EN Wallet Security Report - tokeninsight.com 2018... · Bitcoin hardware wallet Trezor exposed security vulnerabilities, developers launched emergency mechanisms to upgrade wallet

tokeninsight.com

[email protected]

Feb 2019

Digital Wallet IndustrySecurity Report

http://tokeninsight.commailto:[email protected]

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsightGLOBAL TOKEN & RATING AGENCY

Preface

Digital Wallet Security Report

At this current stage, about 340 digital wallets have come to exist in the market. Due to differences in

product form, private key storage mechanism, and data retention integrity, they may exhibit different

features in different use-cases. These features may become vulnerabilities in certain circumstances

and cause digital wallets to be attacked. Once a security issue arises, the possibility of users' digital

property might be stolen, and because of the particularities associated with the structure of digital

currencies, stolen assets become very difficult to recover; this is why wallet security is so important.

TokenInsight Inc. has conducted research and analysis on the overall developments of the wallet

industry, the structural characteristics of different wallet projects, and identified user security by

researching, testing, and reviewing the data of nearly 120 wallet projects. From December 2018, our

organization has set out to build a complete system and framework of industry-wide security risk

classifications and performance evaluation models. We hope this report will provide useful

suggestions for wallet users and project developers.

TokenInsight pays close attention to the development of the wallet industry. At present, we have

completed the evaluation of nearly 120 wallet companies on an international scale. Our organization

has already covered the list of leading projects for different types of wallets such as hardware wallets

and software wallets. This wallet security report data comes from our TokenInsight database, the

projects themselves, and publicly availible data, providing solid support for the empirical research of

the wallet industry .

�2

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI


Table of Contents

1. Executive Summary

2. Industry Overview2.1 Wallet Overview2.2 Overview of the Wallet Security Industry

3. Technical Risks3.1 Carrier Risks3.2 Private Key Storage Risk3.3 Network Protocol and Login Risks3.4 Trading Risks3.5 Asset Transfer Risks

4. Artificial Risks4.1 Supply Chain Risks4.2 Privilege Chain Risks

5. Security Industry Outlook5.1 Expansion of the Security Auditing Business5.2 The Rise of Compatibility Wallets5.3 A Stumbling Block to the Asset Management Business

6. Appendix

56

810121315

1719

212325

4

27

Digital Wallet Security Report

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

Ⅰ. Executive Summary 1. As of December 2018, there are now more than 340 wallet projects, which increased by

approximately 30% compared with 2017, while the number of wallet users exceeded 34 million. As

of the second quarter of 2018, user growth rates were over 10%, but the growth rates in the third

quarter of 2018 fell to 7%. According to Google Trends, global attention towards the digital industry

peaked in January 2018, but then fell rapidly after February and remained steady through the year.

2. In terms of security incidents, hardware wallets have seen many problems in dealing with remote

transaction attacks, supply chain security and preventing brute-force attacks; while software

wallets were more affected by phishing attacks of access page and private key leaks. In 2018, the

loss caused by wallet security problems totaled about $1.2 billion. By risk classification, the main

problems seen in the wallet security field can be classified into technical risks and artificial risks.

3. Technical security issues involve the following aspects: carrier risk, private key storage risk,

webpage hijacking risk, login risk, transaction risk, asset transfer risk, etc. The risk of webpage

hijacking includes HTTPS man-in-the-middle hijacking and DNS hijacking. This problem requires

the user and the project side to work together to solve. At present, the two-factor defense set by

the project party has different defense capabilities due to different technical specifications, and the

transaction risk is still an urgent problem to be solved.

4. In the security risks faced by digital wallets, in addition to the security threats caused by

technology, it also includes the risks brought by the manual operations of different wallets due to

business needs, including supply chain risks and privilege chain risks. At present, the industry has

had effective control of supply chain risks; and the privilege chain risk is caused by the centralized

storage of the wallet, which points to the operational risk of internal staff. At present, there is no

effective control method for the privilege chain risks caused by problems such as private key

control and manual transfer.

5. In terms of development prospects in the security field, the demand and depth of the wallet

security review business will further increase due to the increase of the wallet project in 2019 and

the unsound security review framework; as new users will increase in 2019 and the security

requirements of the wallet are different at different stages, it is estimated that the wallet supporting

the centralized storage & decentralized storage architecture will be favored by the market; with the

rapid growth of the wallet asset management business, the reliance of the underlying centralized

private key storage architecture on the manual management system will be further increased. If

such artificial risks cannot be effectively controlled, the security risks of the digital assets stored in

the centralized wallet will be amplified and eventually hinder the development of the digital asset

management business.

�4GLOBAL TOKEN & RATING AGENCY

数字钱包安全性报告

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

Ⅱ. Industry Overview

2.1 Wallet Overview

More than 80 new projects were established in 2018, which increased by about 30% compared to 2017. In the field of wallet security, the loss caused by security vulnerabilities in the use of wallets in 2018 was about $1.2 billion. The security incidents were relatively concentrated in the leading projects with large users and digital asset storage.



