Skip to content

Add Nunchuk wallet listing#4760

Open
devdavidejesus wants to merge 5 commits into
bitcoin-dot-org:masterfrom
devdavidejesus:add-nunchuk-wallet
Open

Add Nunchuk wallet listing#4760
devdavidejesus wants to merge 5 commits into
bitcoin-dot-org:masterfrom
devdavidejesus:add-nunchuk-wallet

Conversation

@devdavidejesus

@devdavidejesus devdavidejesus commented May 30, 2026

Copy link
Copy Markdown
Collaborator

Summary

This PR adds Nunchuk (https://nunchuk.io) to the wallets list, covering both Android and Desktop. Nunchuk is an open-source, self-custodial Bitcoin wallet focused on multisig and collaborative custody, developed by Nunchuk Inc (Delaware, US) and led by Hugo Nguyen. The Android client is at https://github.com/nunchuk-io/nunchuk-android and the Desktop client at https://github.com/nunchuk-io/nunchuk-desktop, both under GPL-3.0.

The wallet is built around libnunchuk, a C++ library that reuses Bitcoin Core directly as a git submodule (contrib/bitcoingithub.com/bitcoin/bitcoin, pinned at commit af78d36). Signing uses libsecp256k1 (vendored through the Bitcoin Core submodule), which implements deterministic ECDSA nonces (RFC 6979) by specification.

Files changed

  • _wallets/nunchuk.md — new wallet entry covering Android and Desktop (Windows, Mac, Linux)
  • _translations/en.yml — new description (walletnunchuk)
  • img/screenshots/nunchukandroid.png — 250×350 px Android screenshot (optimized with optipng -o7)
  • img/screenshots/nunchukdesktop.png — 250×350 px Desktop screenshot (optimized with optipng -o7)
  • img/wallet/nunchuk.png — 144×144 px icon (optimized with optipng -o7)

Testing

Both platforms were exercised hands-on. Tested versions were Android v2.5.3 (build 330) and Desktop v2.5.0. Nunchuk released v2.6.0 on both platforms during the review window (Android android.2.6.0 on 2026-06-17, Desktop 2.6.0 on 2026-06-22); the behaviors documented here are structural — they derive from the shared libnunchuk C++ core that backs both clients — and are not specific to the patch version tested.

Android (v2.5.3, build 330, from Google Play)

  • Wallet creation: A single-sig hot wallet was created on-device with a BIP39 seed phrase shown for backup. Native SegWit is the default address type.
  • Address generation: A bech32 (bc1q…) receive address was generated. A separate Taproot wallet was also created, generating a Bech32m (bc1p…) address — Taproot is offered as a selectable address type on the wallet creation screen, alongside Native SegWit.
  • Receive flow: A real transaction of 0.00014932 BTC was sent to the wallet and successfully received, reaching 22 confirmations, displayed with fiat conversion.
  • Backup and restore: A full backup-and-restore cycle was performed end-to-end with real funds. The seed was written down, the wallet was deleted, and recovered via "Recover existing wallet" using the same seed. The restored wallet reconstructed the identical receive address, balance, and transaction history.
  • Address rotation: After receiving, the app automatically presented a fresh unused address and marked the funded one as used, with an in-app note that reusing addresses is not recommended.
  • Received-from: The transaction detail screen shows the wallet's own receiving address only; it does not display the sender ("received from") address.
  • Settings reviewed: Network (defaults to Electrum server mainnet.nunchuk.io, with testnet, signet, custom Electrum server, and own-node support), Fee (Economy/Standard/Priority, Anti-Fee Sniping, automatic fee selection), Security (PIN and biometric), Display, Developer.

