Blog posts about vendors claim to be open-source but either dont publish sources at all or publish under non OSI license

Vendors who claim to be open-source but don't publish source at all or for recent versions:

1. Trust Wallet 10M Downloads

https://play.google.com/store/apps/details?id=com.wallet.crypto.trustapp

CEO of binance claim it's open source https://twitter.com/cz_binance/status/1591804907702874113

binance bought trust wallet at 2018 https://www.binance.com/en/support/announcement/binance-acquires-trust-wallet-a-secure-mobile-crypto-wallet-360010790652, trust wallet is closed source since 2018.

they do publish a library that they use in trust wallet app as oss, which other projects use as well, some of them listed under projects section in the wallet-core library repo: https://github.com/trustwallet/wallet-core/#projects

many people ask for clarifications: https://twitter.com/dizzanxietytho/status/1591690531821981697

quotes of binance tweet: https://twitter.com/gokhshteinmedia/status/1592156220441661441

trust wallet also published bullshit excuse of why they stopped publishing source: https://trustwallet.medium.com/why-open-sourcing-android-app-could-be-a-harm-to-the-crypto-community-fb3ae1707dc6

as fake apps are uploaded to store for closed source wallets as well, and from the many fake apps I found, most of them were for exodus and jaxx wallets. There were several fake wallets of trust in last years, examples of appids:

• https://play.google.com/store/apps/details?id=com.TipsCryptoWallet.nvcvi
• https://play.google.com/store/apps/details?id=il.trust_wallet.walletnettrust
• https://play.google.com/store/apps/details?id=com.trade.trust

Which I suggest to blog post about it as well (bullshit claims regarding fake wallets and OSS)

2. TokenPocket 1M Downloads

https://play.google.com/store/apps/details?id=vip.mytokenpocket

From google play description of the app:

Security *TokenPocket is an open-source non-custodial wallet

Issues in vendor repo regarding it:

https://github.com/TP-Lab/tp-android/issues/15 https://github.com/TP-Lab/tp-android/issues/22

3. Lumi Crypto Bitcoin Wallet 100K+ Downloads

https://play.google.com/store/apps/details?id=com.lumiwallet.android

from google play description:

8. Open source - our code is publicly available.

source code of app not published, they only publish code of library they develop at: https://github.com/lumiwallet/lumi-android-core not code for all the app.

4. Wallets by same vendor 50K & 10K Downloads

Bitcoin Wallet - Blockchain Explorer https://play.google.com/store/apps/details?id=com.blockchain.wallet.btc

Bitcoin Cold Wallet https://play.google.com/store/apps/details?id=com.blockchain.bitcoin.wallet

Details in opened issue: https://github.com/hoanghiephui/Bitcoin-Wallet/issues/17

5. Koshelek. Crypto wallet & p2p 10K downloads

https://play.google.com/store/apps/details?id=ru.koshelek

from google play description.

Transparency. We have nothing to hide if you are an honest person. Source code, service turnover, comparison of offers and commissions with market ones - everything can be found in the public domain. We always tell the truth, because this is the only way to build long-term and productive relationships with clients.

Public source code wasn't found, vendor should be contact via twitter/email, etc..

6. https://walletscrutiny.com/android/com.maxxwallet/ 10K+ Downloads

From google play description:

Functionality and features:

• Dynamic Fees
• Open source

no source code was found for the wallet.

7. Coingrig 1K+

https://play.google.com/store/apps/details?id=com.coingrig

Total transparency. Coingrig is a Digital Wallet that publishes the source code for inspection by the community to prove that your confidential user data never leaves your phone.

issue at vendor:

https://github.com/coingrig/coingrig-wallet/issues/22

8. bitamp 500+ Downloads

bitamp google play description: https://play.google.com/store/apps/details?id=com.bitamp.mobile

This is an open-source Bitcoin wallet that’s completely free to use.

there is no published source code of the app to be found, issue at vendor only public repo to publish sources or remove open source claim:

https://github.com/bitampcom/bitamp/issues/3

Vendors who claim to be open-source but don't publish source code in time (many time they publish APK to googleplay and publish the source code later, like 2 weeks later or more)

1. BlockChain

Vendors who claim to be open-source but don't publish source licensed under OSI license but different license instead (they are source-available/source-viewable instead)

1. ColdCard

2. BRD, they changed license when moved to newer repo https://github.com/breadwallet/brd-mobile#licensing older repo license is open source: https://github.com/breadwallet/breadwallet-android/ while website content and other places weren't changed to reflect the change, currently they stopped publishing sources at all https://github.com/breadwallet/brd-mobile/issues/13

There more such offenders, issue will be updated with more vendors later.