by Veriphi 10 months ago

In this publication, Veriphi has undertaken the task of analyzing a few dozen of the most popular software wallets and highlight the various features of each one. Before purchasing bitcoins, investors must analyze the various options available to them in the industry by weighing their pros and cons.

This choice can be quite difficult for many, because the user needs a minimum of technical knowledge.

Veriphi presents you a complete table that includes a set of 48 possible features to take into account when choosing your software wallet. We also make comments explaining why some should not be chosen to secure your Bitcoin for the long run, at least for substantial amounts. The criteria taken into account for our evaluation and recommendations are based on the notions of security, anonymity and sovereignty.

We use a gradation system consisting of four colors :

For those who are familiar with most of the Bitcoin concepts, they can jump right into the table and see if their favorite wallet is there. If it isn’t recommended, we invite you to understand why. If you are looking for a new software wallet, this is a great way to get an overview of the options. For beginners who are still in the exploration and discovery phase or for those looking to refresh their memory on various aspects, we invite you to continue reading as well.

If you have questions about your wallet or your Bitcoin needs in general, you can contact Veriphi for a free 15 minute consultation.

Contact: contact@veriphi.io

Link to table: https://docs.google.com/spreadsheets/d/1aZ1zbaUEzCo9NCctN8-eL2VLIiSdY009tTJvRXDUWEw/edit?usp=sharing

We will briefly explain each of the features analyzed in our comparative table. Some of the features are preferable to others, so we will be giving our opinions on some of them. Of course some of these wallets look more suitable and attractive than the safer ones due to their ease of use. However, be aware that some of the more user-friendly wallets come with their share of trade-offs, mainly in terms of security, anonymity and sovereignty. Here is the list of 48 features organized in respective categories.





Wallet Types

There are many types of software wallets on the market. Each type is often a question of balance between usability and security. Generally speaking, user-friendly wallets have fewer security features. Depending on your level of expertise in Bitcoin, it may be easier to get started with a simple wallet to become familiar with the use of Bitcoin and then gradually shift towards more and more robust solutions. Don’t get us wrong, there are many security solutions that minimize complexity as well..

Web Wallets

They are accessed from the internet and are often offered free of charge by third parties. In most cases, the user has to fully trust the company that offers it and often the entity controls the private keys. This is a hacker’s paradise since there is a lot of valuable information stored in one place.

Desktop Wallets

They are downloadable software that takes the form of an application directly on your computer. The user is in complete control of the private keys. However, due to the high corruption rate of non-vigilant user’s computers, there is a significant risk that the computer itself will be infected and a fairly talented hacker could steal the funds.

Mobile Wallets

They are applications that can be downloaded directly to a mobile phone. It’s a practical solution for users who want to have a small portion of their funds easily accessible, particularly for everyday use. They are generally easier to use than desktop wallets due to their mobile nature. It’s not recommended to use mobile wallets for large amounts since their security is limited as well.

Hardware Wallets

They are devices specifically designed for the usage of Bitcoin by offering a safe environment for creation and management of private keys. The hardware wallet market developed quite rapidly in the history of Bitcoin due to the desperate need for specialized equipment for the preservation of Bitcoin private keys. There are many options on the market, each with certain variations. Their price usually varies between 50 and 200 US dollars. We won’t be covering hardware wallets in this article, we’re limiting ourselves to software wallets.





Bitcoin network connection methods ﻿



In order to make Bitcoin transactions, your wallet needs to connect in some way or another to the Bitcoin network so that your outgoing transactions get broadcasted or so that your incoming transactions are detected. There are several methods that exist to do so and again this will be a question of a balance between ease of use and security. However, one thing is certain, your wallet interacts sooner or later with a full Bitcoin Node, the different peers that make up the Bitcoin network.

Ability to connect your wallet to your bitcoin full node

A full node is Bitcoin's main software that allows you to interact with the Bitcoin network directly. By maintaining your own node, you become a peer in the network and have significantly more control, security and anonymity when it comes to using Bitcoin. In the comparison table, we show you whether the respective wallets offer the ability to connect to your own node. Those that allow this feature are favored and considered safer because you’re not forced to use the service provider’s node. It’s really important to keep in mind that a node that doesn’t belong to you manages your interactions with the Bitcoin network and can hold and analyze the information and history of your addresses.

Does it connect to a Backend Server?

If your wallet does not connect directly through a node in the Bitcoin network, it’s an API wallet which requires a back-end server to connect to. This is often a centralized server infrastructure that will manage interactions between its users and the Bitcoin network. There are many reasons why a Back-end can be used, including providing additional security services and other features. That said, the use of a Back-end is necessary in all web wallets, but that doesn’t guarantee their security.

Is the Backend Open-Source?

For the sake of transparency, some API wallets will decide to open-source code of the back-end server. This allows the users to run their own version, to be fully in control. It also allows for auditability of code for security and privacy reasons. Generally speaking, it’s very positive when the back-end is open sourced. It also encourages active participation by the community.

