Coin Wallet Android

Coin Wallet

Android
·
v6.20.0
·
Last updated on Dec 12, 2025

Also on

iOS

Security Score

50.6

dApp Permissions

30.6 / 35

Confirmation for requests from WalletConnect

9.0 / 9.0
Description
Requires user confirmation for requests from WalletConnect before granting dApp access to specific RPC methods.
- The wallet implements Wallet Connect and it requires user confirmation before processing each request to the following RPC endpoints: wallet_addEthereumChain, wallet_watchAsset, eth_decrypt, eth_getEncryptionPublicKey, eth_signTypedData*, personal_sign, eth_sendTransaction.
  — Verified by Sebastian Camia at Coinspect
Evidence · 4 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
User confirmation for requests from embedded browser

7.9 / 7.9
Description
Requires user confirmation before processing privileged RPC requests from embedded browsers.
- The wallet does not feature an embedded browser.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Wallet unlock before requests

5.5 / 5.5
Description
Requires users to unlock it before processing dApp requests when in a locked state.
- The wallet disconnects from the dApp immediately after exiting the WalletConnect section.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Mismatching EIP-712 chainId detection

3.5 / 3.5
Description
Alerts users or rejects signing EIP-712 messages with a mismatched chain ID.
- The wallet fails to process signing requests using the `signTypedData` method, indicating the feature may be broken.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
eth_sign method disabled

3.3 / 3.3
Description
Restricts the use of the deprecated and insecure eth_sign method by default.
- The wallet allows the use of the eth_sign method but internally converts it to personal_sign with the message encoded as bytes.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Mismatching SIWE domain detection

0.0 / 1.8
Description
Warns users when the domain in a Sign-In with Ethereum (EIP-4361) message does not match the requesting dApp's origin.
- The wallet does not warn users of a domain or scheme mismatch when signing an EIP-4361 (Sign in With Ethereum - SIWE) message.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Connected dApp management

1.5 / 1.5
Description
Allows users to list and revoke connected dApps.
- The wallet allows only one active connection at a time and provides a disconnect button, enabling effective access revocation when desired.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Token approval management

0.0 / 1.5
Description
Allows users to view and revoke token approvals.
- The wallet does not offer the ability to list and revoke token approvals, via in-app functionality or links to external dApps.
  — Verified by Sebastian Camia at Coinspect
Evidence · 3 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
User confirmation before switching chains

0.0 / 1.1
Description
Requires user confirmation before switching the active chain.
- The wallet does not prompt the user for confirmation when switching networks, and it does not have a connection dialog to provide a way to modify networks.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Nov 14, 2025
Report an issue with this check

Intent Verification

6.5 / 25

Transaction simulation

0.0 / 6.7
Description
Previews the expected outcome by simulating the request execution on the blockchain before signing.
- It fails to show the incomes and outcomes of the transaction.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Clear token approval dialog

0.0 / 6.7
Description
Clearly displays all the key details for ERC-20 Approve requests.
- The interface lacks essential information in the approval view—no token, amount, spender address, or other key details are displayed.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Clear message signing dialog

3.8 / 3.8
Description
Clearly displays all message signature request details without truncating or hiding information.
- The wallet does not truncate large messages when signing a personal sign request and also displays the verifying contract of an EIP-712 object.
  — Verified by Sebastian Camia at Coinspect
Evidence · 4 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
EIP-712 message parsing

0.0 / 2.4
Description
Displays human-readable details for EIP-712 signature requests from well-known protocols.
- The wallet does not parse EIP-712 objects and instead displays the raw, unparsed data.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Invalid address checksum detection

0.0 / 2.2
Description
Warns users when they input addresses with invalid EIP-55 checksums.
- The wallet does not process transactions with invalid checksum addresses when they are initiated through a dApp. However, it allows users to manually send transactions to invalid checksum addresses when entered directly.
  — Verified by Sebastian Camia at Coinspect
Evidence · 4 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Mandatory message review

2.1 / 2.1
Description
Requires users to review all the details before signing a message.
- The wallet requires users to scroll down to the end of a large message in a personal sign or an EIP-712 object before displaying the Sign button.
  — Verified by Sebastian Camia at Coinspect
Evidence · 4 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Links to blockchain explorers