新增项⽬目数量量（个）

0

20

40

60

80

100

2014 2015 2016 2017 2018

‣ Graph 2-1 Global digital wallet growthSource：TokenInsight

工作表 1cryptocurrency wallet: (2018) 总和

Null234679101516171819202425272832343639404142434851535659626980828486879095100

基于经度(生成) 和纬度(生成) 的地图。颜色显示有关 cryptocurrency wallet: (2018) 总和的详细信息。为 Country 显示了详细信息。

From the perspective of the global distribution of wallet search trend, most of the countries with high

attention to the wallet are located in Africa, Oceania and North America. Singapore has also entered

the top 10 of attention.

In 2018, the number of wallet projects increased by about 80, and the total number of projects

reached about 340. The increase was lower than in 2017 but still higher than in 2016 and before.

‣ Graph 2-2 Geographical distribution statistics of Wallet global search trend Source：TokenInsight，Google Trends

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



2.2 Overview of the Wallet Security Field

The chart below shows several serious security attacks on the wallet recently (since the focus is on

the security analysis of the wallet's technical architecture, the following incidents do not include the

theft caused by the attack on the exchange).

�6

Since the beginning of 2017, the security attacks and doubts of wallets have two characteristics: real-

time and wide-ranging. Whether it is a hardware wallet or a light wallet, security holes are inevitable.

Some wallet projects were attacked just after they entered the market, reflecting that the digital wallet

market is currently in the initial stage of technology or management in the security field. The

architectures of various security audits and parameter standardization have not been established.

Feb Cryptocurrency hardware wallets Ledger which got 75 million dollars in the B round financing was exposed to vulnerabilities

Bitcoin wallet developed by John McAfee, Bitfi hard wallet project was broken

Myetherwallet wallet had a security incident and hackers stole at least $13,000 in two hours

Hackers stole $750,000 worth of bitcoin using Electrum wallet vulnerabilities

Bitpay wallet had problems when using third-party services, the project side recommended users to transfer assets

2018

Aug

2019

Apr

Jan

Nov

Dec A group at the Chaos Communications Congress claimed to master the method of cracking most hardware wallets and demonstrate it

‣ Graph 2-3 Statistics of wallet projects suffered from security attack Source：TokenInsight

Intel chip vulnerability incident continued to ferment, triggering mass panic of software wallet

2017

Nov

Bitcoin hardware wallet Trezor exposed security vulnerabilities, developers launched emergency mechanisms to upgrade wallet firmware

Dec

Ethereum wallet Parity has a system bug, the developer starts the emergency mechanism, users' assets are frozen

Jan

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�7

损失⾦金金额（亿元）

0

2

5

7

10

12

2013 2014 2015 2016 2017 2018

钱包漏漏洞洞损失交易易所漏漏洞洞损失

‣ Graph 2-4 Comparison between wallet vulnerabil ity loss and exchange vulnerabil ity loss Source：TokenInsight

Technical Risks

Carrier Risk

Asset Transfer Risk

Login RiskArtificial Risks

Supply Chain Risk

Authority Chain Risk

‣ Graph 2-5 Classification of wallet risk vulnerabil ity Source：TokenInsight

Due to their different internal architectures, wallet projects have large differences in storage methods

and business modules. Regardless of the type of wallet, there are different levels of security risks in

terms of private key storage and transaction security. The loss caused by wallet vulnerabilities in

2018 was about $1.2 billion, 1.4 times the loss of the exchange in 2018.

After conducting data research on nearly 120 projects in the wallet industry, TokenInsight found that

the security problems that arise in the use of wallets mainly include technical risks and artificial risks.

The technical risks can be divided into carrier risk, private key risk, network risk, trading risk, login risk

and asset transfer risk, the artificial risks include supply chain risk and privilege chain risk.

Trading Risk

Private Key Storage Risk

Network Protocol Risk

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

Ⅲ. Technical Risk

3.1 Carrier Risk

By product form, wallets can be classified into hardware wallets and software wallets. The carrier of the hardware wallet is a physical device with a dedicated encryption chip, and the private key is stored in a protected area within the device. Taking Ledger as an example, its structure is composed of a security encryption chip, a display screen, a push button, etc. In addition to the basic private key storage and transaction functions, the wallet has detailed functions such as PIN verification, seed repair, and transaction initiation confirmation. The hardware wallets account for about 24% of the wallet projects in the market, the rest is the software wallets. Generally, the security level of the hardware wallet security encryption chip is required to reach CC EAL4 (that is, the financial encryption chip standard). According to TokenInsight statistics, projects that meet CC EAL4 and above account for about 65% of the total project. The failure of the security encryption is one of the reasons for the security problems in the use of the wallet.

According to the time of storage and transaction of digital assets, technical risks involve the following aspects: carrier risk, private key storage risk, network protocol risk, login risk, transaction risk, asset transfer risk, etc.



