I’ve held onto Daedalus for primary Cardano asset storage because of IOG’s original security audit of the wallet, performed by an unaffiliated third party around the time of the Shelley launch, which to me seemed very rigorous compared to the competition. I’ve been holding out for the “light” version of Daedalus but it doesn’t seem like this will come out in any useful time frame.
So I’m trying to find whatever dApp compatible Cardano wallet has the highest security standard in terms of antagonistic audit and/or peer review. I know how debatable the concept of “security” is, so I’m mainly hoping to hear about people’s favourite dApp light software wallets and the qualities of those wallets & their developers which are the most reassuring for security.
p.s. please note this is a distinct question from this long time thread:
… which at this time has only discussed Daedalus, hardware wallets, and Yoroi which seems developmentally abandoned let alone security reviewed.
good evening.Have you managed to resolve the issue with the wallet?I am just like you are now looking for cardano compatible paper wallets and there is also a problem
Well, this is surprising. There are few forum heads I know who’ve compared & contrasted Cardano wallets before so I thought there would be more than a single off-topic response form someone who didn’t understand the original posting.
This is an important issue because the community needs more than the usual marketing push & obligatory rush for feature completeness to distinguish between the growing number of browser-extension wallets. So with all the dialogues that have developed this week, some with more than the usual attention to detail, how did this question get ignored by Cardano users, devs & integrators in every time zone?
Like most well educated & cautious users I understand the basics of how these wallets would handle a user’s keys but there are hundreds of points along the UI path where encryption passwords could get stolen, files exposed, web resources inappropriately cached, etc. The purpose of a security audit is for someone to look at these vulnerabilities from unanticipated angles… so the primary developer of a wallet would be the worst choice for the job of declaring a wallet secure.
Perhaps the answer is that no light wallet in Cardano has ever been audited for security. If that’s the best answer the community is able to come up with, then I would like to confirm it here ASAP. Even this would help me and my clients prepare for a worst-case scenario… including possibly having to wait for IOG and “Daedalus Lite” before putting our life’s savings into one of these new and often undocumented products.
TL;DR: Security. Convenience. Functionality. Pick any two!
From a security stand-point I would recommend separating your wallets based on purpose. Some of the better cybersecurity practices are to simply reduce the attack surface because ultimately YOU are your biggest risk. The easiest way to do this is to increase security based on the amount and simply never use your primary holding wallet with ANY dapp ever!
For example you could use a hardware wallet device like Ledger or Trezor paired with Daedalus on a dedicated machine with a fully-encrypted hard drive that you ONLY use for holding, delegating, etc. This is where you could store the majority of your ADA and you literally only need to power this machine on and unlock your hardware wallet when you want to delegate to a new pool or fund another wallet. Making this effectively “cold storage” with many layers of security.
Then for your medium security zones such as well established, audited, or notable defi projects like SundaeSwap you could use your crypto-friendly privacy browser such as Brave with the Nami wallet extension over a VPN connection. This wallet would be funded with enough ADA for your defi needs but never more than your willing to possibly lose to gain the benefit of interacting with the dapp!
Lastly we have the danger zone of community or hobby projects that are harder to understand the security model and risks. This is where you might participate from a tablet or mobile device with Nami, Eternl, or any other dapp wallet that strikes your fancy but you would never fund more than the minimum ADA needed for the next hour or so.
Note: the “danger zone” does not mean the project is bad in any way! I would actually put my own project into this category as it’s literally just me working on it and I don’t have any funding to pay for security audits or any cybersecurity staff constantly being vigilant to new threats. That said I will also never require more than a few ADA to do anything in the game so about 5 ADA would be all you ever need to play the game forever after launch later this year anyway!
On the one hand, your post slipped through, when I did not have much time to answer, on the other hand, I don’t know if any of the wallet apps – including the “official” ones, Daedalus and Yoroi – ever had something like a security audit. I suppose not.
And I, frankly, also don’t know if I would put so much trust in an audit.