Desktop (v2.5.0, from GitHub releases)

  • Wallet creation: A single-sig hot wallet was created with BIP39 seed backup. Native SegWit (BIP84, path m/84h/0h/0h) is the default, confirmed in Wallet Config, with master key fingerprint shown. Taproot is also offered as a selectable address type on wallet creation.
  • Receive flow: A real transaction of 0.000163 BTC was received and displayed correctly.
  • Backup and restore: A full cycle was performed — seed written down, wallet deleted, recovered via "Recover existing wallet", reproducing identical address, balance, fingerprint, and history.
  • Settings reviewed: Network (Electrum mainnet.nunchuk.io default, testnet/signet, custom Electrum server, Bitcoin Core node, custom SSL, TOR proxy), Fee (Economy/Standard/Priority, Anti-Fee Sniping, automatic fee), Hardware driver (Custom HWI Driver), Database Encryption (opt-in, passphrase-protected — see Notes), Developer.

GPG signing infrastructure for releases is documented at nunchuk-io/docs/build_instructions.md with release key 0x8C8ECD3F660CA53CD878792A6E38A462ED2EF525. Send flow was not exercised (receive-only testing). Hardware wallet integration UI is present but was not tested with a physical device.

Scoring

Scoring follows docs/managing-wallets.md. Both platforms share the same scores except Environment.

  • Control — checkgoodcontrolfull: Full exclusive control over private keys; no custodial component in the standard product.
  • Validation — checkpassvalidationservers: Defaults to an Electrum server, with support for user-operated Electrum servers or a Bitcoin Core node.
  • Transparency — checkpasstransparencyopensource: Source public under GPL-3.0, version-controlled with tagged releases (53 on Desktop, 74 on Android as of 2026-06-24), public since 2021 (Desktop) / 2022 (Android) — well beyond the 6-month minimum. Reproducible-build infrastructure exists; deterministic verification of the current line was not performed in this review, so the score is kept at the open-source tier rather than the deterministic tier.
  • Environment — Android checkpassenvironmentmobile; Desktop checkfailenvironmentdesktop: Android provides app isolation; desktop environments do not.
  • Privacy — checkpassprivacybasic: BIP32 HD address rotation, exercised hands-on in the receive flow (fresh address generated after use). SOCKS5 proxy support allows Tor routing. The default Electrum server (mainnet.nunchuk.io) sees address queries; users can point at their own Electrum server or node to mitigate this.
  • Fees — checkgoodfeecontrolfull: Economy/Standard/Priority tiers, Anti-Fee Sniping, automatic fee for multi-policy transactions.

Privacy sub-criteria

  • Address rotation — checkpassprivacyaddressrotation: Exercised hands-on; the app rotates to a fresh address after one is funded.
  • Disclosure — checkfailprivacydisclosurespv: The default Electrum server is operated by Nunchuk Inc; mitigable via own server or node.
  • Network — checkpassprivacynetworksupporttorproxy: SOCKS5 proxy support in libnunchuk's Electrum client.

Features

bech32 hardware_wallet legacy_addresses multisig segwit taproot

  • bech32 — Native SegWit (bc1q…), confirmed in receive flow on both platforms.
  • segwit — Prerequisite for bech32; supported.
  • legacy_addresses — Confirmed in the AddressType enum (include/nunchuk.h: LEGACY), available as a selectable address type.
  • taproot — Taproot is offered as a selectable address type on wallet creation on both Android and Desktop, generating Bech32m (bc1p…) addresses. Verified hands-on on Android by creating a Taproot wallet and generating a bc1p address; confirmed in code via the AddressType::TAPROOT enum and is_taproot() / is_support_taproot() methods in include/nunchuk.h.
  • hardware_wallet — PSBT-based signing. Trezor support is vendored directly (trezor-firmware submodule) and Tapsigner support via the tap-protocol submodule; Trezor is a bitcoin.org-listed hardware wallet.
  • multisig — First-class multisig setups (m-of-n).

Features explicitly not claimed:

  • lightning — Verified absent in libnunchuk (no lightning/bolt11/payment_request references in src/ or include/) and in the UI. On-chain only.
  • 2fa — A Server Key co-signing mechanism exists but is gated behind paid subscription plans; not part of the standard self-custodial product. PIN/biometric guard app access but do not qualify as a spending second factor.
  • full_node — Supports connecting to a user-operated full node via Core RPC (BackendType::CORERPC, corerpc_host/port/... in src/dto/appsettings.cpp), in addition to the default Electrum backend (ElectrumSynchronizer). In both modes it is a client of the backend and does not maintain a local blockchain representation of its own.

