MyCitadel

Bitcoin-only wallets only support Bitcoin. Less code means less attack surface which further improves your security when only storing Bitcoin.

If you are a Bitcoiner, you probably want a BTC-only software wallet.

Mainnet is the term for the real Bitcoin blockchain and network, and is used in contrast with testnet, signet, and regtest networks. Unlike the other networks, which are used for testing purposes, mainnet coins (BTC) have monetary value. When people refer to the Bitcoin network, they are usually referring to mainnet.

Testnet is an alternative Bitcoin blockchain specifically designed for testing purposes. It is a sandbox environment that allows developers, users, and businesses to experiment with new features, applications, and ideas without risking real Bitcoin or disrupting the main Bitcoin network (mainnet). The Testnet is a valuable tool for the Bitcoin community because it enables the development and testing of new technologies, improvements, and features before they are implemented on the mainnet.

The Regression Test Network (regtest) is a parallel blockchain to the Bitcoin blockchain. It works almost identically to the Bitcoin network, but it is used for private development. Regtest is most similar to testnet in that the coins on the regtest network are not monetized. Additionally, regtest is meant solely for private testing; external connections are not enabled and the mining difficulty is set to zero. This allows a regtest user to mine as many blocks as they want, making testing easier.

Signet is a proposed new test network parallel to the Bitcoin network. Like testnet and regtest, signet would be used by developers as a testing environment. Unlike the Bitcoin mainnet or the other test networks, signet would use digital signatures to validate blocks, not a Proof-of-Work system.

The Lightning Network (LN) is a protocol designed to allow instant and cheap Bitcoin transactions.

A PIN lock is a fundamental security feature in Bitcoin wallets. It requires users to enter a Personal Identification Number (PIN) before accessing their wallet or conducting transactions. This extra layer of protection guards against unauthorized access and helps prevent theft or misuse of funds.

A duress PIN is an additional PIN that can be used in situations where a user is forced to access their wallet under duress or coercion. It is a security feature designed to provide an extra layer of protection for individuals who may be at risk of physical or psychological threats.

The duress PIN functions differently from the regular PIN used to access the wallet. While the regular PIN grants full access to the wallet's funds and features, the duress PIN is designed to appear as a normal PIN but actually provides access to a separate, predetermined dummy wallet or a subset of funds that the user has designated.

This feature randomizes the numbers associated with the buttons on the keypad. Cameras and shoulder-surfers watching won't figure out your PIN based on the keys you press.

To prevent against brute-forcing the PIN, some wallets can wipe the private keys after entering a wrong PIN if the maximum number of attempts is exceeded.

Alphanumeric PINs allow for a larger pool of possible combinations compared to numeric-only PINs. This increased complexity makes it more difficult for an attacker to guess or brute-force the PIN, providing better protection against unauthorized access.

Alphanumeric PINs can help protect against shoulder surfing attacks, where an attacker tries to observe and memorize the PIN being entered. The inclusion of letters and symbols in the PIN makes it harder for an attacker to accurately remember the sequence of characters.

A pattern lock is a type of security measure commonly used on touchscreen devices, to restrict unauthorized access. It involves drawing a specific pattern by connecting a series of dots or nodes displayed on the screen.

A fingerprint lock, also known as fingerprint authentication or fingerprint recognition, is a security feature that uses an individual's unique fingerprint to verify their identity and provide access to the wallet.

A dummy wallet or decoy wallet is a wallet that contains a smaller amount of funds, to protect against coercion or theft.

The $5 wrench attack is a threat where an attacker may use physical force, such as violence or coercion, to force someone to reveal their private keys or passwords. To mitigate this risk, users might employ plausible deniability strategies.

A duress PIN is an additional PIN that can be used in situations where a user is forced to access their wallet under duress or coercion. The duress PIN functions differently from the regular PIN used to access the wallet. While the regular PIN grants full access to the wallet's funds and features, the duress PIN is designed to appear as a normal PIN but actually provides access to a separate, predetermined dummy wallet or a subset of funds that the user has designated.

Some wallets allow users to generate their own true random number (entropy) with rolling dice. This allows you to remove any risk of the random number generator (RNG) being compromised, because you are creating the private key directly.

A passphrase is an advanced feature which can be used to protect your accounts. When this feature is enabled, your device asks you to enter a secret phrase in addition to your numeric PIN every time you connect your device. When you enter a passphrase, your device combines the already existing randomness of your recovery seed with your own chosen input and computes a new wallet.

The Master Key Fingerprint refers to the fingerprint of the master extended public key derived from a hierarchical deterministic (HD) wallet.

The master extended public key (xpub) is derived from the master extended private key (xprv) and can be used to generate a series of child public keys. The fingerprint, in this case, is a unique identifier derived from the hash of the parent key's public key. It helps in quickly identifying the corresponding master key within a hierarchical key structure.

The fingerprint is unique and it is represented by 8 characters, for example 91A876EF

When you add a passphrase to your seed phrase, the new wallet will have its own fingerprint. This fingerprint can be used to verify that you have entered your passphrase correctly, that's why is important that your wallet displays it.