Personally, I would not trust IOG’s light wallet more (or less) than the others. In all cases, I don’t see a reason to not believe them that the master keys are encrypted with the spending password and stored only locally. From then on, it all depends on the security of my machine and on the chance that the wallet app is popular enough that someone wrote a malware targeting it.
Life’s savings shouldn’t be in crypto. And if they are in crypto, they should be on a hardware wallet.
Thanks to everybody for chiming in. Based on these surveys I’ll conclude the light wallet “state of the art” has no popular security preferences, let alone assurances. If a developer or user finds something that gives any particular light Cardano wallet a apparent security advantage, I’d hope they will find this thread & post here.
The other implications, which I won’t ever agree with, are 1) that a commercial hardware wallet is the highest security standard, and 2) that cryptocurrency is really no place to put all your money. I wouldn’t want anyone in my own circle of responsibility to blindly accept either of these propositions, so I’m posting some individual responses to help keep people thinking about the related issues— not to criticise anyone else’s opinions or security posture— and then happy to let the matter rest.
For the purpose of this discussion I would like to scratch out -convenience-. Any mature platform which values security should also provide a wide & complete range of functions, with the user’s knowledge and skill expected to evolve as that range of function widens.
This brings me to my main reason for posting this question. We have such a platform which even resembles a hardware wallet in “USB key” form factor, with a persistent OS supporting either a “cold” key signing environment (cardano-cli + tools to support encrypted documents & archives) or a “cool” restricted Internet environment providing such a “dedicated machine” without the physical hardware:
Recently the disk and memory bandwidth is making Daedalus more burdensome to run on even the fastest USB drives so of course we are looking for something that’s an acceptable alternative from a security point of view. It’s becoming intolerable to run a full node, when you don’t really have to, just for security assurances that were made long ago.
And increasingly we’re seeing that Cardano tokens held in long term staking contracts (e.g. WMT and MELD) can only be assigned to those contracts though DeFi compatible browser extension wallets. Add that to the difficulty of waiting for Daedalus to sync when it’s infrequently used… especially across the slow disk bandwidth of the USB interface… and we have an extreme burden to Convenience which diminishes the benefit of this device’s range of Functionality that far exceeds a commercial hardware wallet. It would be well worth the research if we could find a light wallet to switch to without compromising Security on this platform.
Again, this is exactly what we’ve been thinking, and using. In fact the “Frankenwallet” is functional enough to trade on some DEX web sites, giving users another option besides their “daily use” browser to support the trading wallet(s), and avoiding entering your wallet password on one’s daily use machine, while keeping account & trading records in a document encrypted with a password that’s also never entered on the insecure host.
Nami has been our top choice because of longevity and popular support… and therefore also my main reason for posting this thread: its (to my knowledge) complete lack of a security statement beyond the usual assumption of responsibility, plus the fact that its user level documentation has never been extended since day 1. I have great confidence in this developer & his contributions, but this confidence will never be complete unless a cooperative security adversary has tried to break the wallet and failed.
I’d be happier to see another audit done since Shelley, but it’s still a plus that the features still used today (the UI container & Nix based architecture, with their usage of the node + wallet packages) were all looked at together at some point by a critical third party with the results publicly available.
This doesn’t conclude the matter either, because of the huge range of intermediate factors that are present in any browser based UI. For instance one wallet not long ago (I won’t say which, to try to stay on subject) invoked the Google spell checker on the wallet passphrase. The devs who created the key encryption architecture may not have been responsible for that… yet still the passphrases of all users of that wallet were made available to Google and all its minimally cleared employees for months.
This is mainly a character judgement, recently addressed in another forum thread so I’ll avoid it here: except to say (on the security topic) that the widely perceived security vulnerability of non-custodial cryptocurrency is an impediment to its mass adoption, as well as an excuse for over-regulation inhibiting development of the industry: both of which keep the assets of low value as well as vulnerable to security breach. So this judgement contributes to the perpetuation of the problem… i.e. a self fulfilling prophecy.
