There’s only about four wallets implementing this on mobile.

[TheButterZone]

If you have Android & about 13 GB of free space/the ability to pop in a MicroSD for adopted external storage, help us work on Mandacaru's development, which works with the stable Electrum Android app! Or wait a bit until they finally get Mandacaru's storage requirement way down.

[internetional]

Also how privacy focused are those wallets then, if a surveillence firm can track a broadcasted transaction back to those wallet providers, because they use their own nodes?

As far as I know, neither the developers of Trust nor the developers of Exodus have ever stated anywhere that their wallets are privacy-focused. Trust Wallet has a security page on its website that mentions privacy issues as a top priority. But that page is the most horrifying thing I have seen on that website. Take a look for yourself and be horrified: https://trustwallet.com/security
It is immediately clear that this is far from a priority.

I did not make up the link, I took it from the Trust's homepage.

[nc50lc]

What is the better solution for an mobile application to use?

If you can't create your personal server and you don't have a choice...

By using Electrum or other open-source light clients that can connect to Electrum servers,
You may choose from the two public Electrum servers that our two reputable members have created:

• LoyceV's: [BACK ON NEW SERVER] LoyceV's 0.1 sat/vbyte Electrum Server Adventure
• DireWolfM14's: DireWolfM14's Electrum SPV Server

Loyce claimed that he's using the default settings but not accessing the logged IP in this post, but logging might have been disabled now (needs confirmation)
On the other hand, DireWolf disabled logging right off the bat as you can see in his thread.
Of course, there's no way to verify it, so it involves trust.

[LoyceV]

Loyce claimed that he's using the default settings but not accessing the logged IP in this post, but logging might have been disabled now (needs confirmation)

I haven't changed anything:

LoyceV has his own server and I trust him enough to believe he is not tracking anyone.

When I start my Electrum server (Fulcrum), it spits out IP-addresses of connected clients on the console. I exit this console and let it run in the background, but it's good to realize this data is quite easily available.
I don't track it, but just like my webserver: I use mostly default settings. I assume my webhost doesn't track things either, but I can't ever be completely sure.

I just checked: it still writes logs to disk, but a quick check doesn't show IP addresses. I'm not sure what it's logging, so I don't want to change the default. I just know the IPs it spits out on console disappear into the void the moment I exit that console.

I get these logs:

Code:

find | grep -i log
./meta/LOG
./meta/LOG.old.1778671446505719
./meta/LOG.old.1777892044864201
./meta/LOG.old.1778414710892963
./meta/003380.log
./meta/LOG.old.1778671038151750
./blkinfo/LOG
./blkinfo/000318.log
./blkinfo/LOG.old.1778671446536518
./blkinfo/LOG.old.1778671038178999
./blkinfo/LOG.old.1777892044879226
./blkinfo/LOG.old.1778414710907563
./utxoset/LOG.old.1778671038235635
./utxoset/LOG.old.1778671446558798
./utxoset/LOG
./utxoset/074506.log
./utxoset/LOG.old.1777892044894286
./utxoset/LOG.old.1778414710938937
./rpa/LOG
./rpa/LOG.old.1777892045132492
./rpa/000096.log
./rpa/LOG.old.1778671446908480
./rpa/LOG.old.1778671038773380
./rpa/LOG.old.1778414711408133
./scripthash_history/181654.log
./scripthash_history/LOG
./scripthash_history/LOG.old.1778414711010693
./scripthash_history/LOG.old.1778671038326557
./scripthash_history/LOG.old.1778671446609636
./scripthash_history/LOG.old.1777892044933638
./scripthash_unspent/LOG
./scripthash_unspent/LOG.old.1778671038511966
./scripthash_unspent/049744.log
./scripthash_unspent/LOG.old.1778414711197449
./scripthash_unspent/LOG.old.1778671446740318
./scripthash_unspent/LOG.old.1777892045036371
./scripthash_unspent/049742.log
./undo/LOG
./undo/LOG.old.1778414711241492
./undo/LOG.old.1778671038575358
./undo/LOG.old.1777892045057326
./undo/026340.log
./undo/026338.log
./undo/LOG.old.1778671446783581
./txhash2txnum/LOG
./txhash2txnum/124878.log
./txhash2txnum/LOG.old.1778671038613922
./txhash2txnum/LOG.old.1778671446813398
./txhash2txnum/LOG.old.1778414711274726
./txhash2txnum/124905.log
./txhash2txnum/LOG.old.1777892045072976

[ABCbits]

What is the better solution for an mobile application to use?

Use a wallet with your own node. If that’s not an option, wallets using compact block filters give you better privacy by not leaking your addresses and balance to third party observers. There’s only about four wallets implementing this on mobile.

It would be great if you tell us list of such wallets, because it's not trivial to find with google search. I probably simply forget it, but i remember Blixt wallet that support compact block filter.

What is the better solution for an mobile application to use?

If you can't create your personal server and you don't have a choice...

By using Electrum or other open-source light clients that can connect to Electrum servers,
You may choose from the two public Electrum servers that our two reputable members have created:
--snip--

I don't remember where i read it, but Sparrow wallet also list few public electrum server that may be trustable/reputable enough. OP and other reader can check it on https://github.com/sparrowwallet/sparrow/blob/2.5.2/src/main/java/com/sparrowwallet/sparrow/net/PublicElectrumServer.java. I don't vouch any of those, but it can be considered as alternative.