API

API wallets are those which connect to a back-end server, not to a Bitcoin node directly. By default, they connect to the service provider’s node, and fully reveal the user's xpub to automatically retrieve the wallet’s information and addresses. The API is just the way the wallet communicates with the server, so it's possible to connect to your own full bitcoin node this way, if the back-end code is open-source.

SPV (No Back-End)

SPV (Simple Payment Verification) wallets connect to random nodes in the network and request information about the user's transactions, but also other transactions that are not by the user. This makes the user less discoverable to the network knowing that it can be difficult to determine which transactions are actually related to it. This is a connection method generally considered more private, but does not provide the anonymity benefits by running a complete personal node. Most SPV wallets use the Bloom Filters implementation, which has been proven to offer very low privacy.

Programming language

The different wallets can be written in multiple programming languages depending on the features and level of security that the developers want to benefit from, but mostly they depend on the platform for which the wallet was developed.





Security functionalities

Many security measures have been developed and gradually implemented on the wallets to make the storage of bitcoins safer. It can be difficult to distinguish which methods should be implemented in your own solution. Start by learning how to make use of them and gradually familiarize yourself to know which best fit your needs.

Funds Backup Mechanism?

Your wallet backup is the most crucial element in your entire bitcoin operational security. It can exist in several forms, either a sequence of 12 or 24 words or an encrypted computer file. No matter what form it takes, your backup allows you to recover your funds in the event of loss or lack of access to your wallet. It’s absolutely essential to keep it in a sheltered place that isn’t likely to be compromised.

Is the Backup Forced?

Some wallets let the user skip the backup of their funds. This can be dangerous for the careless user who will forget to note it once he starts using it. This is why many wallets will force the backup of funds by asking the user to rewrite some of the words to confirm that he has noted them. However, a forced backup at the beginning of the wallet installation can be a bad experience for a user who just wants to test the interface before making his choice.

Multi-signature

Similar to a physical vault only accessible with multiple keys, a multi-signature scheme allows you to control access to your bitcoins more securely by dividing access to it. This feature is very malleable, the user can decide the total number of signatures that are part of the scheme and the number of signatures needed to access it.

Can a Service Provider be a Co-signer?

In a co-signing wallet, another party must sign to approve a transaction initiated by the principal user. This amounts to putting your funds in a multi-signature contract 2-out-of-2. In the case of a theft of the backup of the user, it may be safer to have a wallet that requires a co-signing party. The transaction will only be released if the conditions of the second signature are met, such as a 2FA or email confirmation. In return, using a cosigning wallet results in trust in the co-signatory party and a loss of anonymity.

2FA

A 2FA is an acronym for “Two-Factor Authentificator”. It is an authentication method that combines several techniques for a user to confirm his identity.

Additional entropy

In order to generate the private keys of a user, the wallets will use several techniques to ensure that the process is completely random and unpredictable. The level of randomness (also called entropy) employed depends on the quality of the algorithms used. If theses are mediocre, it could be easy for a third party to derive the private key from the public address. Ultimately it can be extremely difficult for a non-technical user to know if the entropy employed in a wallet is safe enough. That's why the additional entropy option is an excellent security measure and allows the user to generate their own source of randomness.

Custodial or not ?

The preference of the user for this feature depends mainly on his technical skills as well as the amount of bitcoins they own. Thus a user could decide to keep his funds with a custodian rather than keep his bitcoins independently. When the user decides to keep their bitcoins, they take advantage of all the bitcoin benefits of sovereignty. On the other hand, they become solely responsible for their security and anonymity within the Bitcoin network.

Locking methods

Several methods are used to block the access to your wallet. This will often depend on the medium on which the wallet will rest. So many mobile wallets use the PIN method or a biometric identifier such as your fingerprint. Desktop wallets will use the password method instead.

Passphrase

The passphrase is an additional security measure that allows the user to add a password that mixes itself with the 12 or 24 words of the backup previously created by the wallet. This is a great way to gain extra security. On the other hand, the user will have to keep their passphrase as safe as the rest of their backup if they want to access their wallet.





Superior security and usability functionalities

Hardware wallet integration

Some software wallets can be paired with a hardware wallets. A user who wants to use the interface of a certain wallet and not the default interface of the physical wallet can thus benefit from the security benefits of a hardware wallet without compromising its anonymity. By using the default interfaces such as Ledger Live from the Ledger Nano X wallet, the user will deliberately give much of their financial information to the Ledger company. This feature is strongly recommended by Veriphi.

CoinJoin integration

Some wallets will be highly focused on anonymity. They allow the use of the Coinjoin protocol which consists of the coordination of several bitcoin mixing rounds. This technique is really advanced technologically and can be complicated to use for beginners. However, it is a property highly prized by bitcoiners who seek more anonymity in the use of their bitcoins. For those who want to learn more about CoinJoin technology, we invite you to consult this diagram produced by Veriphi.

Tor

For those wishing to ensure perfect anonymity in their use of Bitcoin. Using the Tor routing network is the optimal way to communicate with the Bitcoin network. Thus, the user makes sure not to allow spying companies or malicious actors to infer links between the addresses and transactions of a particular user with their IP address for example. It is strongly recommended to use wallets that allow connection to the Tor network for security and anonymity reasons.

