Hi, with security being the most important thing for me I am wondering about using Yoroi vs Daedalus. I have a Mac computer that I bought specifically to use with Daedalus and am also thinking of getting a hardware password generator. I have never really liked my computer and with Yoroi coming to ios am thinking of selling it for an iPad.
How much security am I giving up if I go with a light client? Thank you for any and all input!
2 Likes
If the security is the concern, I would go /w Daedauls, but it depends on your knowledge in CS and/or IT. If you lack of knowledge on these above, go w/ Yoroi as Chrome’s sandbox and non-jailbroken phones are quite secure. But, security has different abstractions and layers and as I mentioned in some other topic, we the ppl are the weakest link in it.
Yoroi, like any other light wallets, which do not use SPV like solution, relies on some centralised servers for transaction validation. Means convenience versus decentralisation and you know why bitcoin was invented, don’t you?
Also, it’s your money, I would not put/store my savings unlock key (recovery seed, private keys) to any computer or phone. Use, paper and pen instead, that’s the safest, believe it or not.
I was thinking of developing some wallet in which you would have multiple accounts and could put all of your savings into an account in that wallet by removing the recovery seed, master secret key, and the derived account’s secret key (which requires to witness a transaction). E.g. create an account send everything to that address, but remove any seed recovery phrase, master secret key and account secret keys from the device or pc relating to that account.
But, unfortunately, rust-cardano caches the master key of the wallet, so no way to have secret keys for only some accounts.
Anyway, I would love to see some this kind of watching-only feature (along with some others like BIP47, Mimblewimble etc) in Daedalus and/or Yoroi for the general public.
Cardano is still very immature and I would say it needs at least 3-5 years to get close to what they want to achieve. So, one more cycle from 2020 with IOHK should be enough.
7 Likes
Thank you for responding, much appreciated.
Hi Brad,
At
we tried to give an explanation, on differences and functionality of both wallets.
5 Likes
Thank you.
When using Daedalus you only have to trust yourself (not messing up) and your computer. When you use Yoroi you have to trust yourself, your computer (or iPad) and (for now) Emurgo. Emurgo does not have your private keys, but they provide the full ledger. See this video: https://edu.clio.one/full-node-light-wallet/
I think it is the best to use either Daedalus/Yoroi, but in combination with a hardware wallet like Ledger/Trezor. See: https://cardanowiki.info/wiki/Comparison_of_Ada_wallets_and_exchanges
5 Likes
Thanks for the feedback!
I don’t rly think paper wallet is safer, and it’s also not practical.
It’s practical enough if u wanna save your money for long term and don’t expect to take it out anytime soon. For that, u can write ur seed on a paper, and save ur address on your PC. Every time u wanna send money to that wallet, all u need is its address, while its address is useless for taking the money out.
But, if at least once a month u wanna take any money or token out or interact with some smart contract, it’ll be a nightmare. Every time u’re gonna do that, u’ll need to setup a software wallet, import the seed, do the job, then remove the wallet from the software, delete its cache, wipe deleted files from ur HD/SSD.
And u still risk some keylogger having captured ur seed when u typed it to have it imported.
This handling of ur paper also risks it getting dirt, torn, wet, and somebody see where u’re hiding it. And, on the first time u had created this wallet, its seed was present on ur PC too.
With a hardware wallet, nothing of that happens. Its seed is never ever present on ur PC, it’s shown on the hardware’s screen and u write it on the paper (yes, u must write hardware wallet’s seed on a paper and keep it hidden and safe!) looking on that screen, not on ur PC.
Every time u make any transaction, it’s sent to hardware wallet, which signs it and sends it signed back to PC software. It’s very very very practical, as u can leave the software wallet installed and setup, no need to delete everything to assure security. When u need to do any transaction, just execute it, connect ur hardware wallet, and use it.
Hardware wallets also have plausible deniability, so that u can have a main wallet where u manage little money and game tokens, and other hidden wallets for storing long term higher amounts money. When properly set and used, nobody will ever know u have that hidden money, even knowing u have a hardware wallet.
Think of it a bit, and as always the context is very important, but for clarification I meant paper wallet = a piece of “normal” paper (last for centuries) /w hand written mnemonics, private key, master seed or similar, by pencil or pen (not recommend), what would you need (or similar like cryptosteel) for HW wallet too. So, my statement, I think is still hold.
1 Like