‣ Graph 3-1 Comparison of the number of walletsSource：TokenInsight

硬件钱包24%

软件钱包76%

未达到⾦金金融加密芯⽚片标准35%

达到⾦金金融加密芯⽚片标准65%

‣ Graph 3-2 Comparison of the security level of hardware wallet encryption chip Source：TokenInsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�9

‣ Graph 3-3 Statistics of chip implementation standard for wallets with eligible secure encryption levelsSource：TokenInsight

According to TokenInsight's 2018 Most Valuable Wallet - Hardware Wallet List (see Appendix for

details) Top10 samples, the processing chip security level is up to 70%. Trezor's Model T, One and

KeepKey do not use financial-grade security encryption chips, the rest are all up to standard. This

reflects that in the digital wallet market, especially in the hardware wallet market, there is currently no

agreement on industry standards, and parameter normalization is still one of the problems that the

digital wallet industry needs to solve.

数量量

0

2

4

5

7

9

CC EAL4+ CC EAL5 CC EAL5 + CC EAL5+ CC EAL6

The other type is the software wallet, which basically has three forms: PC, Mobile, and Web. Since

computers and mobile phones are not professional encryption devices, it is generally considered that

the carrier security of the PC wallet and the mobile wallet is lower than that of hardware wallet; the

Web wallet is considered to be less secure due to the need of frequent connection with the network

during operation.

Therefore, it is generally considered that the security of the carrier is: hardware wallet > PC / Mobile

wallet > Web wallet

Software Wallet Forms

PC

Mobile

Web

‣ Graph 3-4 Software wallet formsSource：TokenInsight

Note: CC (Common Criteria) is the result of the unification of various existing standards by the

International Organization for Standardization and is the most comprehensive evaluation criterion at

present. CC divides the evaluation process into two parts: function and guarantee. The evaluation

level is divided into EAL1, EAL2, EAL3, EAL4, EAL5, EAL6 and EAL7 in seven levels.

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



3.2 Private Key Storage Risk

Wallet private key management is the core of digital asset security. The essence of the wallet is to help users manage and use the private key conveniently and securely. Wallets can be classified into two types according to the storage method of the private key: centralization and decentralization.

In the decentralized wallet, the private key is kept by users and will not be uploaded to the database of the wallet project party. The centralized wallet means that the private key is centrally managed by the project party. The latter's financial risk will be more concentrated in the wallet project side, and its centralized server becomes the target of being attacked more than the decentralized wallet. Therefore, from this perspective, it is generally considered that the wallet private key is safer for decentralized storage.

�10

‣ Graph 3-7 Comparison of the number of wallets with different storage methods of private key 来源：TokenInsight

Upload to project side server for

unified management

Private key of user 1



‣ Graph 3-5 Centralized wallet private key management modeSource：TokenInsight

中⼼心化钱包21%

去中⼼心化钱包79%

At present, the proportion of decentralized wallets is higher than that of centralized wallets, and about

79% of wallets are decentralized wallets. It reflects the consensus that digital wallet users have

higher security in decentralized wallets.




Local storage

Local storage

Local storage

‣ Graph 3-6 Decentralized wallet private key management modeSource：TokenInsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�11

未开源钱包40%

开源钱包60%

In addition, the user's private key generation operations and transactions may be recorded and

obtained by other users, and the core code of the wallet may be reverse broken to trigger such an

attack. In order to facilitate the users' trust and accelerate the algorithm upgrade of the product, some

project parties choose to open source the program, upload the code to Github or other communities to

publicize.

Except the potential risk of being attack due to the program vulnerabilities and the failure of upgrade

in time, the open-sourced code of this project is beneficial for the secure storage of users' digital

assets in the long term. According to TokenInsight's 2018 Most Valuable Wallet-Light Wallet-China's

List (see Appendix for details), 30% project in Top10 is open-sourced, while in the statistics of nearly

120 wallet projects at home and abroad, the open source ratio is 60%, and the web-side wallet

accounts for the majority.

Note: The open source program here refers to the core code and related programs that constitute the

wallet architecture. It is considered as partially open source when the publicity program is not

compilable.

‣ Graph3-8 Comparison of numbers of open-sourced walletsSource：TokenInsight

China-SPV/centralized

Name Cobo WalletQbao

Network BitKeepKcash Wallet

MEET.ONE

Secrypto

imToken Wallet Bitpie

Token Pocket

Math Wallet

Open source × × × × × × √ × √ √

‣ Graph 3-9 2018 Most Valuable Wallet - Light Wallet - China l ist of partial evaluation dataSource：TokeInsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



3.3 Web Hijacking Risk and Login Risk

�12

‣ Graph 3-10 Reasons analysis for users' webpage hijackingSource：TokenInsight

Most of the digital asset transactions require network connection. Users may suffer from phishing attacks due to HTTPS hijacking and DNS hijacking. 1It is not uncommon for users in centralized exchanges to suffer losses due to HTTPS hijacking and DNS hijacking. There are two precautions against this:

1) Collect and safekeep the link address of the wallet to reduce the possibility of entering the fake website

2) A professional firewall can be used to intercept and filter phishing websites on the network.