Selection of the transaction fee

When a user conducts a Bitcoin transaction, before approving it and sharing it with the Bitcoin network, it is preferable if the user can select the transaction fee attached to it. The user therefore has more control over the speed of the transaction and the amount of the fee they will spend. A wallet that hides transaction costs could easily make its users overpay.

Bitcoin units

There are several denominations of Bitcoin. An individual Bitcoin is composed of 100,000,000 satoshis. Considering a future where Bitcoin continues to increase in value in terms of fiat, people are using more and more the unit of satoshis. A wallet that offers the option of changing the displayed unit is a plus for users.

Currency denomination unit (FIAT)

Some appreciate seeing the real-time fiat value of their bitcoins directly in their wallet. It should be known that it requires a communication with an external server implying trust in this party in question.

RBF (Replace by Fee)

This is a Bitcoin feature that allows you to make a transaction with any amount for the fee and then have the option to change the fee after broadcasting the transaction. If the transaction did not have a high enough fee at the beginning and is not included quickly enough for the user , they have the option to update their transaction with a higher fee to be included faster in a block.

Multiple Accounts

Some wallets will allow you to create multiple instances / accounts to better manage your bitcoins.

Individual coin control

The display of individual coins that make up the total balance of a certain wallet is a very important feature for the management of the user UTXO's. This allows for their better management. This is a feature considered advanced because it is not intuitive compared to a traditional bank account or only a simple balance being displayed. Each of the coins will have a particular history and could be used for different purposes.

Asking for an email

A wallet that requests the email address of a user always requires a link with an external server which will reduce the anonymity of the wallet. It is therefore not recommended to use wallets that require an email.

“RAW” Transactions

Rare will be the wallets that will allow you to broadcast a transaction that has been created out of the wallet. This gives the user the ability to create a transaction completely offline. This is a transaction highly prized by users who care about their privacy.

Signing Messages

This feature makes it possible to prove to an individual that they have a certain private key by signing the public key / address attached to it internally. The same tool makes it possible to verify that an individual owns the private keys they claim are in their possession.

Testnet

The presence of a Bitcoin testnet network within the wallet can be useful for users who want to dive deeper into the various Bitcoin functionalities as well as to experiment with them. By manipulating testnet coins outside the main network (MainNet), the user makes sure not to lose bitcoins that are potentially very valuable.

Batch Spend

Batch Spend is a method that allows you to combine multiple bitcoin transactions that normally would have required the creation of individual transactions. This is a method used to manage transaction costs more effectively because by combining them, they take up less space in a block.

PSBT (Partially Signed Bitcoin Transactions)

This feature allows you to use the power of multi-signature. By generating a partially signed transaction, the user will not be able to broadcast the transaction on the bitcoin network unless he fulfills the requirements of the multi-signature contract between several bitcoin wallet. The format of a transaction is manifested as a file that collects the information needed to make the transaction complete. For example for a 2-out-of-3 contract, the partially signed transaction will require an additional signature from one of the other two wallets involved in order to be successfully broadcasted to the network.

Possibility to exchange bitcoin to altcoins directly in the wallet

Some wallets will offer the opportunity to exchange your bitcoins directly for other altcoins. Veriphi does not recommend wallets with this feature.

Possibility to import private keys (PRIV)

This feature allows you to import a private key generated in another wallet directly into a wallet that allows this feature.

Address Types

Bech32

Bech32 type addresses are those that support the Segwit address format and will begin with the characters "bc1". This form of address is much more efficient in terms of the size they take in a block and so are less expensive in terms of fees paid. We highly recommend this address format. Some wallets do not support this format because they were against the implementation of Segwit.

P2SH (Pay-to-script-hash)

P2SH is an advanced type of bitcoin transaction that allows you to make bitcoins payments to hashes of a Bitcoin script. Bitcoin scripts may contain more payment and information conditions than a simple address. This transaction format is also more anonymous because the contents of the script remain hidden until it is executed.

The Market and Non-Technical Features

Free or not

An easy feature to understand. However, we must be wary of some of the free models, because they offer their services in return for a collection of information from its users.

Which coins are supported

Some wallets only support Bitcoin. We strongly recommend wallets that do so. By integrating multiple altcoins into a single wallet structure, it can be harder to keep the wallet completely safe.

Method of contact for client support

Several methods of contact exist to solve the problems of the users. Knowing that some wallets come from an open-source collaboration, some forms of help come directly from the community.

Possibility to buy and sell bitcoin directly on the wallet

This feature will only be possible if a link is made with a third party that will handle the exchange of bitcoins for Fiat. Virtually all will require a minimum of KYC to trade. So these are wallets that will not be anonymous.

Presence of legal use policies

When a wallet is a commercial service and is trust based, a policy of legal usage is attached to it to inform the user of the potential risks and consequences. A responsible user will take the time to carefully read the policies before putting any funds on the wallet.

Customizable user interface