In the crypto world, your wallet is essentially your identity. If you’re looking to interact with blockchain technology in one way or another, a wallet is your key to that world. However, there are many different wallets available, with more innovations introduced daily. This series will explore different types of wallets, organized into four main groups. But first, let’s take a look at what a wallet is.
In Ethereum, a wallet provides you with two main pieces of information: a public address (or multiple) for receiving assets and some sort of private information used for access. Public addresses take the form of a 42 character string, beginning with ‘0x’. The private information that comes with this address can be a private key (another string of 64 hexadecimal characters), a mnemonic phrase, or a keystore file. In addition, some wallets add a password or pin for daily wallet access. With the public address and your wallet’s access information, you can explore almost every corner of the Ethereum world.
The first group of wallets outlined in this article comprises those that look like a website or desktop application: specifically, web-based, PWA (Progressive Web App), and desktop wallets. This group represents one of the most popular wallet formats, and most wallets out there offer some sort of web or desktop setup.
Web-based wallets are interfaces that are found by typing in a website - or, by clicking a bookmark, like a secure and smart user should do. A good example of this type of wallet is MyEtherWallet (MEW). All interactions can be made right within the web interface, and data (for saving wallets or adding custom tokens) is stored locally and temporarily within the browser itself.
This is the easiest type of wallet to set up because it requires no installation or downloads. However, there is some concern about the vulnerability of web wallets to hacks and phishing attacks. In fact, many web wallets (including MEW) store absolutely no user information, so the wallet itself can’t be hacked to access user data. Most phishing attacks are executed via fake URLs or spying malware, and loss of assets is preventable with education and best security practices.
Another thing to keep in mind is that a web-based wallet functions best as a comprehensive interface that is accessed through integrations with hardware wallets, ‘browlet’ extension wallets, and phone apps. Direct software access via private key, mnemonic phrase and keystore file is still available on many web and desktop wallets, but the industry is stepping away from those methods because they are not sufficiently secure for online use. Instead, web-based solutions like MEW are evolving into platforms that offer myriad ways of interacting with the blockchain, while wallet access should be handled with secure devices.
One concept that originates with web-based wallets is the term 'paper wallet'. This is when you print a piece of paper that carries your public address and private key on it. In this method, your keys are kept off of a computer where it could get phished or stolen. Instead, it’s kept in the physical world and only used when needed. If you choose to access the assets held in the paper wallet, it’s best to use an offline method. That way your private information is never transmitted through the web for all to see, but instead is encrypted and transmitted through safer methodology. Keeping your keys off the internet in a paper or hardware wallet is referred to as ‘cold storage’.
Education is the best resource for knowing how to navigate these crypto waters, so it’s suggested to DYOR (do your own research). MEW offers a wealth of educational material in the MEW Knowledge Base, as well as a dedicated support team found at firstname.lastname@example.org. MEW is open-source as well, so if you’d like to build or suggest, you can make your own contributions straight to GitHub.
Progressive Web App (PWA) Wallets
PWAs are web-based wallets that can be downloaded as a desktop or smartphone application. This option has its advantages over website-only wallets, as PWAs offer offline capabilities, smoother interactions, and more reliability. They can also sport completely different UI/UX than their web counterparts, designed for mobile viewing, more speed, and stream-lined interactions.
The Chrome browser has updated its interface to include PWA download buttons right in the URL for all websites that offer this option, making it easier than ever to download desktop or smartphone app versions of your favorite websites. It also eliminates the need for submitting products to App stores, waiting for approvals, and remaining at the whims of a third party. PWAs are accessible immediately, straight from the browser.
Desktop wallets are similar to PWAs, except that they are built specifically to be downloaded and used separately from a browser. They can also be accessed offline and provide smoother interactions for their users, but the main difference is the necessity for a download or installation. Desktop wallets run right from your desktop (big surprise!), but they still store your keys directly on your computer. A couple examples include the Exodus Wallet and Atomic Wallet.
These types of wallets are touted as being safer, as they don’t fall prey to URL schemes or transmit personal data directly in a web browser. It’s important to stay vigilant, however, because phishers are innovative and tricky. A desktop wallet won’t stop spyware from seeing your personal information, and it won’t protect you from sending your own assets to bad actors.
Web-based wallets, PWAs, and Desktop wallets are not considered cold storage. Although you can interact with them offline, you still need an internet connection to send a transaction. With a few exceptions (like using MEW’s offline tool), all wallets described thus far are hot wallets. This means they run the risk of the user’s private access information being intercepted during transmission, rather than keeping the keys completely separate.
In Part 2, we’ll be looking at hardware and hardware-like wallets, delving into the benefits and challenges of using cold storage and HD wallets. We’ll also go deeper into the security of various access methods. Stay tuned!