‣ Graph 3-11 Comparison of the number of wallets with or without two-factor verif ication loginSource：TokenInsight

没有双因⼦子验证42%

具有双因⼦子验证58%

Two-factor verification proves the identity of the visitor through two independent and irrelevant evidences. Using this technology in the login phase can improve the security of the user's digital assets. Currently, the wallet with this function accounts for about 42% of the industry projects. Most of the project parties use the dynamic password provided by Google plus the user's original login password as the two-factor verification architecture. However, this technology may fail in the face of sender ID spoofing attacks, so users should develop good security awareness to deal with such attacks. 2

Analysis of the reasons for

webpage hĳacking

Browser problem

User's reason

Project side reason

Unverified server certificate

Unverified domain name

1. The webpage hijacking risk refers to the attack the user might suffer from during interaction with the data network when using the wallet if the user does not verify the certificate of access address or the certificate has expired. In the process, hijackers will be stealing access data and can ultimately cause the user's digital assets to be at risk of loss.2. In the Sender ID spoofing attack, the attacker uses the official identity of fake Google to send emails to the user to obtain other private information such as the dynamic password, and finally log in as the user. This type of attack is extremely harmful for some wallets with low security defense capabilities.

Expired server certificate

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



3.4 Trading Risk

�13

The transaction requires a private key signature for authorization, including multiple signatures and single signatures.

Single signature means that only one user has a private key and has full autonomous trading rights.

The multi-signature mode is that a digital asset is managed by multiple people, and the private key holder who needs to meet the lower threshold signs with the private key. For client wallets that are less encrypted than hardware wallets, the multi-signature mode has the advantage of reducing individual risk and improving the security of digital asset transactions. According to statistics, wallets that support multi-signatures in the client wallet account for 31%.

‣ Graph 3-12 Comparison of the number of wallets with or without multi-signature Source：TokenInsight

According to the Top10 (see Appendix) projects in the 2018 Most Valuable Wallet - Light Wallet -

Overseas list published by TokenInsight, the proportion of projects supporting multiple signatures is

low. Although the multi-signature mechanism is currently more secure than single-signature, it is more

widely used for large-scale managed projects or enterprise-level customization, and the technology is

not yet popular for individual users.

‣ Graph 3-13 2018 Most Valuable Wallet - Light Wallet - Overseas l ist of Top10 evaluation dataSource：TokenInsight

⽀支持多签名31%

不不⽀支持多签名69%

Overseas-SPV/centralized

Name Freewallet SeriesHB

Wallet EdgeCoinbase

WalletCopay Bitcoin

Wallet Citowise UpholdTrust Wallet

Green Address

Bread Wallet

Multi-signature √ × × √ √ × × × √ ×

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�14

For individuals troubled by high cost when using the multi-signature mechanism, "private key +

transaction password" mode offers an alternative solution to reduce the trading risk. In addition to the

private key, users also need to input password to confirm and complete the transaction of digital

asset. BitKeep Wallet has adopted the DESM algorithm based on SHA256 + AES256 + cloud

authentication encryption system to double encrypt user's single-signature wallet. The method of

using single-signature mechanism with private key and double confirmation with password can greatly

reduce the trading risk.

Multi-signature usage scenario

large-scale managed projects asset management

Centralized exchange asset management

Enterprise Digital Asset Management

‣ Graph 3-14 Wallet multi-signature usage scenario analysisSource：TokenInsight

Transaction secondary

confirmation password usage

Dynamic instruction (one-time password)

PIN（Fixed string）

User-specific information (fingerprint, etc.)

‣ Figure 3-15 Wallet transaction secondary confirmation password usage specificationSource：TokenInsight

In terms of usage specifications, the current secondary confirmation mechanism adopted by the

wallet industry uses fixed strings, dynamic passwords, and user-specific attribute verification. From

the perspective of cryptography, it is generally considered that user-specific attribute verification has

a higher security level. For example, Math Wallet uses biometric security authentication technologies

such as fingerprints and face recognition for large-value transfers.

According to TokenInsight's incomplete statistics, the wallet industry has a large number of projects

using fixed strings in the transaction secondary confirmation password usage specification, and the

number of projects using the user-specific attribute verification method is the least. The technical

specifications adopted by the wallet industry to reduce transaction risk remain to be unified.

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



3.5 Asset Transfer Risk

�15

When a mobile device or hardware wallet carrying a client wallet is lost, it may result in the loss of digital assets. Since the general mobile device does not have a professional encryption function, the probability of theft of digital assets is large. The hardware wallet generally has the function of brute force cracking. For extreme situations, some hardware wallets have a violent disassembly and self-destruction module, that is, the data is destroyed before the illegal visitor obtains the private key. This kind of the wallets accounts for about 9% of the hardware wallet, the current popularity is not high.

‣ Graph 3-16 Number of hardware wallets that support self-destruction Source：TokenInsight

⽀支持暴暴⼒力力破解⾃自毁9%

不不⽀支持暴暴⼒力力破解⾃自毁91%

Another way to safely transfer digital assets after the terminal is lost is to use the HD (Hierarchical

Deterministic) wallet mentioned above. The specific implementation standard is the BIP protocol

series. The complicated technical operation can be simplified by the BIP protocol. BIP protocols for

mainstream wallets include BIP-39 and BIP-44.

