Wallet Logo

Ember Fund Invest in Crypto

latest release: 9.7 ( 19th October 2021 ) last analysed  30th September 2021 No source for current release found 
4.2 ★★★★★
459 ratings
10 thousand
24th January 2019

Jump to verdict 

Help spread awareness for build reproducibility

Please help us spread the word discussing transparency with Ember Fund Invest in Crypto  via their Twitter!

Do your own research!

Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.

If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.

The Analysis 

From its Google Play description:

Ember Fund is a 100% non-custodial crypto wallet and investment platform which means we don’t store your crypto assets, so only you have full control and access to your funds!

The most powerful property of Bitcoin, Ethereum, blockchain and crypto assets is the ability to custody your own assets instead of trusting a third party. We’ve built Ember to be fully non-custodial, so we don’t store your Bitcoin (BTC), Ethereum (ETH) or any cryptocurrency. Instead, we create and fund the necessary crypto wallets on your behalf. You alone have access and control of your funds through your device. We’re the first in the world to build a Bitcoin & cryptocurrency hedge fund investing & wallet app like this.

The App

We downloaded the app and the first thing it asked to do after registering with an email and keying a pin, was to invite friends to ‘start earning Bitcoin daily’ at 10 sats/hr. We clicked on the “+” button and saw a Bitcoin logo. We clicked it and it showed a balance of $0.00 BTC, clicking on the QR code takes us to another screen with the ability to receive bitcoin. It says in the app that we need to fund the wallet before we could invest in a fund. We could not locate the send button as is customary in most Bitcoin wallets.

The Private Keys

Ember claims:

Our wallet technology provides state of the art security for users, making control of digital assets approachable by abstracting complex private keys to username, password, and PIN code (plus TouchID & FaceID).

Ember knows nothing about the encrypted data it interacts with. This data is only accessible to the user. All data is fully encrypted before it touches our servers and can only be decrypted by the user while using the app. Ember does not store any information from user wallets, cannot execute trades, and cannot interact with the blockchain on behalf of the user. It’s not just end to end encryption; it is Zero Knowledge architecture. This means that in the unlikely scenario of Ember being hacked, there would be no sensitive user data for an attacker to steal.

Furthermore, under the Security tab in Ember.io’s Resources Page

Are my funds safe? Do I need to trust Ember Fund?

You own your own private keys so you are free to access your assets at all times through Ember or another wallet provider.

This statement poses further questions about how the user can access his own private key:

How can I view/export my private key?

Ember’s security model was designed to avoid the risks of exporting private keys, while creating the simplest app experience possible.

‍ ‍Your private key is encrypted and never leaves your device. Nobody else can access it, not even Ember.

If it is encrypted, never leaves the device and without an option to backup or export it by the user himself, this begs the question: how can you “access your assets” through “another wallet provider”?

The Site and FAQ

Ember.io’s FAQs read:

Ember Fund is a non-custodial DeFi platform, which means only you have access to your private keys, no personal information (aside from your email) is stored,

We’re still looking for a way to Send BTC from the wallet so we searched the site and found this information once you click on ‘Withdrawing’ under the Resources page:

How do I withdraw from my portfolio?
To withdraw from your portfolio, simply tap the “Liquidate Portfolio” button on the Settings page in the app. Your portfolio will be sold into Bitcoin that goes directly to your Ember wallet. From there, you can send your Bitcoin to any exchange to cash out for fiat currency.

We were not able to locate the “Liquidate Portfolio” button under the Settings page.

Terms and Conditions

The Ember Terms can be found here.

The service offers a non-custodial app which does not readily offer the user to export the private keys, but its terms seem to disallow the user from the usage of the app given certain conditions. Section 4 states:

Additionally, we may revoke Your access to our Platform if we believe that Your actions may harm us, our business interests, or any third party rights. Failure by us to revoke Your access does not act as a waiver of Your conduct. Nothing in this Agreement obligates us to provide You any access to the Platform or any of our associated services.

Section 5 provides more information about the overall operation of the app:

Ember Fund allows You to send, request, receive, and store digital currency (“Digital Currency or Digital Currencies”) via Your own digital wallet (“Digital Wallet”). All wallets created are non-custodial, meaning that You control all private and public keys associated to the Digital Wallet and Ember Fund never has control or possession of Your Digital Wallet to facilitate any transactions made. Ember Fund reserves the right to refuse to process or to cancel any pending digital transaction as required by law, at our discretion, in response to a subpoena, court order, or other binding government order, or to enforce transaction limits. Please be aware that once a transaction is initiated via Your Digital Wallet, Ember Fund may not reverse such transaction, Your Digital Wallet is solely controlled by You and we cannot access or control Your Digital Wallet in any manner, You are solely liable for maintaining access to Your Digital Wallet .

Contact

Initially, we thought of it as a DeFi app of sorts, but upon looking at the terms and the reviews, it may appear more like a custodial service. Although it is possible to backup We reached out to Ember.io to ask them about their app via twitter.

Source Code

Ember.io does provide a link to their Github account, however none of the repositories match up with this app’s ID. While one repository has an application ID, it is simply a fork of Edge - Bitcoin & Crypto Wallet

The repo does not contain any original code and was not updated since February 2020.

Verdict

This app claims to be non-custodial, but with no source to back it up, it is not verifiable. The app is closed source.

(dg)

Verdict Explained

Without public source of the reviewed release available, this product cannot be verified!

As part of our Methodology, we ask:

Is the source code publicly available? If not, we tag it No Source! 

A wallet that claims to not give the provider the means to steal the users’ funds might actually be lying. In the spirit of “Don’t trust - verify!” you don’t want to take the provider at his word, but trust that people hunting for fame and bug bounties could actually find flaws and back-doors in the wallet so the provider doesn’t dare to put these in.

Back-doors and flaws are frequently found in closed source products but some remain hidden for years. And even in open source security software there might be catastrophic flaws undiscovered for years.

An evil wallet provider would certainly prefer not to publish the code, as hiding it makes audits orders of magnitude harder.

For your security, you thus want the code to be available for review.

If the wallet provider doesn’t share up to date code, our analysis stops there as the wallet could steal your funds at any time, and there is no protection except the provider’s word.

“Up to date” strictly means that any instance of the product being updated without the source code being updated counts as closed source. This puts the burden on the provider to always first release the source code before releasing the product’s update. This paragraph is a clarification to our rules following a little poll.

We are not concerned about the license as long as it allows us to perform our analysis. For a security audit, it is not necessary that the provider allows others to use their code for a competing wallet.

The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.