Trust Wallet
Trust Wallet is a popular multi-chain wallet that's recently been acquired by the crypto exchange Binance. Its support of dozens of blockchain protocols helps it maintain a leading position among competitors, and the recent announcement of a Tezos staking feature coming in Q2 of 2019 only cemented their leadership.
Rudimentary dapp support is present in the application in the form of a web3-enabled browser, i.e. the web3 provider is being injected into websites that require it. The home screen features a list of popular dapps divided into categories, but much like in Opera's case, there's very little filtering going on so some of them will be dead or require email-based accounts. A key advantage Trust has here the aforementioned multi-chain support. If a blockchain like, for example, Tezos, ever gets an actual dapp, Trust is uniquely positioned to allow users access to the Tezos web3 as well!
The wallet's core is open source and available to all who wish to not only integrate their own wallet but also add their own blockchain to Trust.
User experience is as good as it gets in the modern walletscape. The app is intuitive and feels like one most people should be familiar with right out of the door. Adding new multi-coin wallets is fast and easy, and backing them up equally so. What's more, the application uses a single phrase to generate keys for all the blockchains like a hardware wallet would usually do, only on a chip, which means that any of the wallets can be regenerated using the BIP44 standard. So a disappearing Trust Wallet would still leave you with ample means to get your funds back.
BIP-21 is the only QR-code scanning standard supported in the app, which means your QR codes need to have the `?amount` argument in the URIs, not the `?value` argument standardized by Ethereum. As such, be careful when doing Ethereum payments via QR. There is absolutely no ENS support right now, so entering addresses in the `bitfalls.eth` form is not an option.
Security-wise, trust is in a neutral territory, leaning towards positive. The application used to be fully open source, but malicious clones appearing in app stores have forced them to hide the sources. This is changing now, however - the wallet's core is open source and available to all who wish to not only integrate their own wallet but also add their own blockchain to Trust. The networking stack is going to be open sourced soon, too, allegedly, which means Trust will be able to get rid of the "Risky 🔑" attribute. The UI is the only part that remains closed for fear of too easy cloning, so we'll have to take a change on that UI layer not talking to a remote server and sending our keys or data over.
It follow BIP44 standard for all the blockchains, you can google to find tools to get specific private keys.
— Viktor Radchenko (@vikmeup) April 12, 2019
Our code is open source: https://t.co/jwNCF7p52l you can dig into it to learn.
Multi-account support
Trust Wallet’s multi-account feature fully separates balances and transactions per account, generating a new recovery phrase rather than opting for a different derivation path. This is because the wallet is multi-blockchain and some blockchains do not support derivation paths. The wallets cannot be individually secured, so they are in effect the identities of the user more than separate users.
Each account starts with a default list of tokens - Bitcoin, Ethereum and Binance, and can add as many as they wish, including custom ERC20 tokens.
The derivation path cannot be customized in the wallet itself. If you generate the Ethereum wallet externally and send some ether to a path other than the default m/44'/60'/0'/0/0 (e.g. m/44'/60'/0'/0/1), the money will not be registered by Trust Wallet.
Recovering the funds, however, is possible by importing the m/44'/60'/0'/0/0 wallet’s private key or keystore into Trust Wallet. This will then create a new sub-section in the user’s wallet list where multi-coin wallets will be separate from manually imported single-coin wallets, but the funds will be retrievable.
Switching identities / accounts entails clicking on settings, wallets, and then picking one of these wallets.
This application has a pretty serious privacy leak in that it does not clear browser cache when you switch crypto identities, meaning your previous visits can be logged and your various identities linked.
Trust can be stopped, but not for long.
There is no option to add custom nodes or networks to the app from within the wallet settings, which means you rely on their infrastructure to power the app, and cannot access testnet or custom private networks (especially useful for development). The wallet talks to their servers which may or may not be Infura - we can't tell until the networking layer is open sourced. This poses not only a privacy but also a liveness risk - it means that taking down Trust's infra will render Trust installations useless - whether you have the APK (something all apps should provide!) or an app-store installation. While this is allegedly changing soon, right now Trust can be stopped.
Yes! We have all the functionality in place, just need to expose UI to enter custom nodes, will be added pretty soon.
— Viktor Radchenko (@vikmeup) April 12, 2019
In terms of custom tokens, Trust is on top of its game. It already subscribes to Transfer events from ERC20 and ERC721 tokens, which means it will auto-add any custom obscure token you send to your wallet. The application is stable with few to no bugs and supports fingerprint login which makes frequent use of the app extremely practical.
Trust wallet is an excellent entry point if all you care about are mainnets of popular blockchains. It's very much a production user-focused application and one can't fault it for that. Developers are simply not the intended audience, so the lack of customization options is entirely understandable, if somewhat disappointing to us tech-heads. For the average investor and web3 user, the application is a perfect mix of portfolio tracker and blockchain gateway. Its partially closed nature does make us recommend exercising caution when keeping funds in Trust.