Simply speaking, the protocol can turn a complex private key into a mnemonic, basically in the form of

24 (or at least 12) words + passphrases (null or no), and the user will back up the generated

mnemonics. If the wallet is lost, the digital asset can be safely transferred using the same standard

BIP wallet.

‣ Graph 3-17 Number of wallets that support different BIP protocol standardsSource：TokenInsight

⽀支持BIP-3914%

⽀支持BIP-4486%

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�16

In order to solve the problem that the broken login PIN of wallets without secondary protection can

easily cause security issues, it is also possible to use the blockchain's own framework technology to

perform secondary asset encryption, so that the user can control the digital assets more strongly. For

example, if the ETH is stored by using the smart contract address instead of the ordinary address, the

transaction will be successful only after both the private key signature and a separate password are

required to invoke the contract each time the ETH is transferred out,

The scheme is currently in use at the EtherSafer wallet project, which features low cost and a high

level of security. The secure storage of ETH wallets using the contract address can effectively reduce

the risk of theft of the users' digital assets.

HD wallet architecture + Ordinary address storage = Safe transfer of assetsSimplified trading process +HD wallet

architecture + Contract address storage = Reduced risk of theftSimplified trading process + + Safe transfer of assets

Private key+PIN

Hardware wallet biometric confirmation

In addition to using the HD (Hierarchical Deterministic) wallet to secure the transfer of assets when losing a wallet, the wallet will also include a secondary transaction confirmation password in the program. Generally, it is a PIN or a user-specific information attribute (such as a fingerprint). This module can delay the speed at which the private key is cracked when the wallet is lost, and strive for time for the security transfer of users' digital assets. Once the wallet's anti-brute force module is broken and the user's private key is stolen, the digital asset is considered to be lost.

‣ Graph 3-18 Private key anti-brute force architecture supported by mainstream walletsSource：TokenInsight

‣ Graph 3-19 Comparison of wallet features using ordinary and contract addressesSource：TokenInsight

Web transaction secondary password

Mobile transaction secondary password

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

IV. Artificial Risks

4.1 Supply Chain Risk

Supply chain risk is particularly evident in the security threat of hardware wallets. As a physical product, from the production of the enterprise to the use of the user, the hardware wallet may experience problems such as product damage and firmware tampering caused by the above process. The supply chain risk management methods currently used by project sides engaged in hardware wallet production generally are: 'logistics security guarantee' + 'initial verification'.

Among the security risks of digital asset storage and transaction, in addition to the security threats caused by technology, there are also risks brought by the manual operation of different wallets due to business needs, including supply chain risk, authority chain risk, etc.



‣ Graph 4-1 Number of wallets that support logistics security guaranteeSource：TokenInsight

We can see from Graph 4-1 and 4-2 that 80% of the hardware wallet projects support logistics

security guarantee in response to supply chain risks. The main approach is to monitor its own product

links and coordinate with the logistics chain. 90% of the hardware wallet projects support initial

verification, and most project parties are already taking measures to control the risks. The project

parties who are pursuing the user experience have also adopted some special methods, such as

peer-to-peer logistics, which can reduce the supply chain risk again. Overall, the digital wallet industry

has achieved initial success in supply chain risk management and control.

不不⽀支持物流安全保证20%

⽀支持物流安全保证80%

Note: Usually the meaning of supply chain risk refers to materials flowing through the supply chain from production and distribution enterprises to users, generating different flows such as business, logistics and information flow, involving many processes such as distribution processing, storage, packaging, transportation, loading and unloading, distribution and information processing. Any risk caused by problems in these links is called supply chain risk.

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�18

不不⽀支持初始化验证10%

⽀支持初始化验证90%

‣ Graph 4-2 Number of wallets that support init ial verif icationSource：TokenInsight

In TokenInsight's 2018 Most Valuable Wallet - Hardware Wallet List (see Appendix for details), there

are 22 wallets from 16 companies at home and abroad, including（Ledger）Blue with a comprehensive ranking of 11.7 points at the top of the list and BEPAL-Q ranking top in China with a

score of 9.4 points, ranking sixth overall.

‣ Graph4-3 Hardware wallet comprehensive ranking Top10 list Source：TokenInsight

Hardware Wallet

Name Blue Model T Nano S KeepKey ONE BEPAL Q Digital BitboxBepal Pro S BiPal

Keywallet Touch

Overall Rating 11.7 9.8 9.7 9.5 9.4 9.3 9.1 9 8.7 8.3

Ranking 1 2 3 4 5 6 7 8 9 10

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



4.2 Privilege Chain

�19

‣ Graph 4-4 Centralized wallet physical chain + privilege chain schematicSource：TokenInsight

In many centralized wallets, in addition to physical chains (usually hardware wallets or full-node wallets) that can implement asymmetric encryption algorithms, there are also privilege chains (usually management systems composed of staff) that control transactions, time, amount, etc. as shown in the following graph of the managed system designed by InVauIt: the off-net storage room can be regarded as the physical chain, and the network storage room can be regarded as the privilege chain, general centralized exchanges and trustee institutions engaged in large-scale custody services use such structures for digital asset management.

