EmiratesSetup

Our valued sponsor

EmiratesSetup
SWISSMONEY Iban Accounts with Sepa
EmiratesSetup

Atomic Wallet exploited, users report loss of entire portfolios

#5
Well , I am not expert.......Please correct me If I mention something wrong.....Happy to learn things

As Far as I know ......Non custodial wallet are safe If you know how to properly use them....As there is no centralized server where wallet details is store...so server side hacking is impossible ....like in MT GOX, Bitfinex cases

The things that hack your Non custodial wallet

1) quantum computer
2) You do not download wallet from trusted source .....You download some wrong wallet
3) Your Mobile/Desktop has some sort of malware/spyware
4) You unintentionally leak your seed

except the quantum computer risk....all can be face easily ....If you are careful enough......

Expert comments are welcome
 
#6
@azb1 as a developer I will say that no wallet is fully secure, you have more and less security based on how they work but even hw are not fully secure. Also your keys could be in a server and still be non-custodial depending on how it works.

Being honest number 2 and 3 are impossible to prevent if you are the target of a good attack and the wallet has bad security practices. For example if the wallet you are using isn't well protected to XSS attacks then even if you only download the wallet from the official source and your computer is not infected with malware, hackers can still take the seed from your wallet without you ever notice it. Even without the need of a hacker involved there has been bad practices from wallet creators where they even have logs for development purposes which by definition should never be in a wallet but yet we see them and an old massive hack with a Solana wallet was an example

I would never care about number 1 btw, people who are always making a big deal about it are just not looking where they need because if lets say pbkdf2, sha256 hashes and AES get broken because of quantum computer... Your bitcoins are the less important thing you should care about. This is similar to those saying the dollar and banking system imminent doom: In such situation there are more important things than where you buried your gold bars.

The safest way known today are hardware wallets, ledger being the safest one today.

PS: You also need to have good practices about how you backup your mnemonic phrase
 
  • Like
Reactions: jafo, troubled soul and JohnnyDoe
#7
azb1 said:
Well , I am not expert.......Please correct me If I mention something wrong.....Happy to learn things

As Far as I know ......Non custodial wallet are safe If you know how to properly use them....As there is no centralized server where wallet details is store...so server side hacking is impossible ....like in MT GOX, Bitfinex cases

The things that hack your Non custodial wallet

1) quantum computer
2) You do not download wallet from trusted source .....You download some wrong wallet
3) Your Mobile/Desktop has some sort of malware/spyware
4) You unintentionally leak your seed

except the quantum computer risk....all can be face easily ....If you are careful enough......

Expert comments are welcome
Click to expand...
5) Wallet software uses compromized random number generator. Whole executable stack is a sueface of attack. If it's javascript, sone dependency was compromized.
 
#8
JosephLL said:
5) Wallet software uses compromized random number generator. Whole executable stack is a sueface of attack. If it's javascript, sone dependency was compromized.
Click to expand...
I would have phrased it: "Some Wallet Software" instead because not all of them fall into it and because no only wallet software does it, Kaspersky vulnerabilities because not using fully random generators and people saving seeds there for example.
 
#9
latindev said:
@azb1 as a developer I will say that no wallet is fully secure, you have more and less security based on how they work but even hw are not fully secure. Also your keys could be in a server and still be non-custodial depending on how it works.

Being honest number 2 and 3 are impossible to prevent if you are the target of a good attack and the wallet has bad security practices. For example if the wallet you are using isn't well protected to XSS attacks then even if you only download the wallet from the official source and your computer is not infected with malware, hackers can still take the seed from your wallet without you ever notice it. Even without the need of a hacker involved there has been bad practices from wallet creators where they even have logs for development purposes which by definition should never be in a wallet but yet we see them and an old massive hack with a Solana wallet was an example

I would never care about number 1 btw, people who are always making a big deal about it are just not looking where they need because if lets say pbkdf2, sha256 hashes and AES get broken because of quantum computer... Your bitcoins are the less important thing you should care about. This is similar to those saying the dollar and banking system imminent doom: In such situation there are more important things than where you buried your gold bars.

The safest way known today are hardware wallets, ledger being the safest one today.

PS: You also need to have good practices about how you backup your mnemonic phrase
Click to expand...
Thanks for details answer
 
You must log in or register to reply here.
The Kingdom Bank

Forum Announcement

Latest Threads

The KingDom Bank
Offshore Bank Accounts
SWISSMONEY Iban Accounts with Sepa
Top Bottom
Back