WalletScrutiny

• Name: WalletScrutiny
• URL: https://walletscrutiny.com/
• Category: wallet transparency and verification infrastructure / reproducible-build review registry / Bitcoin wallet security benchmarking
• Tags: bitcoin-ecosystem
• Summary: WalletScrutiny is a public wallet-verification registry. Useful, but keep it in proportion: the product is verdict buckets, release checks, and reproducible-build discipline, not a broad wallet-security control plane.
• What it does:
  • Maintains a large public registry of wallet reviews and verdict buckets such as fully reproducible, source-available-but-unverified, custodial IOU, missing source code, key-handling problems, fake, and pending review
  • Publishes a detailed methodology covering release status, custody model, source availability, key exposure, interface trustworthiness, and reproducibility signals
  • Treats binary and source verification as a first-class security property instead of relying on vendor self-description
  • Operates a public codebase for the site and review data, with docs for build verifications and automation around new wallet releases
  • Uses Nostr to publish decentralized build verifications, including signed confirmations or denials that compiled binaries match distributed artifacts
• Key claims:
  • The homepage says WalletScrutiny runs 17 tests across wallet categories and publicly tracks thousands of wallets using verdicts such as reproducible, custodial IOU, missing source, key-handling issues, fake, and pending review
  • The methodology makes current source code a gating requirement because a wallet without current source can always ask users to trust the provider blindly
  • The project treats reproducible builds and custody classification as the useful dividing lines, which is why it reads more like a public verification registry than a review blog
  • The verifications page says users can independently reproduce binaries from source and publish signed build-verification messages on Nostr
  • The public repository documents a build-server component for automatic verification workflows when new wallet releases appear
• Whitepaper: No canonical WalletScrutiny whitepaper or litepaper surfaced in this pass. The clearest current sources of truth were the official site, methodology and verification pages, and the public repository backing the registry; see ../whitepapers/wallet-scrutiny-primary-sources-2026-05-01.md.
• Sources:
  • https://walletscrutiny.com/
  • https://walletscrutiny.com/methodology/
  • https://walletscrutiny.com/verifications/
  • https://github.com/WalletScrutiny/walletScrutinyCom

Internal linkages

• Best upward reads: coinkite, foundation-devices, and trezor.
• The useful comparison is not another security vendor. It is which signer stacks make firmware provenance, source availability, and release verification legible enough that a registry like this has less interpretive work to do.

Control surface

• The soft power sits in verdict definitions, review timeliness, coverage choices, and how hard the project keeps the reproducible-build bar.

• The checklist is the product. Once outsiders use those buckets as shorthand, WalletScrutiny helps decide which wallet trust claims count and which do not.

• Last reviewed: 2026-06-04 UTC