‣ Graph 4-5 Centralized wallet physical chain + authority chain structure example Source：InVault

Privilege chain contacts

physical chain

Use the physical chain for operation

Authorize the privilege chain

for transfer

Confirm the transaction, withdraw the

privilege chain

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�20

The physical chain and the privilege chain are isolated from each other in the architecture design.

After being authorized, both sides can contact and operate. When the transaction is over, the two

sides are again isolated. However, it can be found that the privilege chain actually has absolute

control over the physical chain. Once a problem occurs in any dimension such as the time, object or

amount of the transaction, the users' digital assets may be potentially threatened or damaged.

In addition to physical chain risks, the asset security of a centralized wallet is also subject to the

artificial risks of privilege chain. This is particularly evident in the asset losses suffered by the

centralized exchanges. According to statistics, about 40% of the centralized wallet losses in 2018 are

related to privilege chain risks. In February 2019, the founder of the QuadrigaCX Exchange was

missing (currently the Indian government has provided a death certificate), resulting in the loss of

$195 million digital assets of the exchange, which pushed the risk of privilege chains to the forefront of

the digital wallet hosting security problems. Because the privilege chain risk is uncontrollable, it has

become a difficult problem for asset security in the industry.

涉及权限链⻛风险40%

不不涉及权限链⻛风险60%

‣ Graph 4-6 Privilege chain risk incidents as a percentage of centralized wallet security incidents

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

5. Security Field Outlook

5.1 Expansion of the Security Audit Business

In view of the industry development trend and the above-mentioned problems, it is currently believed that the hotspots in the security field of the wallet industry in 2019 will focus on the improvement of the security audit system, the development of wallets based on the security architecture, and the management of artificial risks of wallet asset management businesses.



With the development of the wallet industry, the market will further expand. According to statistics, the

creation time of existing wallets was initially concentrated in 2013. As of December 2018, the number

of digital wallet projects has accumulated to more than 340, an increase of about 30% compared with

2017.

项⽬目数量量（个）

0

80

160

240

320

400

2013 2014 2015 2016 2017 2018

‣ Graph 5-1 Number of global digital wallet projectsSource：Statista

In terms of the growth rate of wallets, 2017 increased by about 62% compared with 2016, which was

higher than ever before. Although the growth rate in 2018 slipped down, it is still much higher than

the year before 2017. This reflects that the digital currency market is currently of a certain size. It is

expected that the mainstream wallet projects will increase by at least 20 in the global market in 2019.

The original wallets are also actively expanding and adding new services. For example, Legder、Xapo and other wallet companies focusing on secure storage have begun to deploy emerging

businesses such as digital asset custody and asset management. Both the depth and breadth of the

wallet industry itself are growing rapidly.

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�22

At present, all security reviews of wallet projects on the market have the following categories:

The first category is the technical risk security review. The current security review is based on the following: carrier risk review (system vulnerability scanning, new user registration security, carrier environment detection, client integrity detection), private key storage risk review (mnemonic creation security, mnemonic storage security, private key generation security, private key storage security, locally stored data sensitivity detection), network protocol risk review (network proxy detection, certificate verification in https communication), login risk review (user information security, private key import security, transaction password security), transaction risk review (transaction creation security, transfer address security detection, transaction signature security, transaction confirmation, balance inquiry accuracy) etc.

However, the above-mentioned security auditing business only audits part of the technical risks of mobile terminals, there are fewer technical risk auditing for hardware wallets and PC wallets. Overall, the digital wallet security audit services need to be expanded. Therefore, based on the continuous increase of wallet projects and services and the incompleteness of the existing security review framework, the demand for wallet security audit business will further increase in 2019.

Mobile wallet security audit

Carrier detection

Private key storage detection

Network security detection

Transaction security detection

Login security detection

PC wallet security audit

Private key storage detection

Network security detection

Carrier detection

Hardware wallet security audit

Chip security detection

‣ Graph 5-2 Various wallet security audit businessesSource：TokenInsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



5.2 The Rise of Compatibility Wallets

�23

According to statistics, as of the Q4 quarter of 2018, the number of global digital asset wallets users was 31.914 million, an increase of 10.4% from the previous quarter and an increase of 48.3% from the previous year. If the number of Internet users is the development target of the number of digital currency users, the total amount of users has 100 times expansion space. This means that it has great development potential and huge market space. With the development of blockchain technology, the market will usher in more diversified development in 2019, and more people will access and flood into the blockchain and digital currency industry.

‣ Graph 5-3 Global digital currency user sizeSource：Statista

数字钱包⽤用户数（万）

0

800

1,600

2,400

3,200

4,000

2015

Q1

2015

Q2

2015

Q3

2015

Q4

2016

Q1

2016

Q2

2016

Q3

2016

Q4

2017

Q1

2017

Q2

2017

Q3

2017

Q4

2018

Q1

2018

Q2

2018

Q3

2018

Q4

全球数字钱包⽤用户规模

Due to the lack of understanding of asymmetric cryptographic algorithms and the unskilled use of decentralized wallets, This part of emerging users will choose a centralized wallet as a storage tool to reduce the security risks of their digital assets.