There is also the counterpoint that perhaps one’s Life’s Savings shouldn’t be in a bank either. Since the forum last kicked this idea around we’ve seen at least in the USA multi-percent average price inflation per month and the EU & WEF steaming along with plans for worldwide social engineering through CBDCs. If the issue of wallet security & privacy in Cardano is abandoned then people stand to lose more than just a few coins…
Although this seems like another subjective generalisation, it does come from a popular though naive assumption that hardware wallets cannot be insecure by design. We depend upon an industry full of black boxes from the level of user tech all the way up to the Internet backbone and even a casual search will confirm all these product classes are full of undisclosed spyware.
As a case in point nearly half of Internet backbone routers made around the world have backdoors for selective IP address monitoring… courtesy of developers inserted into Dell & similar companies by No Such Agency and its counterparts. The UK and the EU have been very active recently with draft legislation requiring all non-custodial wallets to require KYC with an identity framework. And we all know the Chinese approach to embedded spyware… so what place on the planet does that leave to manufacture a hardware wallet without an undisclosed back door?
This leads us back to our goal of an open & flexible security platform: to supplement, rather than supersede, the popular imperative that you’re “not safe” without a hardware wallet. With a simple & verifiably secure browser-extension light wallet in a security-tuned browser, users would have a compelling (though sometimes inconvenient) alternative to placing themselves at the mercy of the black box hardware wallet designers and those who sell them.
Greetings All,
As for favorite dApp-friendly light wallet for security, I give no preference to any and assume that all of them are backdoored. For this reason, I never started purchasing ADA until Cardano started supporting the Ledger Nano S. All my life’s savings is in crypto. For this reason I also assume that my computer monitor, keyboard, mother board, WiFi, Bluetooth, BIOs, OS have also been hacked. Then I imagine that there are camera’s and microphones all over my house and in my clothing. I consider my phone, smart watch, and bluetooth earbuds under the control of the CIA and Organized Crime, and I don’t trust my Nano S either. All that said, I feel my funds are much safer in my custody than in the bank or with any other centralized entity.
If I use a Nano S then nothing on my computer can see my private keys. So as long as I check that what the Nano S says matches exactly what my computer says, and that this is what I intend, then I know my hacked computer can not steal my funds.
Still, how do I know that the 24 words generated by the Nano are really random? I don’t! Maybe the Ledger company knew exactly what 24 words it was going to give me. So I use a very long and completely random 25th word that I chose myself as the salt. What if the Nano is making it’s own salt and ignoring my 25th word? For this reason I check that the same 25 words in a Trezor will give me the same results. So that would stop my hacked Nano from stealing except of course for the radio inside that is trying to transmit my 24 words and the 25th word to my phone, and my phone is trying to send it to North Korea. That’s why my phone is in the microwave oven when I am working with crypto.
Anything we can do to make it harder to steal our own crypto makes the entire community stronger. That’s why I shared the open source www.privatekeyvault.com. The next time I build one of these I am going to set it up using the procedure show at The Frankenwallet | COSD
I don’t think any of these precautions will stop a determined criminal or government from stealing my funds but fortunately there are much bigger accounts to hack so that gives me some comfort.
In any case, I feel I need to do all these things when working with crypto and I still think that my life’s savings is safer than in the bank where I know that at least 10% of my money is stolen every year by my government through inflation, so I’ll take my chances with self custody.
There really is no such thing as fool proof security. It’s about balancing caution and risk.
For example you could technically perform a brute force dictionary attack against seed words, generating private keys, importing them into a wallet, checking for balance, and repeat this for eternity on a cluster of machines. Depending how powerful your “botnet” or “cracker” rig was you would eventually uncover a valid key and be able to drain funds even from a hardware wallet that was located in a safe in a military bunker under 24/7 armed security details. All you would need is internet and time. This is because ALL blockchain tokens actually exist on the chain. You don’t actually have custody of anything ever … you only have custody of the key but there are plenty of ways of copying, accessing, and compromising that key.