Notes

  • HSTS: nunchuk.io serves Strict-Transport-Security: max-age=63072000; includeSubDomains; preload (verified 2026-06-24), exceeding the 1-year minimum and eligible for browser preload.
  • TLS / SSL Labs: Qualys SSL Labs grade B across all endpoints (verified 2026-06-24); TLS 1.3, TLS_AES_256_GCM_SHA384, Google Trust Services certificate.
  • Security headers (verified 2026-06-24): securityheaders.com grade A (capped at A; not A+ because two headers are missing). Content-Security-Policy (with frame-ancestors 'none'), HSTS, X-Frame-Options: DENY, and X-Content-Type-Options: nosniff are present; Referrer-Policy and Permissions-Policy are not set.
  • Release signing: Releases signed with GPG key 0x8C8ECD3F660CA53CD878792A6E38A462ED2EF525; verification documented in nunchuk-io/docs/build_instructions.md.
  • Bitcoin Core submodule: libnunchuk pins contrib/bitcoin at commit af78d36 (post-v30.0 master), verified via git ls-tree HEAD contrib/bitcoin. libsecp256k1 is vendored through this submodule.
  • No known CVEs: NVD returns 0 results for "nunchuk" (verified 2026-06-24). No independent security audit is published.
  • Desktop database encryption: The Desktop client offers an opt-in "Database Encryption" feature that protects the wallet database with a user passphrase. Verified in code: the UI calls enableDatabaseEncryptionnunchukSetPassphraseNunchukStorage::SetPassphrase, and the storage layer uses SQLCipher (#include <sqlcipher/sqlite3.h>, sqlite3_key() / sqlcipher_export() in src/storage/db.cpp). No explicit cipher PRAGMA is set, so SQLCipher's default configuration is used (AES-256). This feature is opt-in, not enabled by default. docs/managing-wallets.md lists "encrypt the wallet by default on desktop" among the basic requirements for desktop wallets. Nunchuk therefore provides standards-based encryption, but not by default. This note is included for review, and whether the opt-in approach satisfies the criterion is left to the bitcoin.org review process.

Adds Nunchuk wallet (https://nunchuk.io) covering iOS, Android, and Desktop (Windows/Mac/Linux). Coordinated with Hugo Nguyen (Nunchuk Inc CEO) via email. iOS included with closed-source transparency mark per developer preference; libnunchuk core is shared and open source across all platforms.
Listing scope reduced to Android and Desktop per coordination with the developer. Privacy score adjusted from 'good' to 'pass' on both platforms to reflect that the default Electrum server (mainnet.nunchuk.io) sees address queries; users can mitigate by pointing at user-operated Electrum or own-node setups.
Aligns with schema and with precedent from other Electrum-based wallets in the repo (Electrum, Mycelium, Edgewallet). The 'pass basic' classification reflects that Nunchuk satisfies the address-rotation requirement of the 'passing' Privacy criterion in managing-wallets.md, while the default Electrum server (mainnet.nunchuk.io) sees address queries by default.
Removes the Android entry from the wallet file and the now-unused mobile screenshot. The listing scope is reduced to the Desktop platforms (Windows, Mac, Linux), which is the only platform with hands-on testing in this submission. Android may be considered in a follow-up PR if direct testing becomes feasible.
Adds the Android entry (Google Play, github.com/nunchuk-io/nunchuk-android) with a 250x350 screenshot, and adds the taproot feature to both the Android and Desktop entries. Both platforms were exercised hands-on: Android on v2.5.3 (single-sig hot wallet creation, BIP39 seed backup and restore cycle, real on-chain receipt, bech32 and Taproot bc1p address generation, automatic address rotation), and Desktop on v2.5.0. Taproot is offered as a selectable address type on wallet creation on both platforms, generating Bech32m (bc1p) addresses.
@devdavidejesus

Copy link
Copy Markdown
Collaborator Author

Update: the PR now also covers Android (in addition to Desktop), and adds the taproot feature to both platforms.