After a period of time, as professional knowledge increases, users will seek to use a decentralized wallet to pass on the security risks of digital assets from the wallet project to themselves. At this time, the user has a certain stickiness to the original centralized wallet.

If the wallet project party can provide another private key decentralized storage solution at this time, the user can satisfy the upgrade requirement of the user's private key security storage and can retain the user's original operating environment, and the project party can reduce the user loss and increase the attractiveness of new users.

In summary, based on security and market development considerations, wallets that support decentralized storage & centralized storage in 2019 will be a popular choice for users.

Late user selection

Practicality Security

Early user selection

Practicality

‣ Graph 5-4 Development of wallet user selection intentionSource：TokenInsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�24

‣ Graph 5-5 2018 Most Valuable Wallet - Light Wallet - China's List Evaluation DataSource：TokenInsight

Among the Top10 wallet projects in the Most Valuable Wallet - Light Wallet - China's List (see

Appendix for details), Math Wallet、Cobo Wallet have begun to try compatibility services. According to the development of the market, the wallet that supports the centralized and decentralized dual storage

function will be more and more favored by users, and the new security issues brought about by the

architecture upgrade are also worth noting.



Network BitKeepToken Pocket

imToken Wallet

Kcash Wallet Bitpie

MEET.ONE

Math Wallet Secrypto

Overall Rating 9.0 8.6 8.2 8.1 7.7 7.2 6.6 6.0 6.0 5.9

Ranking 1 2 3 4 5 6 7 8 9 10

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



5.3 A Stumbling Block to the Asset Management Business

�25

In terms of project functions, the wallet industry is not limited to the storage and transaction solutions to digital currency assets. The functions added on this basis include information service, asset management, lending, and DApp access. With the development of public chains and the involvement of traditional financial institutions, projects such as project docking, asset management and lending are rapidly emerging. More than 40 wallet project parties have launched digital asset management services.

⽀支持资管业务32%

不不⽀支持资管业务68%

‣ Graph 5-8 Number of wallets with and without asset management businessesSource：TokenInsight

Wallet function overview

Storage and transaction

Information service

Asset management

DApp access

Lending

‣ Graph 5-6 Wallet function overviewSource：TokenInsight

Financial product

Fixed term

financial manage

ment

Intelligent

mining

‣ Graph 5-7 Wallet f inancial function overview Source：TokenInsight

Current financial manage

ment

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�26

Most of the organizations that have launched digital asset management services use a centralized

approach to manage digital assets in the form of 'physical chain' + 'privilege chain'. With the rapid

expansion of this business, the security risks are also increasing. Especially due to the uncontrollable

nature of the 'privilege chain' risk, the fully managed wallets are very likely to face similar security

vulnerabilities as of the centralized exchanges.

The custody and asset management services in the wallet business are developing rapidly. Among

the Top 10 of the most valuable wallet - light wallet - China list released by TokenInsight (see

Appendix for details), Cobo Wallet、BitKeep、Token Pocket and 3 other wallets have launched financial management services, and digital assets stored in the centralized wallets will grow rapidly.

For the asset management services that are about to develop rapidly, the artificial risks such as

private key control and manual transfer brought by digital asset centralized storage will be an urgent

problem to be solved. If it is impossible to find a solution that reduces the artificial risks, the security of

digital assets will be plagued by artificial risks.

‣ Graph 5-9 2018 Most Valuable Wallet - Light Wallet - China List Top10Source：TokenInsight



