Why do I have such an instinctual distrust for browser extension wallets? \ stacker news ~bitcoin

pull down to refresh

Why do I have such an instinctual distrust for browser extension wallets?

538 sats \ 18 comments \ @crybaby 30 Mar 2023 bitcoin

Why do I have such an instinctual distrust for browser extension wallets? I'm proposing this question to get the communities feedback because I have done zero reading on them that i can recall, am i correct in assuming this? I'm going to do some reading later on it, already have some great sources, so im not looking for recommendations from peoples substacks. I just want to know if my instinct is founded in anything solid

view all related items

40 sats \ 0 replies \ @TheBTCManual 30 Mar 2023

Lol look we all had our meta mask experience its okay, I find browser wallets pretty cool, I am a big fan of alby since you can use it as just an interface with your node, makes life a lot easier and you can still have a custodial account and switch between the two

81 sats \ 0 replies \ @WeAreAllSatoshi 30 Mar 2023

Because browser extensions are inherently dangerous. They can monitor your browser activity

46 sats \ 0 replies \ @cstack 30 Mar 2023

I think of browser extension wallets as the digital equivalent of old-world coin wallets. Keep a couple of dollars (~10k sats) in spare change to buy gum and feed parking meters. High convenience, extremely low risk.

58 sats \ 0 replies \ @Coinosphere 31 Mar 2023

Because they're the hottest of the hot wallets?

Just keep tiny amounts in them to pay for things like zaps and paywalls. Any more should be in a far more secure wallet like Phoenix, and any real money (thousands of dollars worth) should be savings in your hardware wallet.

That's just good security that they should be teaching every schoolkid. One day it will be more obvious to everyone but we're not there yet.

61 sats \ 0 replies \ @siggy47 30 Mar 2023

I don't think your concerns are misguided. Browser extensions in general can be a security risk. Even if you carefully check permissions, extensions are often updated automatically.

60 sats \ 0 replies \ @shyfire 30 Mar 2023

Because the browser attack surface is insanely huge

50 sats \ 0 replies \ @Jem 30 Mar 2023

javascript is the fiat of the programming languages world

20 sats \ 0 replies \ @davidw 30 Mar 2023

Agree with the sentiment. And healthy scepticism. Your username is very fitting though 😀

15 sats \ 0 replies \ @sudonaka 30 Mar 2023

Don’t worry I am also a recovering shitcoiner

11 sats \ 0 replies \ @sime 31 Mar 2023

Unless they are backed up by a hardware wallet, they are a hot wallet.

11 sats \ 0 replies \ @Majjin 30 Mar 2023

Browser extensions can be sketchy at times. So your distrust isn't unfounded. Not to mention extensions must be lightweight. Self custodial wallets can be a little heavy so a lot of extensions opt to be an interface for a custodial wallet instead. Extensions are inherently connected to the internet any time you use them, which is a potential danger.

10 sats \ 0 replies \ @l0k18 31 Mar 2023

I dunno about you but my browser can hardly remember what happened last time I opened it let alone take care of my money. The web browser is the most monstrously complex application in the universe. It is only exceeded by the complexity of an NPM build.

If the signing device is separate from the browser, or better, separate from the PC, then browser security flaws are not as devastating.

Dedicated apps are always better. A lot of them are actually just dedicated web browsers too.

10 sats \ 0 replies \ @0359c62f34 30 Mar 2023

Years of conditioning.

10 sats \ 0 replies \ @TheL0wner 30 Mar 2023

i don't see a browser wallet as automatically any more sketchy than a mobile app wallet. I also see very little need for such a thing, if you're on an actual computer just use a full on wallet application.

50 sats \ 0 replies \ @gbks 31 Mar 2023

I'd be careful with browser extensions in general, particularly in Chrome. They are auto-updated and there has historically been barely any review to ensure nothing shaky is going on. Plus, since I have a semi-popular extension, I'm getting regularly contacted by people who want to buy it or talk about inserting ads, and I've heard various stories about extensions being bought only then to be sneakily "monetized".

5 sats \ 0 replies \ @xanny 30 Mar 2023

Web browsers have a much larger attack surface than dedicated applications so the concern is rational.

Always keep large amounts of BTC in cold storage. Don't put coin in a hot wallet you are not willing to risk losing.

2 sats \ 0 replies \ @chungkingexpress 30 Mar 2023

Something like the Alby browser extension is good in this case. Enables tipping and paying with Lightning from the browser without exposing your stack.

0 sats \ 0 replies \ @02511f37c8 31 Mar 2023 freebie

The issue also, you have to trust the extension and the security of your browser.

Browser exploits are low hanging fruit and Honesty a big security target due to there mass use.