The LTB Network Forum


How safe is counter wallet

Back to LTBcoin Talk

Jump to bottom

Comments

chavboy

I was pondering this question when I happened upon a thread by Eddie which stated "counter wallet empty". Well I was hoping to get to the end of the thread and all was fine and dandy in the world, but alas it seemed like a mighty pain in the arse, I haven't got much in mine at the moment but as the value of the wallet grows, this question will be on my mind all the more. So how safe is it, I would appreciate you good peoples opinion on this, and some first hand experiences. Thanks

0 likes
  • cc5alive

    I'm not a security expert by any means, but I think the short answer is that it's "relatively safe." You are still reliant on third parties and if your computer isn't secure, you could be compromised in some way.

    You might enjoy the Tokenly Pockets chrome extension where you can enter your 12 word passphrase but also add a password for another layer of protection. https://github.com/loon3/Tokenly-Pockets

    Or you can wait for a working version of Counterparty QT (not sure where development on that is right now).

    Twitter: @cc5alive

    Permalink
    0 likes
  • Rob

    @cc5alive

    Hey, I see you're in LA! Have you attended any of the Bitcoin meetups?

    You might enjoy the Tokenly Pockets chrome extension where you can enter your 12 word passphrase but also add a password for another layer of protection. https://github.com/loon3/Tokenly-Pockets

    I believe that the Tokenly Pockets password is just a way to lock the data on @loon3's extension, and then access it again quickly with a more simple (perhaps memorable) password, rather than having to enter the whole passphrase again. Calling it a second "layer of protection" makes it sound more secure than Counterwallet, but I think you can only say that if you're comparing leaving your Counterwallet active on your browser, vs. using Tokenly Pockets with a password.

    If you want to be super-secure, google ways to use Armory with Counterparty assets. Also, you could transfer valuable assets to a paper wallet (or any Bitcoin-holding instrument), as long as you can import the private keys back to a Counterparty-capable wallet when you want to do something with the tokens.

    For what it's worth, I think at least one security audit has been conducted (by a security expert) on Counterwallet, but I don't think that's the case with Tokenly Pockets. And if you want to get really paranoid, you could definitely worry about all types of things. How many people have reviewed the code for each wallet (perhaps more have reviewed Counterwallet)? Are there any attacks on libraries that either wallet uses that aren't widely known? There are many levels of trust involved when you use any wallet.

    I'm not a "technical person," so perhaps someone can improve (or correct) anything above if it's not completely accurate. I don't know enough to understand the attack surfaces of either wallet.

    Permalink
    0 likes
  • loon3

    Calling it a second "layer of protection" makes it sound more secure than Counterwallet, but I think you can only say that if you're comparing leaving your Counterwallet active on your browser, vs. using Tokenly Pockets with a password.

    This isn't really a fair comparison. Data stored in a Chrome extension is sandboxed from the rest of the web (and other browser extensions), and data in a browser (i.e. Counterwallet) does not have that level of security. Since Counterwallet requires you to enter your 12-word passphrase every time, unless you've memorized it, you'll need to have it written down somewhere either on paper or on your computer which are both less secure than having it encrypted in the local storage of Tokenly Pockets. There's also the option to download the Tokenly Pockets source which would prevent you from receiving updates but would be much more secure than Counterwallet running on a web server since the code is stored and served locally and can easily be audited before using.

    Permalink
    2 likes
Jump to top

Post Reply

Please Login to post a reply to this thread.

© Copyright 2013–2016 The LTB Network. All rights reserved .