Blockstream Green Wallet Review & Guide | Bitcoin Wallet on Mobile & Desktop
Blockstream Green is a non-custodial, bitcoin-focused* wallet developed by Blockstream. Blockstream is heavily involved in a number of aspects of the Bitcoin ecosystem and they used their expertise to give life to an all-round well-polished bitcoin wallet. Blockstream Green has a clean user interface and a very complete set of usability, security as well as some privacy features which make up for a good user experience both for beginners and advanced users.
Cryptotesters reviewed the wallet and its features from the most basic to the most advanced. We covered usability, security and privacy features.
Mục lục bài viết
Wallet Usability
Blockstream Green can be downloaded on all major mobile and desktop operating systems (Android, iOS, Windows, macOS, and Linux). The app is available internationally and has been translated in the following 11 languages: Chinese, Dutch, English, French, German, Italian, Japanese, Korean, Russian, Spanish, Ukrainian.
Onboarding experience and first impressions
When launching the app for the first time, you are welcomed by a simple and straightforward screen prompting you to either create a new wallet or restore one you previously created. Some other more advanced features are accessible from this first screen but they are hidden away to keep the first screen free from clutter. We will come back to these more advanced features such as Bitcoin Testnet and Liquid wallets later.
When you create a new wallet, the app will request you to safeguard your wallet recovery seed first and provide a set of safety best practices before asking you to write down the 24 words. There is a debate in the crypto sphere on whether this required action should be presented to the user before they access the wallet, which might hurt the user on-boarding experience or at a later point once they have become more accustomed to the wallet. Blockstream opted to stick with the safe approach but has made an effort to keep the process short and smooth. The words are displayed in four sets of six and once they have all been shown, the user is prompted to re-enter some of the words to ensure they were written down properly.
Next, the user must set up the authentication methods which will be used to access the wallet on a daily basis. During the wallet setup, entering a 6-digit wallet PIN is mandatory, while Two-Factor authentication (aka 2FA) methods are optional. However, both can be activated/deactivated or changed later on. Blockstream Green gives you the choice between four different 2FA methods: email, SMS, Call and Google Authenticator. It’s possible to activate several options which could turn out being a very useful feature in case one of the methods becomes unavailable (like losing your phone).
To conclude, the on-boarding process is overall smooth and simple, even for beginners that may have never used a bitcoin wallet before.
Send/Receive
Once your wallet is set up, you will get access to the account screen showing your current balance with the option to send or receive a payment. You can select from 26 different fiat currencies to display the value of your current balance, including USD, EUR, GBP or SGD, and you can select amongst several price sources, in case you may have a preferred exchange or think one is a more reliable price feed.
To send a transaction you must either paste the destination bitcoin address or scan its QR code, a very common approach in cryptocurrency wallets. Next, the user enters the amount and chooses the priority of the transaction. Blockstream Green automatically computes the required fee for three levels of priority. The first one is “Fast” for a confirmation time of about 30 minutes, then “Medium” for 2 hours and finally “Slow” for 4 hours. That’s a nice touch by Blockstream as it takes away some of the complexity of choosing the correct transaction fees and also prevents the user from automatically over-paying or under-paying for their transactions. Note, the above confirmation times are estimates. The actual confirmation times might be longer, or shorter, depending on the traffic the bitcoin network is experiencing.
To receive funds, the user may click the “Receive” button which reveals a public address and the corresponding QR code. The “amount” field is optional but may be used to create an invoice and embed the amount requested in the QR code. Moreover, the wallet uses something called Hierarchical Deterministic (HD) key creation which generates a new bitcoin address every time you wish to receive funds. It’s a must in bitcoin best-practices and it’s a very good point for Blockstream Green.
Both send and receive functionalities are clear and straightforward. The UI does seem a little outdated at times compared to some other wallets currently on the market.
Transaction memos
After sending or receiving a transaction you can click on it from the main account screen to view some additional details. There, the user can add a note to the transaction to, for example, remind himself where it came from or what it paid for at a later date. This comes in handy as it’s hard to remember the details of a transaction weeks later solely based on the amount and the receiver bitcoin address.