A wallet descriptor, also called an output descriptor, defines the conditions for creating and spending transaction outputs within a wallet.

This descriptor is a structured format that describes the characteristics of a bitcoin wallet. It provides a concise and standardized method for specifying the addresses a wallet can generate, import, and spend from.

A wallet descriptor, also called an output descriptor, defines the conditions for creating and spending transaction outputs within a wallet.

This descriptor is a structured format that describes the characteristics of a bitcoin wallet. It provides a concise and standardized method for specifying the addresses a wallet can generate, import, and spend from.

Shamir's secret sharing (SSS) is a cryptographic technique formulated in 1979 by the Israeli cryptographer Adi Shamir. The essence of Shamir's scheme lies in the ability to back up, share and recover a secret by breaking up the secret into multiple shares that are individually useless and leak no information about the secret or the scheme setup.

You can choose how many recovery shares you want to generate, and decide how many of them you want to use for recovery. Individual shares do not leak any information about the shared secret, as long as the number of compromised shares does not reach the required threshold. For example, if you use a 3-of-5 scheme and 2 of your shares get compromised, the attacker has no chance to reconstruct your wallet and cause trouble.

Most wallets offer a backup and recovery process that involves generating a mnemonic seed phrase. This seed phrase consists of a sequence of words that serve as a backup for the private keys stored on the wallet.

Some wallets support to autocomplete each seed phrase word when importing your private key. This feature increase the protection against keyloggers stealing your seed phrase, because you don't need to type the complete words.

Some wallets render an inapp keyboard when importing a seed phrase or entering a passphrase. This feature protect the users against keyloggers stealing your seed phrase or passphrase.

SeedQR is a standard developed by SeedSigner for encoding a recovery phrase as a human-transcribable QR code. Simply put, it is another way to store a recovery phrase — except as a QR code instead of a list of 12 or 24 words.

Pay-to-Public-Key-Hash (P2PKH): Addresses starts with '1'. This is the most common script type used in Bitcoin transactions. In a P2PKH transaction, funds are sent to the hash of the recipient's public key. To spend these funds, the recipient must provide a signature that matches the public key.

Pay-to-Script-Hash (P2SH): Addresses start with '3'. From this format, we can't distinguish whether they are MultiSig addresses or Segregated Witness compatible addresses. P2SH is the abbreviation of “Pay To Script Hash” and it supports more than Legacy Functions with more complex formats, such as specifying multiple digital signatures to authorize transactions.

Pay-to-Witness-Public-Key-Hash (P2WPKH also known as Bech32): Addresses starts with 'bc1'. Using a wallet that supports native SegWit is beneficial since it offers improved security and faster transaction times while keeping fees low.

Pay-to-Taproot (P2TR also known as Bech32m): Addresses start with 'bc1p'. It offers improved privacy when transacting on the Bitcoin network.

Support to view the receive address as a text

Support to view the receive address as a QR code

Support to display multiple receive address, so you avoid reusing them.

It is a good practice to not reuse Bitcoin addresses because of privacy and security concerns. When you use a Bitcoin address multiple times, it becomes easier for someone to trace your transaction history and identify your spending habits.

Support to input a receive address and verify if it is part of the wallet

Support to scan a QR with a receive address and verify if it is part of the wallet

Support scan an address from a QR

Text scanner for addresses using Optical Character Recognition (OCR)

Support to send to an internal wallet in the app

Support to send to multiple addresses

Send multiple transactions in one batch. This is useful if you more than one transaction and you want to spend less fees. All your transactions will be batched in a single transaction fee, making it less expensive.

Bitcoin multi-sig allows having up to 15 possible signers to approve any transaction. When using multi-sig, you will have at least one seed phrase per signer, so you can store them in multiple locations.

Taproot Multisig refers to implementing multisignature transactions (multisig) in Bitcoin using the Taproot upgrade, which was activated in November 2021. Taproot improves privacy, efficiency, and flexibility compared to the older multisig methods (e.g., P2SH-based multisig).

MuSig2 is a cryptographic protocol based on Schnorr signatures, designed to facilitate multisignature (multisig) schemes in blockchain systems, such as Bitcoin. It improves upon MuSig1, addressing its limitations while enhancing efficiency, security, and usability.

FROST (Flexible Round-Optimized Schnorr Threshold Signatures) is a protocol that minimizes the number of rounds of communication between participants in Schnorr signature schemes, reducing network bandwidth, time, and probability of errors. It requires a maximum of three rounds for signing, even without a trusted signature aggregator or preprocessing stage. It can be used to implement 'n-of-m' threshold signatures represented by a single signature on the blockchain. This saves block space and increases privacy by making them indistinguishable from other, more common spend types.

Message signing is the process of using your wallet's private key to create a cryptographic signature for a specific message. This proves that you control the Bitcoin address without exposing your private key or spending any coins.

Near Field Communication (NFC) is a technology that enables two devices to communicate wirelessly when they are brought close to each other.