0.6 / 1.2
Description
Consistently provides clickable links to block explorers for all key blockchain identifiers.
- The wallet includes clickable links when viewing transaction history but does not provide any within the transaction details view.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check

Physical Access

12.3 / 20

Seed phrase access control

5.4 / 5.4
Description
Requires authentication to access seed phrases or private keys.
- The wallet enforces authentication before displaying the private keys.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Manual wallet lock

0.0 / 3.9
Description
Allows users to lock it manually.
- The wallet does not feature a manual lock button.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Automatic wallet lock

0.0 / 3.9
Description
Verifies wallet auto-locks on inactivity, device lock, or background.
- The wallet does not lock itself after one minute of inactivity or when the device gets locked. It also lacks an auto-lock settings option.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Robust Authentication

3.3 / 3.3
Description
Uses strong authentication, such as resistance to trivial or commonly-used passwords. Including biometrics and rate limiting in mobile.
- The wallet allows easy-to-guess passphrases, but it rate limits attempts to 3. After three failed attempts, the user will lose access to their account and will have to set up the wallet again.
  — Verified by Sebastian Camia at Coinspect
Evidence · 3 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Clipboard seed phrase leak prevention

1.8 / 1.8
Description
Limits exposure of secrets by restricting or warning on copying seed phrases or taking screenshots.
- The wallet does not support seed phrase backup: only private keys.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Seed phrase access warning

1.8 / 1.8
Description
Warns users of the risk before allowing access to seed phrases or private keys.
- The wallet warns users about the risks associated with sharing or revealing the private keys.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check

Threat Prevention

1.3 / 20

Phishing dApp detection

0.0 / 5.1
Description
Prevents or alerts users about interactions with a known malicious URL.
- The wallet allows connections after scanning a WalletConnect QR code and pressing “Connect” within the app. However, it does not display any connection dialog or confirmation prompt before establishing the connection.
  — Verified by Sebastian Camia at Coinspect
Evidence · 3 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
Malicious address detection

0.0 / 5.1
Description
Prevents or alerts users about interactions with a known malicious address.
- The wallet does not warn or prevent users from interacting with a known phishing address, such as the Tornado Cash attacker.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Trusted dApp detection

0.0 / 3.3
Description
Informs users when interacting with a trusted dApp URL.
- The wallet allows connections after scanning a WalletConnect QR code and pressing “Connect” within the app without prompting a connection dialog.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Unknown address detection

0.0 / 2.8
Description
Warns users when interacting with an unknown address.
- The wallet does not warn users when they are not interacting with a previously known or trusted address.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Nov 17, 2025
Report an issue with this check
Full dApp URL display

0.0 / 1.5
Description
Clearly displays the full dApp URL in the connection prompt.
- The wallet allows connections after scanning a WalletConnect QR code and pressing “Connect” within the app without prompting a connection dialog.
  — Verified by Sebastian Camia at Coinspect
Evidence · 1 screenshot

Last updated on Oct 21, 2025
Report an issue with this check
Malicious or spam token filtering

1.3 / 1.3
Description
Hides malicious tokens and NFTs by default.
- The wallet does not feature an NFT section. It only displays a set of predefined tokens, allowing users to manually add additional ones if desired.
  — Verified by Sebastian Camia at Coinspect
Evidence · 3 screenshots

Last updated on Oct 21, 2025
Report an issue with this check
dApp access disclosure dialog

0.0 / 1.0
Description
Informs dApp access to balances, history, and signing requests on connection.
- The wallet allows connections after scanning a WalletConnect QR code and pressing “Connect” within the app without prompting a connection dialog.
  — Verified by Sebastian Camia at Coinspect
Evidence · 2 screenshots

Last updated on Oct 21, 2025
Report an issue with this check

This ranking is for informational purposes only. It should not be relied on to provide legal, tax, financial, investment, or other types of advice. Coinspect does not guarantee or warrant the accuracy, completeness, timeliness, suitability, or validity of the information provided and will not be responsible for any claim attributable to reliance on errors, omissions, or other inaccuracies of any part of such information.