That said a hardware wallet is better than an encrypted file on your machine which is better than a plain text file which is better than a post on facebook. The reality is all you can do is try to make it a little bit harder so thieves go after someone else but if you are crazy enough to have more money in crypto than your annual income, home equity (bad news renters), or any other asset with actual intrinsic value you might as well be buying lottery tickets. Same is true of stocks, bonds, or any greed based financial machinations out there.
Blockchains are definitely cool but on the hierarchy of needs it’s significantly diminished somewhere after self actualization
Respectfully Dino, I have lost all my money in ADA twice because the markets crashed twice since I’ve been holding. It never bothered me and I never sold my ADA because all am trying to do is support a financial system that gives everyone an opportunity to participate - It’s not greed for most of us in the Cardano community. I had just bought into ADA at 80 cents when it crashed to 3 cents. When that happened I celebrated and bought more! Glad I did because it went to 300 cents. But I didn’t sell any because I am just using it for money - I am not using it to get rich. There is no exit plan for me. I am in Cardano because decentralizing financial power makes every human being richer.
Everyone has a different situation. My retirement plan mostly includes poverty and death so I am not pretending like I have any answers or financial advice to give. I am above average when it comes to computer science and software engineering so I can talk about technology at least.
Generally technology growth has been a bit more violent and exponential than other industries. Typically every 3-5 years or so something gets annihilated and replaced by something better. Often this was based on the previous work and research. To use a phone analogy when cellular phones were first introduced they were these huge clunky things that no one really used or new much about except for people directly involved in creating them. As they got smaller and more useful with additional features they began to be adopted by people who were not technical for business and then later personal use.
Fast forward a couple decades and most people in the world could probably not function without their smart phone, various apps, constant high-speed mobile internet, etc in their pocket. Nokia flip phones that could barely send SMS by translating DTMF tones were way more advanced than ISDN based telecom, analog phones, etc. Alexander Graham Bell, the inventor of the original telephone, probably could not have even imagined what we would take for granted on “telephones” today.
Now the problem is unlike blockchain tokens phones could never have been misconstrued as financial constructs for an individual or families life savings! So I am cautioning that we are in the early stages of this technology. Putting your life savings into Nokia flip phones and waiting would not have worked well. They were all the rage and were possibly the best technology of their time but today you could not even connect to the mobile network or give them away for free.
The ONLY option for someone who did that would be to sell them all in the 90s at the peak of their value and then start buying Blackberrys cheap with the profits, then sell all those at a profit and so on until today they were living off the proceeds of selling AI chip enabled iPhones or something.
It is imminent that in the next decade or so digital currency adoption will increase. However what we will all be using then has not even been invented yet and if Cardano is even still around in 20+ years it will be as a museum plaque describing the history of blockchain research and development.
I like your retirement strategy @DinoDude. Mine might turn out to be the same as yours. In any case I am not afraid of being poor but I am terrified of being afraid to take chances.
To use your telephone analogy, Cardano was originally designed as the flip phone that could grow into a smart phone. We have seen this playout at each hardfork combinator event where greater performance and important new abilities are added.
So what is a good asset for storing the value of your life savings?
The bank where your money is stolen by government through inflation at 10% a year?
The real-estate market where the banks create a bubble through predatory lending and then bet against the market thought the use of derivatives which causes it to crash?
Stocks in companies? The average life span of a publicly traded company is just 21 years. I don’t want to be holding that bag when the company collapses.
Then consider that all of these assets disappear during times of war.
Cash, bank accounts, real-estate, and stocks are all necessary and but they are not particularly safe and they are becoming less valuable for stores of wealth as blockchain technology becomes more and more able to provide the same functions. That said, if you don’t want to be intermittently poor then it might be good to diversify.
