RWalletLatest release: 2.0.1 ( 1st July 2021 ) 🔍 Last analysed 28th December 2022 . Failed to build from source provided! Not updated in a while
We encountered a build error while compiling from source code!
As part of our Methodology, we ask:
Can the product be built from the source provided?If the answer is "no", we mark it as "Failed to build from source provided!".
Published code doesn’t help much if the app fails to compile.
We try to compile the published source code using the published build instructions into a binary. If that fails, we might try to work around issues but if we consistently fail to build the app, we give it this verdict and open an issue in the issue tracker of the provider to hopefully verify their app later.The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.
But we also ask:
Was the product updated during the last year?If the answer is "no", we mark it as "Not updated in a while".
Bitcoin wallets are complex products and Bitcoin is a new, advancing technolgy. Projects that don’t get updated in a year are probably not well maintained.
This verdict may not get applied if the provider is active and expresses good reasons for not updating the product.The product cannot be independently verified. If the provider puts your funds at risk on purpose or by accident, you will probably not know about the issue before people start losing money. If the provider is more criminally inclined he might have collected all the backups of all the wallets, ready to be emptied at the press of a button. The product might have a formidable track record but out of distress or change in management turns out to be evil from some point on, with nobody outside ever knowing before it is too late.
Help spread awareness for build reproducibility
Please help us spread the word discussing build reproducibility with RWallet via their Twitter!
Do your own research!
Try out searching for "lost bitcoins", "stole my money" or "scammers" together with the wallet's name, even if you think the wallet is generally trustworthy. For all the bigger wallets you will find accusations. Make sure you understand why they were made and if you are comfortable with the provider's reaction.
If you find something we should include, you can create an issue or edit this analysis yourself and create a merge request for your changes.
The Analysis ¶
(Analysis from Android review)
As described in this issue, this app replaces (old) RWallet Work In Progress Defunct! and as such had to start from zero with reviews, ratings and downloads.
RWallet is a multi-currency non-custodial wallet that supports Bitcoin. It supports BTC, Bitcoin on RSK (RBTC), RIF Token (RIF), Dollar On Chain (DOC)
RWallet has three options:
- Create Basic Wallet
- Import Existing Wallet
- Add Read-only Wallet
Upon clicking “Create Basic Wallet”, you are allowed to choose from Segwit or Legacy crypto address. After this, you are given access to the 12-word recovery phrase and asked to safeguard it.
You can send and receive like a normal wallet.
After confirming that the recovery phrase has a backup, the app asks you to set a PIN. This PIN must be entered to access the recovery phrase again.
Code and Reproducibility
We were able to find a related website even though RWallet’s Google Page did not
have a website listed. The contact email address had a domain of
iovlabs.org. We could not find any mention of RWallet’s
open-source nature on that website. However, searching for the
‘com.rsk.rwallet.v2’ brought us to what could possibly be
RWallet’s GitHub repository. Although
this specific repository is not linked from the iovlabs.org, we feel that it
could be relevant as it mentions a lot of related items.
A while ago Emanuel had already looked into this app but as it had only few users, he did not check for reproducibility.
Back then he already ran into the issue that several files are not being provided in the source repository, making it hard to compile the project and impossible to compile it in a reproducible way, as the missing files affect the compiled app.
The new build instructions
link to a non-existing section about an
.env file and do not mention the
google-services.json Emanuel had to create back then. It is mentioned though
that a signing key is required, which for our purpose should not be the case, as
we intend to work with an unsigned app. How can we build an unsigned version of
the released app?
We conclude, this app is currently not verifiable.
Share onTwitter Facebook LinkedIn
Or embed a widget in your website
<iframe src="https://walletscrutiny.com/widget/#appId=iphone/com.rsk.rwallet.reactnative&theme=auto&style=short" name="_ts" style="min-width:180px;border:0;border-radius:10px;max-width:280px;min-height:30px;"> </iframe>
<iframe src="https://walletscrutiny.com/widget/#appId=iphone/com.rsk.rwallet.reactnative&theme=auto&style=long" style="max-width:100%;width:342px;border:0;border-radius:10px;min-height:290px;"> </iframe>