A QR scanner on a wallet is a feature that allows you to scan a QR code using your wallet. QR codes can contain various types of information, including cryptocurrency addresses, transaction details, and other types of data.

URs (Uniform Resources) are a method for encoding structured binary data for transport in URIs and QR Codes.

UR2.0 is the industry standard for airgapped data transmission in Bitcoin.

BBQr enables files larger than can fit into a single QR to be sent as a series of QR codes (sometimes called an “animated QR”). The target file types are PSBT (BIP-174) and signed Bitcoin transactions.

Miniscript is a scripting language designed for Bitcoin. It aims to provide a more flexible and secure way of defining spending conditions for Bitcoin transactions.

Taproot Miniscript is a high-level language or template system for building Taproot-compatible scripts.

A Timelock is a type of smart contract primitive that restricts the spending of some bitcoins until a specified future time or block height.

Fee control in a Bitcoin wallet refers to the ability of the user to adjust the transaction fee associated with sending a Bitcoin transaction. When you send a Bitcoin transaction, you usually include a fee as an incentive for miners to process and include your transaction in the blockchain.

Fee control allows you to choose how much you want to pay in transaction fees. This choice involves a trade-off between the speed at which your transaction gets confirmed and the cost of the fee. Transactions with higher fees are usually processed more quickly by miners because they have a higher incentive to include them in the next block.

Replace-by-fee, or RBF, means that you are replacing one version of an unconfirmed transaction with a new version that pays a higher fee. As a result of increasing the fee, your transaction will now become more attractive to the miners and will have a higher chance of being confirmed faster. Additionally, RBF allows to cancel a pending outgoing transaction and get its value back to wallet.

Child-Pays-For-Parent (CPFP) means that you are making your stuck transaction (the “parent”) more rewarding by sending a second new transaction to be mined with a higher fee (the “child”). The child transaction can only be mined after the parent transaction is confirmed.

Coin control is a feature in some Bitcoin wallets that allows users to have greater control over the selection of inputs (also known as UTXOs — Unspent Transaction Outputs) when creating a transaction. This increased control provides users with benefits such as enhanced privacy, transaction fee optimization, and more efficient management of their Bitcoin holdings.

BIP-329 is a Bitcoin Improvement Proposal that defines how to store and organize labels (metadata) for Bitcoin wallets in a standardized JSON format.

CoinJoin is a privacy technique that enhances the anonymity of Bitcoin transactions. It combines multiple users' payments into a single transaction, making it challenging to trace individual funds. CoinJoin ensures that the inputs and outputs of a transaction are mixed with those of others, obscuring the origin of the coins. This technique provides greater privacy by breaking the link between sender and recipient. It's a voluntary process that requires participants to cooperate in creating a joint transaction. By making it difficult to track specific coins, CoinJoin contributes to bolstering privacy and fungibility within the Bitcoin network.

Support to hide the wallet balance, transaction amounts and addresses by default until you unlock the wallet

Stealth Mode removes the wallet icon from the launcher and home screen of your Android device. To reveal the wallet just dial a secret code.

Support to send secure messages between users using the wallet. This is useful for multisig.

PayNyms are a secure and private way of sending and receiving bitcoin using BIP-47 Reusable Payment Codes.

Silent payments (BIP352) are a type of payment that can be made to a unique onchain address for every payment even though the receiver provided the spender with a reusable (offchain) address. This helps improve privacy.

For bitcoin to function reliably and securely, it relies on the voluntary participation of thousands of individuals worldwide. Nodes, which make up the bitcoin network and verify transactions and blocks, are crucial to this process. There are many reasons to consider running your own bitcoin node, including personal benefits and the benefits to the security and resilience of the bitcoin ecosystem.

Tor aims to make all users look the same, making it difficult for you to be fingerprinted based on your browser and device information. With Tor, your traffic is relayed and encrypted three times as it passes over the Tor network. The network is comprised of thousands of volunteer-run servers known as Tor relays.

Support for migrating from an old wallet to a new wallet while maintaining your preferred coin management strategy.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.

References

- Green: less than 6 months old

- Yellow: between 6 months and 1 year old

- Red: more than 1 year old

A wallet with source-available is released through a source code distribution model where the source can be viewed, and in some cases modified, but without necessarily meeting the criteria to be called open-source. Any wallet is source-available as long its source code is distributed along with it, even if the user has no legal rights to use, share, modify, or even compile it.

A wallet being Free & Open Source (FOSS) means that the source code is publicly available and can be freely viewed, used, modified, and distributed by anyone. Users have the legal rights to access, study, modify, and distribute the firmware according to the terms of the open-source license it is released under. This transparency and freedom allow the community to review and contribute to the development of the firmware, ensuring its security, reliability, and trustworthiness.

Open source licenses grant permission for anybody to use, modify, and share licensed software for any purpose, subject to conditions preserving the provenance and openness of the software.

Whilst anyone may inspect the source code of free and open source software for malicious flaws, most software is distributed pre-compiled with no method to confirm whether they correspond.

A build is reproducible if given the same source code, build environment and build instructions, any party can recreate bit-by-bit identical copies of all specified artifacts.