The Essential Wallet Guide, Part 1: Web-Based and Desktop Wallets

The Essential Wallet Guide, Part 1: Web-Based and Desktop Wallets

While web and desktop wallets are popular and easily accessible, there are some security considerations to keep in mind with their use.

By Kosala Hemachandra

3 min read

In the crypto world, your wallet is essentially your identity. If you’re looking to interact with blockchain technology in one way or another, a wallet is your key to that world. However, there are many different wallets available, with more innovations introduced daily. First, let’s take a look at what a wallet is.

On Ethereum, a wallet provides you with two main pieces of information: a public address (or multiple) for receiving assets and a piece of private information used for access. Public addresses take the form of a 42 character string, beginning with ‘0x’. The access information to a wallet can be a private key (another string of 64 hexadecimal characters), a mnemonic phrase, or a keystore file. In addition, some wallets add a password or pin for daily wallet access. With the public address and your wallet’s access information, you can explore every corner of the Ethereum world.

Web-based and desktop wallets are popular and easily accessible, but there are some security considerations to keep in mind with their use.

Web-Based Wallets

Web-based wallets are interfaces that are found by searching for a website - or, by clicking a bookmark, which is the more secure and smart thing to do. A good example of this type of wallet is MEW web. All interactions can be made right within the web interface, and data (for saving wallets or adding custom tokens) is stored locally and temporarily within the browser itself.

This is the easiest type of wallet to set up because it requires no installation or downloads. However, there is some concern about the vulnerability of web wallets to hacks and phishing attacks. In fact, many web wallets (including MEW) don't collect or store any personal information about users, so the wallet itself can’t be hacked to access user data. Most attacks are executed via fake URLs, spying malware, or phishing scams, and loss of assets is preventable with education and best security practices.

Another thing to keep in mind is that a web-based wallet functions best as a comprehensive interface that is accessed through integrations with hardware wallets, browser extension wallets, and mobile apps. Direct software access via private key, mnemonic phrase and keystore file is still available on many web and desktop wallets, but the industry is stepping away from those methods because they are not sufficiently secure for online use. Instead, web-based solutions like MEW are evolving into platforms that offer myriad ways of interacting with the blockchain, while wallet access should be handled with secure devices.

One concept that originates with web-based wallets is the term 'paper wallet'. This is when you print a piece of paper that has your public address and private key on it. In this method, your keys are kept off of a computer where it could get phished or stolen. Instead, it’s kept in the physical world and only used when needed. If you choose to move the assets held in the paper wallet, it’s best to use an offline method. That way your private information is never transmitted through the web, easily stolen, but instead is encrypted and transmitted through safer methodology. Keeping your keys off the internet in a paper or hardware wallet is referred to as ‘cold storage’.

Education is the best resource for navigating these crypto waters, so doing your own research is essential. MEW offers a wealth of educational material in the MEW Help Center, as well as a dedicated support team found at support@myetherwallet.com. MEW is open-source as well, so if you’d like to build or suggest improvements, you can make your own contributions straight to GitHub.

Desktop Wallets

Desktop wallets are similar to web wallets in format, but they are built specifically to be downloaded and used separately from a browser. They can also be accessed while offline. A couple examples include the Exodus Wallet and Atomic Wallet.

These types of wallets are touted as being safer, as they don’t fall prey to URL schemes or transmit personal data directly in a web browser. It’s important to stay vigilant, however, because phishers are innovative and tricky. A desktop wallet won’t stop spyware from seeing your personal information, and it won’t protect you from sending your assets to bad actors by accident or as a result of being scammed.

Web-based wallets and desktop wallets are not considered cold storage. Although you can interact with them offline, you still need an internet connection to send a transaction. With a few exceptions (like using MEW’s offline tool), all wallets described thus far are hot wallets. This means they run the risk of the user’s private access information being intercepted during transmission, rather than keeping the keys completely separate.

Hardware wallets are considered the highest standard of cold storage security in the space – you can read more about them in our hardware wallet article. For the best security combined with convenience, consider a mobile crypto wallet.


Download MEW 📲 | Follow us on Twitter 🐦 | Check out our blog 📰