Android (v2.5.3) was tested hands-on: hot wallet creation, BIP39 seed backup and restore cycle with real funds, on-chain receipt (22 confirmations), bech32 and Taproot (bc1p) address generation, and automatic address rotation.

The branch was rebased onto current master and the description has been updated accordingly.

@devdavidejesus

devdavidejesus commented Jun 24, 2026

Copy link
Copy Markdown
Collaborator Author

Nunchuk — Review for bitcoin.org listing

Wallet: Nunchuk
Developer: Nunchuk Inc. (Delaware, US; founded and led by Hugo Nguyen)
Tested versions: Desktop v2.5.0, Android v2.5.3 (build 330) — see Platform notes
Review version: 2026062401
Reviewer: Davi de Jesus


Summary

Nunchuk is an open-source, self-custodial Bitcoin wallet focused on multisig and collaborative custody. It is available on Desktop (Windows, Mac, Linux) and Android, and is built around libnunchuk, a C++ library that reuses Bitcoin Core directly as a git submodule. The product is on-chain only (no Lightning) and supports single-sig and multisig setups, hardware-wallet signing, coin control, Taproot, and inheritance/collaborative features.

This review is based on hands-on testing of the Desktop client (v2.5.0) and the Android client (v2.5.3, build 330), combined with source-code verification of libnunchuk and nunchuk-desktop performed on 2026-06-24.

Recommend listing under Mobile (Android) + Desktop (Windows, Mac, Linux), Level 2. Level 2 follows repository precedent: multisig-capable self-custodial wallets are listed at Level 2 (e.g. Sparrow, with the same feature set; also Electrum, Green, Coldcard, Jade, and others). Level 3 is reserved for hybrid/custodial cases. Level 1 is for full nodes that validate blocks by default, which Nunchuk does not.


Platform notes

Nunchuk's wallet logic, key handling, signing, and storage live in libnunchuk (C++), shared across all clients. The Android client (Kotlin) and Desktop client (QML/C++) are thin frontends over this shared core, so wallet-level behavior is consistent across platforms by construction.

  • nunchuk-io/libnunchuk — shared C++ core (vendors Bitcoin Core as contrib/bitcoin)
  • nunchuk-io/nunchuk-desktop — Desktop frontend (QML/C++)
  • nunchuk-io/nunchuk-android — Android frontend (Kotlin)

Both clients were exercised hands-on. Nunchuk released v2.6.0 on both platforms during the review window (Android android.2.6.0 on 2026-06-17, Desktop 2.6.0 on 2026-06-22); the behaviors documented here are structural (they derive from the shared core) and are not specific to the patch version tested.


Architecture

Nunchuk is self-custodial and on-chain only. The user holds a BIP39 seed; there is no custodial component in the standard product.

  • Validation: defaults to an Electrum server (mainnet.nunchuk.io), with first-class support for testnet, signet, custom Electrum servers, a user-operated Bitcoin Core node, custom SSL, and a TOR (SOCKS5) proxy.
  • Wallet types: single-sig and multisig (m-of-n); also Group (collaborative), Hot, Miniscript, and Taproot wallets, exposed on the creation screen.
  • Server Key / Assisted plans: a co-signing "Server Key" mechanism exists but is gated behind paid subscription plans; it is not part of the standard self-custodial product and is excluded from this listing's scoring profile.

Basic Requirements

Item numbering is the reviewer's, for organization only; it does not correspond to any numbering in docs/managing-wallets.md. Items follow the order in the source document, including the conditional branches that apply to Nunchuk (single/multisig, software wallet, exclusive private-key access, desktop platform).

