ONTO Cross-chain Crypto WalletGoogle Play
Our wallet review process
We examine wallets starting at the code level and continue all the way up to the finished app that lives on your device. Provided below is an outline of each of these steps along with security tips for you and general test results.
Application build test result
The Google Play description:
ONTO is the first truly decentralized, cross-chain wallet, allowing users to securely manage their identities, data, and digital assets.
Given that it refers to itself as a decentralized wallet, this likely means that it is a self-custodial wallet. As our policy is “don’t trust, verify” we will still try to verify this.
In the official website’s help center, we find a page on how to export ONT ID Wallet.
Users may choose to export their 12-word mnemonic phrase. It is also possible to import and export single-chain wallets provided the users have access to the mnemonic phrases.
We emailed them to verify the location for the source code of their wallet, and they have pointed to the github page at the bottom of their site.
We took a look at ONTO’s github page for the source code corresponding to their Google Play appID, but have found no results. The link points to the “ONTO-Data-Wallet”. Curiously, at the time of this writing, the page only contained a readme file.
In the absence of a scrutinizable source code, we would tentatively have to label this as having no source code.
Tests performed by Daniel Andrei R. Garcia
Do your own research
In addition to reading our analysis, it is important to do your own checks. Before transferring any bitcoin to your wallet, look up reviews for the wallet you want to use. They should be easy to find. If they aren't, that itself is a reason to be extra careful.