Network BitKeepKcash Wallet

MEET.ONE

Secrypto

imToken Wallet Bitpie

Token Pocket

Math Wallet

Financial products √ √ √ √ √ × × × √ ×

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�27

Appendix

Hardware Wallet

Product Name Price RatingTarget Groups

Number of Major Currenci

es

Quantity Rating

Operation

Standard Rating

Hardware User-friendlin

ess

Chip Security

Level Rating

Operation

Performance

Overall Ratings

Blue 6 Enterprise 16 10 0 2 8 10 11.7

Model T 6 Individual 6 6 0 0 10 10 9.8

Nano S 6 Individual 16 10 0 0 8 10 9.7

KeepKey 6 Individual 3 4 -1 2 10 10 9.5

ONE 10 Individual 5 6 -1 0 10 10 9.4

BEPAL Q 8 Individual 6 6 0 2 6 6 9.3

Digital Bitbox 10 Individual 2 4 0 0 10 10 9.1

Bepal Pro S 6 Enterprise 6 6 0 2 6 6 9.0

BiPal 6 Individual 9 8 0 0 10 6 8.7

Keywallet Touch 10 Individual 6 6 0 0 8 6 8.3

Swiss Bank in Your Pocket 8

Individual 4 4 0 0 10 6 7.4

链盾 0 Individual 4 4 0 2 6 4 7.1

LUBANSO X1 6 Individual 6 6 0 0 6 6 7.0

KASSE HK-1000 10 Individual 6 6 0 0 7 6 7.0

CoolWallet 8 Individual 3 4 0 0 8 6 6.7

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�28

Name

Hierarchical Deterministic

Open Source

Multi-signature

Two-step

verification

Private

Key Storage

Location

Number of

Comment

s

Number of Comments - Rating

Stars

Stars-

Rating

Transaction

Service

Market Information

Financial

Tools

DApp

Access

Social

Function

Overal

l Ratings


Cobo Wallet 1 0 1 1 1 2,531 10 5 10 1 0 1 0 1 9.0

Qbao Network 1 0 0 0 1 373 8 4 8 1 1 1 1 1 8.6

BitKeep 1 0 0 0 1 77 4 4 8 1 1 1 1 1 8.2

Token Pocket 0 1 0 1 1 58 2 4.0 8 1 1 1 1 1 8.1

imToken Wallet 1 1 0 0 1 286 8 4.5 9 1 1 0 1 0 7.7

Kcash Wallet 0 0 1 1 1 160 4 4 8 1 0 1 1 0 7.2

Bitpie 1 0 0 0 1 403 8 4 8 1 1 0 1 0 6.6

MEET.ONE 0 0 0 0 1 6 0 5 10 1 1 1 1 0 6.0

Math Wallet 0 1 0 0 1 24 2 4 8 1 1 0 1 0 6.0

Secrypto 0 1 0 0 1 76 2 3.5 7 1 0 0 1 1 5.9

Overseas-SPV/centralized

Freewallet Series 1 0 1 1 0 504 8 4.5 9 1 1 0 1 0 7.7

HB Wallet 1 0 0 1 1 377 8 4 8 1 0 0 0 1 6.6

Edge 1 1 0 1 1 66 2 4.5 9 1 0 0 0 0 6.1

Coinbase Wallet 0 0 1 1 0 201 4 4 8 1 1 0 0 0 5.2

Copay Bitcoin Wallet 1 1 1 0 1 95 4 3.5 7 0 0 0 0 0 5.1

Citowise 1 0 0 0 1 622 10 5 10 1 0 0 0 0 5.0

Uphold 0 0 0 1 0 2,638 10 5 10 1 0 1 0 0 5.0

Trust Wallet 1 0 0 0 1 1,793 10 4.5 9 0 0 0 1 0 4.9

Green Address 1 1 1 1 0 27 2 3 6 0 0 0 0 0 4.8

Bread Wallet 1 1 0 0 1 989 10 3.5 7 0 0 0 0 0 4.7

Wallet List

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI

nsight

TokenI



�29

Wallet Lists，samples are divided into SPV and centralized wallets. The output is divided into domestic development wallet and foreign wallet.

A total of nine dimensions are Boolean values.

Hierarchical certainty - whether multiple addresses can be controlled by a private key

Yes: +1 point; No: 0 point

Whether the wallet is open sourced

Whether the wallet has dual verification?

Multi-signature - a dimension mostly owned by the enterprise-level walletOne of the indicators for measuring safety

User experience: transaction services; market information; financial tools; DApp access; social functions Yes: +1 point; No: 0 point

Private key storage location User retention, wallet retention, third party retention +1 point, 0 point, -1 point

PopularityThe first data source of comments is the App store, the US account;The second source is google play; the rating stars are in the same order.

Take the quartiles of the number of comments（10 points, 8 points, 4 points, 2 points, 0 points)

Stars *2 as star rating

Hardware Wallet

Wallet Price The lower the wallet price, the higher the score (enterprise and personal wallet separately)

100: 6 points

Supported currencyThe higher the number of currencies, the higher the scoreIf the storage of ERC20 tokens is supported, extra points can be gained.

10: 10 points

Executive standard The higher the standard, the higher the score, which is an additional subtractionBIP44: 0 point；BIP39: 1 point

TypeThere are different forms such as tablets, U shields, cards, etc.Score according to friendliness.

Tablet: 2 points；Others: 0 point

Chip security level The higher the security level, the higher the score CCELA 4+ 6；CCELA 5+ 8

Operating conditions of manufacturers

ExcellentThe company received more than $10 million financing, has leading technology and feasible profit methods;GoodThe company received less than $10 million but more than $1 million financing; the technical level is in the upper reaches of the industry and profit methods are feasible;GeneralThe company received less than $1 million financing, the technical level is in the middle reaches of the industry, and the profitability has bottlenecks.

Excellent 10 points；Good 6 points；General 4 points

TokenInsight Inc.Global Token Data & Rating Agency

获取最新区块链⾏行行业数据研究报告

⽹网站链接www.tokeninsight.com

合作邮箱[email protected]

其他联系⽅方式

官⽅方微信公众号 | Tokenin

官⽅方Twitter | TokenInsight

官⽅方新浪微博 | TokenInsight

官⽅方Telegram中⽂文电报群http://t.me/TokenInsightChinese

官⽅方微信联系⼈人⼆二维码⼩小程序⼆二维码

TOK

EN

INS

IGH

T
http://www.tokeninsight.commailto:[email protected]://twitter.com/TokenInsighthttps://weibo.com/u/6515221664http://t.me/TokenInsightChinese

EN Wallet Security Report - tokeninsight.com 2018... · Bitcoin hardware wallet Trezor exposed security vulnerabilities, developers launched emergency mechanisms to upgrade wallet

Documents