# Requirement Status Note
1 Sufficient users/developers feedback without concerning issues, or independent security audit PASS Active public repositories: nunchuk-desktop (created 2021-05-31, 105 stars, 15 forks, 59 open issues) and nunchuk-android (created 2022-11-15, 77 stars, 7 forks, 57 open issues), both GPL-3.0, both actively pushed (last push 2026-06-22 / 2026-06-17). No independent security audit is published — flagged as parallel to the Phoenix precedent (#4714). Verified 2026-06-24.
2 No indication users have been harmed considerably PASS NVD returns 0 results for "nunchuk" (verified 2026-06-24). No known incidents.
3 No indication security issues concealed/ignored PASS Public issue trackers, public tagged releases (53 Desktop, 74 Android). Releases signed with GPG key 0x8C8ECD3F660CA53CD878792A6E38A462ED2EF525; verification process documented in nunchuk-io/docs/build_instructions.md.
4 No indication of unstable/insecure libraries PASS Core is libnunchuk (C++), which vendors Bitcoin Core directly (contrib/bitcoin submodule, pinned at af78d36, post-v30.0 master — verified via git ls-tree). libsecp256k1 comes via the Core submodule. Other vendored submodules: openssl, trezor-firmware, tap-protocol, bc-ur-cpp, bbqr-cpp.
5 No indication changes are not properly tested PASS Multi-year commit history, tagged releases across both repos, active maintenance.
6 Wallet publicly announced and released ≥ 3 months PASS Desktop public since 2021, Android since 2022. 53 + 74 tagged releases. Far beyond the 3-month minimum.
7 No concerning bug found when testing PASS Tested hands-on on Desktop v2.5.0 and Android v2.5.3: wallet creation, seed backup, full restore cycle, on-chain receive, address generation (bech32 and Taproot), settings navigation. No concerning bugs on either platform.
8 Bug reporting method on website and/or app PASS GitHub issue trackers on both repos; "Contact us" in the app's About screen; public support channels.
9 Website supports HTTPS and 301 redirects HTTP PASS nunchuk.io serves HTTPS (200) and 301-redirects HTTP → HTTPS; www.nunchuk.io 301s on HTTP and 308s to the apex on HTTPS. Verified via curl -sI -L on 2026-06-24.
10 SSL certificate passes Qualys SSL Labs test PASS Qualys SSL Labs grade B across all 6 endpoints (verified 2026-06-24, 14:18 UTC). TLS 1.3, TLS_AES_256_GCM_SHA384, Google Trust Services certificate. Grade B passes the test (not F/T); below the A tier. Separately, securityheaders.com rates the response headers A (capped at A; Referrer-Policy and Permissions-Policy absent), verified 2026-06-24, 14:54 UTC.
11 HSTS — new listings: max-age ≥ 1 year + preload + includeSubDomains PASS nunchuk.io serves Strict-Transport-Security: max-age=63072000; includeSubDomains; preload (2 years; verified 2026-06-24).
12 Identity of CEOs and/or developers is public PASS Hugo Nguyen (CEO, Nunchuk Inc.) is publicly identified — active on GitHub, X (@hugomofn / @nunchuk_io), Medium, and external press. Company copyright "Nunchuk Inc." (Delaware, US).
13 Avoid address reuse — new receiving address per transaction (UI) PASS Verified empirically on Android: after a real on-chain receive (0.00014932 BTC, 22 confirmations), the app automatically presented a fresh unused address and moved the funded one to a "Used" tab, with an in-app note that reusing addresses is not recommended. Bech32 (bc1q…) is the default receive format.
14 Avoid address reuse — new change address per transaction PASS BIP84 derivation (HD wallet via Bitcoin Core's wallet code in libnunchuk). New change address per transaction is standard HD behavior. Not isolated empirically in this review (testing was receive-side; no change-producing spend was exercised). Same evidence pattern as Phoenix (#4714) and ZEUS.
