Why do I have such an instinctual distrust for browser extension wallets? I'm proposing this question to get the communities feedback because I have done zero reading on them that i can recall, am i correct in assuming this? I'm going to do some reading later on it, already have some great sources, so im not looking for recommendations from peoples substacks. I just want to know if my instinct is founded in anything solid
40 sats \ 0 replies \ @TheBTCManual 30 Mar 2023
Lol look we all had our meta mask experience its okay, I find browser wallets pretty cool, I am a big fan of alby since you can use it as just an interface with your node, makes life a lot easier and you can still have a custodial account and switch between the two
reply
81 sats \ 0 replies \ @WeAreAllSatoshi 30 Mar 2023
Because browser extensions are inherently dangerous. They can monitor your browser activity
reply
46 sats \ 0 replies \ @cstack 30 Mar 2023
I think of browser extension wallets as the digital equivalent of old-world coin wallets. Keep a couple of dollars (~10k sats) in spare change to buy gum and feed parking meters. High convenience, extremely low risk.
reply
58 sats \ 0 replies \ @Coinosphere 31 Mar 2023
Because they're the hottest of the hot wallets?
Just keep tiny amounts in them to pay for things like zaps and paywalls. Any more should be in a far more secure wallet like Phoenix, and any real money (thousands of dollars worth) should be savings in your hardware wallet.
That's just good security that they should be teaching every schoolkid. One day it will be more obvious to everyone but we're not there yet.
reply
61 sats \ 0 replies \ @siggy47 30 Mar 2023
I don't think your concerns are misguided. Browser extensions in general can be a security risk. Even if you carefully check permissions, extensions are often updated automatically.
reply
60 sats \ 0 replies \ @shyfire 30 Mar 2023
Because the browser attack surface is insanely huge
reply
50 sats \ 0 replies \ @Jem 30 Mar 2023
javascript is the fiat of the programming languages world
reply
20 sats \ 0 replies \ @davidw 30 Mar 2023
Agree with the sentiment. And healthy scepticism. Your username is very fitting though 😀
reply
15 sats \ 0 replies \ @sudonaka 30 Mar 2023
Don’t worry I am also a recovering shitcoiner
reply
11 sats \ 0 replies \ @sime 31 Mar 2023
Unless they are backed up by a hardware wallet, they are a hot wallet.
reply
11 sats \ 0 replies \ @Majjin 30 Mar 2023
Browser extensions can be sketchy at times. So your distrust isn't unfounded. Not to mention extensions must be lightweight. Self custodial wallets can be a little heavy so a lot of extensions opt to be an interface for a custodial wallet instead. Extensions are inherently connected to the internet any time you use them, which is a potential danger.
reply
10 sats \ 0 replies \ @l0k18 31 Mar 2023
I dunno about you but my browser can hardly remember what happened last time I opened it let alone take care of my money. The web browser is the most monstrously complex application in the universe. It is only exceeded by the complexity of an NPM build.
If the signing device is separate from the browser, or better, separate from the PC, then browser security flaws are not as devastating.
Dedicated apps are always better. A lot of them are actually just dedicated web browsers too.
reply
10 sats \ 0 replies \ @0359c62f34 30 Mar 2023
Years of conditioning.
reply
10 sats \ 0 replies \ @TheL0wner 30 Mar 2023
i don't see a browser wallet as automatically any more sketchy than a mobile app wallet. I also see very little need for such a thing, if you're on an actual computer just use a full on wallet application.
reply
50 sats \ 0 replies \ @gbks 31 Mar 2023
I'd be careful with browser extensions in general, particularly in Chrome. They are auto-updated and there has historically been barely any review to ensure nothing shaky is going on. Plus, since I have a semi-popular extension, I'm getting regularly contacted by people who want to buy it or talk about inserting ads, and I've heard various stories about extensions being bought only then to be sneakily "monetized".
reply
5 sats \ 0 replies \ @xanny 30 Mar 2023
Web browsers have a much larger attack surface than dedicated applications so the concern is rational.
Always keep large amounts of BTC in cold storage. Don't put coin in a hot wallet you are not willing to risk losing.
reply
2 sats \ 0 replies \ @chungkingexpress 30 Mar 2023
Something like the Alby browser extension is good in this case. Enables tipping and paying with Lightning from the browser without exposing your stack.
reply
0 sats \ 0 replies \ @02511f37c8 31 Mar 2023 freebie
The issue also, you have to trust the extension and the security of your browser.
Browser exploits are low hanging fruit and Honesty a big security target due to there mass use.