Watch-only Wallet
This is a functionality we’d love to see in more bitcoin wallets. Watch-only wallets lets you check the current balance and transactions of your wallet without importing its private key, thus not enabling the send option. If you do not wish to go through the PIN and 2FA everytime you simply want to check your balance, you can create a less secure login for your watch-only wallet and keep your peace of mind knowing your wallet funds are secure. However, you will not be able to initiate any transactions for that wallet as your key is not imported: it simply reads the account balance from the blockchain and displays it in the Blockstream Green interface for your convenience.
SegWit Address
You may notice the address Blockstream generates for you when you hit the “Receive” button begins with a “3”, which is characteristic of a Segregated Witness (or SegWit) address, one of the three bitcoin address types. The two other address types are the legacy addresses starting with “1” and the native SegWit addresses starting with “bc1”. Each address type has a different way of storing transaction data making it more or less efficient. A more efficient address means that it takes up less space in a bitcoin block and thus costs less fees. The Segwit address type is the second most efficient address type (just after native SegWit). Although it is great the Blockstream Green has integrated SegWit, it is not the state of the art in bitcoin development and users could save up slightly more on transaction fees if the wallet upgraded the address types to native SegWit.
Moreover, Blockstream Green does not offer the option to select the address type generated by the wallet. This is a clear downside for power users who may want that freedom of choice. In some situations selecting the correct address type allows you to maintain good privacy. For example, if you need to send a payment to a legacy address, you may wish to send the transaction from a legacy address too so that chain analysis software cannot easily distinguish the destination address in the transaction outputs.
Custom Transaction Fees
Users that are more familiar with the way bitcoin works and want to optimise their fees can do so through the custom transaction fee field when constructing their transaction. The custom fee is expressed in satoshi / vbyte and can be set to any value, either a very low one to save on fees and sacrifice some speed, or on a very high one if they want a confirmation time faster than the 30 minutes offered by the default “Fast” option.
In addition, the wallet activates Replace-By-Fee (RBF) by default. RBF is a feature which lets you update the transaction fees once your transaction is already in the memory pool but has not been validated by a miner yet, it is much appreciated by advanced users. Sometimes you realise you tried to over-optimize your transaction fees and the transaction is never picked up by miners. In such a situation and without RBF enabled, it’s impossible to give your fees a little boost and you find yourself stuck waiting. When the network is very active and there are a lot of unconfirmed transactions, this may even mean waiting for days, or weeks. The team has informed us a future version of the wallet will let users activate/deactivate this option at will.
Testnet Wallet
The app lets the user choose a second type of account which uses Testnet Bitcoin. Testnet Bitcoin is basically a Bitcoin clone, it has the exact same properties as bitcoin but is only intended for testing. The testnet bitcoins have no value and can be obtained from a number of faucets (see Testnet – Bitcoin Wiki for more details). The purpose of a testnet account is to let users try out all the wallet functionalities without having to worry about losing funds or paying fees or even having to deposit real funds onto the wallet.
It’s a great feature and Blockstream took the right decision to include it in their wallet. We included this in the advanced features section simply because we want to avoid confusing some new users. And this is the slightly ironic aspect of this feature. Although it is intended for new users, it’s also less understood by them and can lead to confusion.
Hardware support with Multisig account option
The wallet offers support for most popular hardware wallets, namely Ledger Nano S/X and Trezor One/Model T. Keep in mind however, that not all account types support hardware wallets, or rather not all hardware wallets support the account types offered by Blockstream Green such as Testnet or Liquid (which we will come back to later on).
Wallets in Blockstream Green are 2-of-2 multi-signature by default. This adds another layer of security to the wallet. A standard wallet stores one of the two keys on the user’s device and the second one on the Blockstream Green server. For added security, the hardware wallets can be used to store the first key of the 2-of-2 multi-signature wallet instead of keeping it on the device.