15 Does not show "received from" addresses in the UI PASS Verified empirically on Android. After receiving on-chain, the transaction detail screen shows the wallet's own receive address, amount, fees, status, and timestamp — but does not display the sender's ("received from") address.
16 Uses deterministic ECDSA nonces (RFC 6979) PASS Signing uses libsecp256k1 (vendored via the Bitcoin Core submodule), which implements RFC 6979 by specification. Code references secp256k1.h, secp256k1_schnorrsig.h, etc. Not bit-level verified (the app does not expose nonce inspection from the UI). Same evidence pattern accepted in Eclair (#2808), Phoenix (#4714), and ZEUS.
17 User has access to private keys for all major components PASS Fully self-custodial in the standard product. User holds the BIP39 seed. The Server Key (paid plans) is the only co-signing component and is excluded from this listing's scope.
18 If keys stored online — refuses weak passwords / lock-out N/A Keys are held on-device; the seed is the user's local responsibility. Not an online-key-storage product in its standard modes.
19 Supports HD wallets (BIP32) PASS HD wallet; BIP84 (m/84h/0h/0h) confirmed in Desktop Wallet Config. A single seed backs the whole wallet.
20 Backup of wallet allowed (seed on setup) PASS BIP39 seed shown for backup on creation, with an explicit write-it-down prompt. Verified hands-on on both platforms.
21 Restoring wallet from backup works PASS Verified empirically on both platforms (end-to-end, including with real funds on Android): seed written down → wallet deleted → recovered via "Recover existing wallet" → identical address, balance, and history reconstructed.
22 Source code public, version-controlled, up to date PASS libnunchuk, nunchuk-desktop, nunchuk-android all public on GitHub under GPL-3.0, actively maintained, full commit history, tagged releases.
23 Multi-sig with non-self-controlled keys (2FA, session, etc.) N/A Nunchuk multisig is self-custodial (user controls the keys). The Server Key co-signing mechanism (paid plans) is out of scope for this listing.
24 Hardware wallet requirements N/A Nunchuk is a software wallet. It interoperates with hardware wallets (PSBT / HWI; Trezor and Tapsigner support vendored in libnunchuk), but the wallet itself is software.
25 App-level access control (additional, beyond OS) PASS Settings → Security offers PIN and biometric (opt-in). OS-level isolation provides the base layer on Android; the in-app controls are additional.
D1 Desktop: Encrypt the wallet by default PARTIAL — for review process The Desktop client offers an opt-in "Database Encryption" feature that protects the wallet database with a user passphrase. Verified in code: the UI calls enableDatabaseEncryptionnunchukSetPassphraseNunchukStorage::SetPassphrase, and the storage layer uses SQLCipher (#include <sqlcipher/sqlite3.h>, sqlite3_key() / sqlcipher_export() in src/storage/db.cpp). No explicit cipher PRAGMA is set, so SQLCipher's default configuration is used (AES-256). This feature is opt-in, not enabled by default. docs/managing-wallets.md lists "encrypt the wallet by default on desktop" among the basic requirements for desktop wallets. Nunchuk therefore provides standards-based encryption, but not by default. This note is included for review, and whether the opt-in approach satisfies the criterion is left to the bitcoin.org review process.
D2 Desktop: Strong KDF and key stretching for storage/backups PASS (when enabled) When Database Encryption is enabled, storage uses SQLCipher's default configuration (PBKDF2-HMAC key derivation and AES-256). Tied to D1 (opt-in).