This is not advice, but my strategy is to invest the best technology which is most likely to be useful to the greatest amount of people across the planet and to pay no attention to the market. I may die poor using this method but I’ll leave the world a better place. On the other hand, if best technology and most utility predict success then I might become wealthy and contribute to everyone else’s wealth too by supporting the industry that reduces corruption by increasing transparency and that increases growth by including everyone.
I don’t think any of these precautions will stop a determined criminal or government from stealing my funds but fortunately there are much bigger accounts to hack so that gives me some comfort..
Then break it down by details that I care about and that you might as well:
Nami
Browser extension. Made by Alessandro! (SpaceBudz, Berry Pool, many CIPs, etc)
Tech Stack: React, JavaScript, NodeJS, Blockfrost, etc
CIP-0030?: Yes! (in fact this project started the “dapp connector” CIP)
HW?: Yes! (Trezor & Ledger)
Audit?: No, but it’s open source so feel free!
Vulnerabilities?: No more than any other browser based app using node modules.
I went into more detail here as it is the first dapp wallet, is fully open source, and has a large community following as well as a lot of users. This originally was going to be the only wallet I was going integrate with my project.
Eternl
Web or extension. Previously named ccVault. Made by Titan Pool team and others of the community.
Harder to determine tech stack as it’s closed source. Possibly Jekyll, Hugo, Wasm, or some other static generator? I like the idea of a community dapp wallet inspired by ADAlite design. This is currently my top choice if I wanted to fiddle with dapps as I try not install browser extensions unrelated to security.
Gero
Proprietary tech stack. No GitHub or source code of any kind. Chrome browser extension only. Made by ??? and includes a fungible token … hard pass for me as I won’t even install Chrome or anything from Google.
Flint
Browser extension. Multi-chain, multi-use, multi-verse, multi-everything. Offers truckloads of information on their website. As we just learned former members of Emurgo are on the team. They are also hiring … enough said! Possibly my new favorite and I will at least have to add support for it in my project even if I don’t use it myself.
Card
Web, extension, and mobile. Proprietary. New kid on the block funded by Occam??? Keeping my eye out for development and other updates. Currently a pass as terms like “liquidity” aren’t as interesting as “community” to me.
Note: this high-level summary is based on research I did months ago when choosing the 3 wallets I was going to integrate!
You could argue that it is a vulnerability that it is open source. That made it easy to create a lot of fakes/clones.
Also, the very small team is obviously not able to provide enough support. I totally understand that, but it again makes it easier for scammers to lure people to fake support sites. Happened a lot around the SundaeSwap start.
Eternl would also be my favourite from this list by far, but I do not understand that point. In order to use DApps, you have to install a browser extension. Eternl has a web app version, but that one cannot do DApps.
??? All of them are available only as extensions for Chromium-based browsers. It’s not special about Gero. It’s the same for Nami, Flint, Eternl.
…, but they only do Cardano at the moment, don’t they? So, the multi-chain is a useless chain selection UI element at the moment?
I would consider Nami, Gero, and Flint so reduced in functionality that they are not even competition to Eternl. They might be nice as a second wallet app, but I could never stand them as only wallet app.
Totally personal preference, but Gero and Flint also lost my sympathy by forcing me to unlock every time I want to use them and by arbitrary restrictions on the wallet names. Also, Gero has such ridiculous “There have to be numbers in the password.” requirements and the most prominent part of Flint’s UI is a huge chart of the ADA market value that I don’t really care about day to day.
Flint will send to the Milkomeda C1 chain if you select “Milkomeda mode” (there’s currently no reverse direction; you need a separate unwrapping web-based dApp to get your tokens off the sidechain):
The part that doesn’t work in Flint at the moment is pointing the wallet at an Ethereum sidechain; therefore an EVM compatible wallet is also required for wrapping (as illustrated with Metamask on the doc page before this one).
The devs who created the key encryption architecture may not have been responsible for that… yet still the passphrases of all users of that wallet were made available to Google and all its minimally cleared employees for months.