Security
We mentioned the 6-digit PIN in the on-boarding section above. Setting up your PIN is part of the initial setup of the wallet and is required every time you wish to get access to your funds. After setting up your wallet, you can remove the PIN altogether, in which case you will need the 24 seed words for each login. The wallet also has the option to login with the phone biometrics such as the fingerprint scanner or FaceID.
The wallet also has a default logout functionality which logs you out automatically after a certain period of time has passed. The default is set to 5 minutes but the user can change it to 1, 2, 10 or 60 minutes.
Secure private key / recovery with seed
We also mentioned the recovery seed in the onboarding section. The wallet uses the popular 24-words mnemonic recovery seed. You never have to worry about saving the private key of each individual public address your wallet generates. The mnemonic recovery seed lets you recover all your funds in case you lose your device or forget your wallet PIN.
Login 2FA authentication: email, SMS, call, Google Auth
Again, this security feature was mentioned in the on-boarding section. It is not a coincidence that all three basic security features are shown to the user from the outset. This shows Blockstream Green puts a lot of emphasis on the security of your wallet and wants to make sure you get it fully set up before depositing funds into it. As a reminder, Blockstream Green lets you activate one or more 2FA methods amongst email, a call, an SMS or Google Authentication. The first three are pretty self explanatory but you might not be familiar with the fourth one if you are new to security best practices. In short, Google Authentication is an application which generates a (usually) 6-digit code and refreshes it every 30 seconds. If you activate Google Auth on your wallet, it will prompt you to enter this 6-digit code for every important action, such as logging in or, if you have Blockstream Green signature active, sending a transaction (more on this later on). These 2FA methods intend to make it harder for thieves to get access to your funds even if they have your phone or find your mnemonic phrase.
However, you should be careful with setting up 2FA methods on the same device as the one where your wallet is installed. 2FA would prevent theft if someone had access to your mnemonic phrase and tried to access your wallet from another device. But, if someone had access to your phone and knew your PIN, it is likely none of these methods are going to prevent theft if you have them on the same phone. Indeed, that would mean you’d receive the SMS/Call/email or have the Google Authentication app on the same device. Therefore, we do recommend that you point your 2FA methods to a different device such as a backup phone or an email address that does not have your credentials saved on your phone if you truly want the best security you can get.
Blockstream Green Multisig
The Blockstream Green multi-signature scheme is a unique feature developed by Blockstream to secure users’ funds even more. In short, this functionality creates two keys which are both required to approve a transaction and send funds out of your wallet.
For each transaction, two unique signatures are derived from their respective private key. The first signature is derived from the private key stored locally on the user’s device (that private key is encrypted and can only be decrypted using the PIN or quick login method). The second signature is derived and requested from the second private key stored on Blockstream’s servers. Essentially, Blockstream Green automatically creates a multi-sig wallet with Blockstream as a co-signer. If 2FA is active, the wallet will prompt the user to complete one of the 2FA methods and, if completed successfully, will send a request to the Blockstream servers to provide the missing piece. If 2FA is not active, the missing piece will be sent over automatically.
This feature is active by default on the app and cannot be deactivated. It is indeed great to reduce the chances that you get hacked but keep in mind this reduces the control over your funds from trustless to trust-minimized as it introduces a third party into the approval of the transaction.
However, Blockstream implemented this feature in a very smart way by implementing so-called “timelocks” on your transactions. This means that in case you cannot access the second piece of the signature, you will still be able to access them after a certain period of time (90 days by default) has passed. This greatly reduces the risk that you get completely locked out of your wallet if the Blockstream servers were to burn down or if the company was to shut down and disappear. Note that this forces you to move your funds to a different wallet address (you own) every time the timeout period expires, otherwise your funds are no longer secured by Blockstream Green’s multisig.
Unfortunately, the timelock parameter cannot currently be changed from the mobile Wallet, only from the Desktop Wallet. However, the development team has informed us a new version of the app is on its way which will enable users to change that setting from the app too.
The Blockstream Green multisig mechanism also has a spending threshold parameter. The user can select a transaction threshold value below which the second signature is not required. You can think of it like the contactless payment on your bank card which does not require a PIN for amounts summing up to less than 20 euros.
SPV synchronization
SPV stands for Simplified Payment Verification. An SPV wallet refers to a wallet that does not verify the Bitcoin blockchain itself and instead relies on an external bitcoin node to validate that each block contains valid transactions. It essentially trusts that node to verify the protocol rules and only checks whether a transaction has been included in one of the external node’s local copy of the Blockchain to validate whether that transaction is valid.
This wallet architecture is adopted by the vast majority of wallets to make the wallets more user-friendly. Since running a full node requires some technical knowledge and would be too big of a barrier for most new users, an SPV wallet takes away that complexity at the cost of some required trust between the wallet user and the SPV node.
The Blockstream Green wallet is an SPV wallet and, by default, is connected to one of Blockstream’s bitcoin nodes for validation. The SPV synchronization feature allows users to select other sources of validation by connecting to different nodes (including your own if you have it setup) and specify which sources you trust. This feature aims to reduce the level of trust the user has to give to Blockstream’s node and improves the security of your funds in case their node was ever compromised.
Wallet Privacy
Tor accessibility
Remember we mentioned earlier that there were some advanced hidden options when creating a new wallet? Well, one of them is the Tor accessibility option. In case you don’t know about Tor, it is basically a peer-to-peer network which lets you browse privately, hiding your IP address by routing your traffic through so-called “onion routers”. This feature is a must for any wallet that claims to be conscious about their user’s privacy.
The Blockstream Green wallet allows the user to enable Tor by the simple click of a button (or toggle in this case). There is no additional setup or software required on the user’s end, it’s all built-in to the app! We recommend that you always activate Tor whenever you are using your wallet. The only downside to using Tor is a slightly longer login time since the request has to go through the Tor network nodes but it is a small price to pay for improved privacy.
Liquid support
Liquid is a Bitcoin sidechain developed by Blockstream. Sidechains are like “child” blockchains which enable some new functionalities on top of the “parent” blockchain, usually with some security or decentralisation trade-off.
The Liquid sidechain issues L-BTCs which are fully backed by actual BTC, meaning that for each L-BTC there is an equivalent Bitcoin locked up for it. Liquid enables some extra features, for example enabling the settlement of transactions between wallets and exchanges in as little as 2 minutes. It also offers some privacy features such as Confidential Transactions which obfuscate the amount and type of asset sent in a transaction. Liquid also supports the issuance of new assets in addition to L-BTC, all interacting on the same sidechain.
The Blockstream Green wallet offers full support for any assets issued on the Liquid Network, including L-BTC. For the most part it shares all the functionalities of the Bitcoin wallet with the addition of the Liquid Securities Account to store other token types. Check out the official documentation for more details on the Liquid Network and Liquid Wallet.
Support
Although not directly tied to the wallet functionalities, support is an important part of the user experience. A reactive and helpful support might be the difference between a good and a great wallet. During this review, Cryptotesters got in touch with the Blockstream Green wallet to enquire some additional information on features of the wallet. The support is not real-time, but the team responded within a few working days and provided all the information in a clear way. Very good experience on our end!
Did you have a different experience? Tag us on Twitter @cryptotesters to share it with us.
Conclusion
The Blockstream Green wallet is one of the most well-balanced non-custodial bitcoin-focused wallets currently available on the market. It’s got a simple, intuitive UX/UI, some unique security features such as the default multisig and a good set of basic privacy features such as Tor. Blockstream is heavily involved in the Bitcoin ecosystem doing a lot of work for the Lightning Networkecosystem. They implemented c-lightning and are actively contributing to Lightning’s development. We hope someday this expertise will come to life in Blockstream Green in the form of support for Lightning payments. If they can implement this functionality as well as some more advanced privacy features, such as coinjoin, as smoothly as the features currently available on their wallet, this could become the most beginner friendly yet advanced wallet on the market.