Score decisions

# Android: environment = checkpassenvironmentmobile
# Desktop: environment = checkfailenvironmentdesktop
# all other scores identical across both platforms

check:
  control: "checkgoodcontrolfull"
  validation: "checkpassvalidationservers"
  transparency: "checkpasstransparencyopensource"
  environment: "checkpassenvironmentmobile"   # desktop: checkfailenvironmentdesktop
  privacy: "checkpassprivacybasic"
  fees: "checkgoodfeecontrolfull"

privacycheck:
  privacyaddressreuse: "checkpassprivacyaddressrotation"
  privacydisclosure: "checkfailprivacydisclosurespv"
  privacynetwork: "checkpassprivacynetworksupporttorproxy"

Justifications

control: checkgoodcontrolfull — Self-custodial; the user holds the BIP39 seed. No third party can move funds in the standard product. The Server Key (paid plans) is out of scope.

validation: checkpassvalidationservers — Defaults to an Electrum server (mainnet.nunchuk.io); supports user-operated Electrum servers and a Bitcoin Core node. Confirmed in code: src/backend/synchronizer.cpp selects between ElectrumSynchronizer (default) and a Core RPC backend (BackendType::CORERPC). SPV/server trust model — passing tier, not "good" (not a default full node).

transparency: checkpasstransparencyopensource — GPL-3.0, public since 2021/2022 (well beyond 6 months), tagged releases, full history. Reproducible/deterministic verification of the current line was not performed in this review, so the score is kept at the open-source tier rather than the deterministic tier.

environment — Android checkpassenvironmentmobile (OS app isolation + optional PIN/biometric). Desktop checkfailenvironmentdesktop (desktop environments allow other apps to be installed; no app isolation).

privacy: checkpassprivacybasic — Address rotation confirmed hands-on (fresh address after a receive). Tor (SOCKS5) supported. But the default Electrum server (mainnet.nunchuk.io) sees address queries; mitigable via own server/node. Passing-basic, not "good".

fees: checkgoodfeecontrolfull — Economy/Standard/Priority tiers, Anti-Fee Sniping, automatic fee selection for multi-policy transactions.

privacyaddressreuse: checkpassprivacyaddressrotation — Verified hands-on (Used/Unused address tabs; fresh address generated after funding).

privacydisclosure: checkfailprivacydisclosurespv — Default Electrum server is operated by Nunchuk Inc; on-chain queries disclosed to it by default. Mitigable via own server/node. Same precedent as Phoenix / ZEUS.

privacynetwork: checkpassprivacynetworksupporttorproxy — SOCKS5/Tor proxy support in libnunchuk's Electrum client; TOR proxy exposed in Desktop Network settings.


Features

bech32 hardware_wallet legacy_addresses multisig segwit taproot

  • bech32 / segwit — Native SegWit (bc1q…) is the default; confirmed in receive flow on both platforms.
  • legacy_addressesAddressType::LEGACY in include/nunchuk.h; selectable address type.
  • taproot — Selectable address type on wallet creation on both platforms; verified hands-on on Android by creating a Taproot wallet and generating a Bech32m (bc1p…) address. Confirmed in code: AddressType::TAPROOT, is_taproot(), is_support_taproot().
  • hardware_wallet — PSBT signing; Trezor vendored (trezor-firmware submodule, Trezor is bitcoin.org-listed) and Tapsigner via tap-protocol.
  • multisig — First-class m-of-n multisig.

Not claimed: lightning (verified absent in libnunchuk src//include/ and in the UI; on-chain only), 2fa (Server Key gated to paid plans; PIN/biometric are not a spending second factor), full_node (can connect to a user-operated node via Core RPC — BackendType::CORERPC in src/backend/synchronizer.cpp, corerpc_* settings — alongside the default Electrum backend; in both modes it is a backend client and does not maintain a local blockchain representation).


Items not verified in this review

For full transparency:

  • Send flow / change output — Testing was receive-side. No change-producing spend was exercised; item 14 rests on BIP84 HD design, not empirical isolation (same pattern as Phoenix / ZEUS).
  • Hardware wallet, hands-on — Hardware-wallet integration UI is present and Trezor/Tapsigner support is vendored in code, but no physical device was tested.
  • RFC 6979, empirical — Confirmed via libsecp256k1 specification, not bit-level.
  • Deterministic / reproducible build — Not performed; transparency kept at the open-source tier.
  • SQLCipher version / cipher parameters — SQLCipher is confirmed in code (sqlite3_key, sqlcipher_export), with no explicit cipher PRAGMA (default configuration). AES-256 is SQLCipher's default cipher; the exact linked SQLCipher version is set at build time and was not separately pinned in this review.
  • v2.6.0 — Released during the review window; not re-tested. Documented behaviors are structural (shared core).

Final status

All applicable Basic Requirements are met, with one item flagged for maintainer decision:

  • Desktop "encrypt the wallet by default" (D1) — encryption is present (SQLCipher, default configuration / AES-256, verified in code) but opt-in, not default. This note is included for review; whether the opt-in approach satisfies the criterion is left to the bitcoin.org review process.

Scoring, features, and assets are documented above. Listing recommended under Mobile (Android) + Desktop, Level 2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants