Add security filters to the "Find wallet" page

[matiassequeira]

Is your feature request related to a problem? Please describe.

The current comparisons between wallets regarding security are limited to two variables: Open Source and Personal Ownership. Given the importance of security in managing crypto assets, a more comprehensive comparison is necessary to help users evaluate and make informed decisions.

Several months ago, Coinspect initiated an investigation into web3 wallets. After identifying various bugs in over 40 wallets and releasing a security checklist designed for wallet developers, we put together a checklist prioritizing the protection of users from phishing attacks and malicious DApps, as mentioned in this blogpost. We currently have a set of 30 checks for browser extension wallets and over 30 checks for mobile wallets, categorized into sections such as DApp Access Control, Local Access Control, Censorship Resistance, etc.

Along with this, we are developing software to aid the testing process, which will inherently contribute to a more objective and traceable assessment.

Although we plan to publish the results on a dedicated website, following discussions with the ethereum.org team, we agreed it would be beneficial to integrate this information into the Find a Wallet page on their site.

Describe the solution you'd like

Given that the current design does not directly support the display of numeric values (i.e. score, ranking), we suggest incorporating additional categories to the 'Security' filters, which users could toggle.

We propose adding the following categories:

• Privacy and Censorship-resistance: focused on maintaining user privacy and autonomy by enabling users to configure their blockchain node providers and by avoiding the use of any tracking or analytics software.
• Device Access Protection: checks to prevent an adversary with access to the device from obtaining the seed phrase or draining the wallet.
• DApp Accesss Control: aimed at how DApps interact with the wallet by requiring user permissions to access critical functions and web3 APIs, and by providing options to review and revoke DApp permissions as needed.
• Intended Action Verification: checks to ensure that users are fully informed and have verified their intentions for a given interaction with the DApp+wallet, particularly about transaction details, token approvals, and contract interactions.
• Malicious DApp Blocking: security measures to protect and alert users from potential threats arising from interactions with DApps, such as connections to known malicious DApps, interaction with scam addresses, and signing messages for unintended chains to name a few.
• Interaction Safeguards: focused on minimizing risks from interacting with unknown addresses, or blockchain addresses incorrectly entered.
• Audit Reports Published: whether the wallet has recent, relevant and public security reports.

To determine which wallets will 'pass' each category, we propose considering those that ranked above the median value for the category.

Below we provide an example of how these categories/filters would look as toggle buttons on the wallets’ site:

Describe alternatives you've considered

As previously mentioned, we have adapted the information we had, in the form of rankings, to the current design of the ethereum.org website. This approach allows us to avoid major modifications to the current web site while providing user-friendly value. We will maintain an independent website with detailed information e for those curious and interested in learning more about it.

Additional context

Here are the current test results for the extension wallets listed on the ethereum.org wallets page. They are ranked from the top performers in each category to those with opportunities for improvement.

Would you like to work on this issue?

• Yes
• No

[wackerow]

Hey @matiassequeira, really appreciate your post and ideas. Personally agree with much of what is proposed here as I'd love to offer more in terms of security options.

So you're proposing using the data collected from the Coinspect investigation? How do we see this data being maintained over time? How would we account for wallets that are not in this data set?

@konopkja Any thoughts on this potentially making things overly complex for users?

[matiassequeira]

Hi @wackerow, glad you liked it!

To answer your questions, we'll use the data we collected and keep it updated. We can commit to periodically testing a maximum number of wallets and establish clear criteria for accepting new ones for testing.

Regarding UI complexity, we can alternatively add only one security category, such as "Security Score Above X" instead of all those new filters we proposed earlier. In this case, we'll also add a link to a website with all the details about how we calculate the score, including the testing process.

[konopkja]

Hello, great to see this initiative here!

On the complexity note:
Yeah i think we would prefer merging this into 1 - 3 groups (doesnt have to be just one, but also can be if it makes sense).

Re numeric value:
We can tweak the designs so that this value is prominently visible on each listing if the community agrees on this improvement!

Question
I think right now this audit is focusing on subset of wallets on our page, which is already super helpful, but woudl it be possible to extend it to all walets? If not it may require a more subtle design choice i think

[wackerow]

I think right now this audit is focusing on subset of wallets on our page, which is already super helpful, but would it be possible to extend it to all wallets?

@matiassequeira Curious your thoughts on this. How often were you thinking about testing/reviewing these wallets? And were their any criteria you used to determine the initial set of wallets you investigated?

I think this would be a great addition, but just want us to be aware we'd be introducing a new dependency.

[matiassequeira]

I think right now this audit is focusing on subset of wallets on our page, which is already super helpful, but woudl it be possible to extend it to all walets?

@konopkja We have already covered all the EVM-compatible browser extension wallets listed on ethereum.org. We are currently working on the rest of the mobile wallets (iOS and Android), and the results should soon be ready. So yes, we will test all the wallets listed on ethereum.org site.

How often were you thinking about testing/reviewing these wallets? And were their any criteria you used to determine the initial set of wallets you investigated?

@wackerow We definitely plan to periodically re-review the wallets. Our current goal is to retest once per quarter as long as the number of wallets remains manageable by our team. Additionally, as mentioned above, the scope was set to be all the wallets listed on ethereum.org, although we could include more in future iterations.

[github-actions]

This issue is stale because it has been open 30 days with no activity.

[juli]

We finished testing! now retesting top 5 wallets for each platform to double check results and test new versions of wallets released while we were testing. We'll keep you updated.

[konopkja]

We finished testing! now retesting top 5 wallets for each platform to double check results and test new versions of wallets released while we were testing. We'll keep you updated.

thats great news! will the results be visible anywhere?

[juli]

We are focusing on result visualization this week. The plan is to display the overall and individual scores for each category:

• Physical Access
• dApp Permissions
• Intent Verification
• Threat Prevention

We posted about how web3 wallet security features can stop most phishing attacks and presented the categories above.

One key point regarding integrating the current Find My Wallet site is an interesting insight from our research: results vary for the same wallet vendor across different platforms.

The difference in security features supported across platforms is likely due to the apps not sharing the same codebase or updating each platform with the same frequency.

Averaging scores across platforms (Android, iOS, and Browser) could mislead users. For instance, a wallet may have strong security on one platform but weak security on another.

Calculating an average score would obscure these differences, potentially providing users with less reliable information. Our goal is to provide users with clear, platform-specific scores so they can make informed decisions.

[juli]

We published the first version of the Wallet Security Ranking and current checklists, we'll wait for your feedback to start working on integration.

[github-actions]

This issue is stale because it has been open 30 days with no activity.