Thesis: Desktop wallet is deprecated since Ethereum came to existence. The time of web3.0 comes and desktop wallets are no longer necessary because they do not provide any additional functionality or security benefits compared to open source web wallets. Desktop wallet development is waste of development resources.
Myth: Desktop wallet is more secure than web wallet.
In the early days of a blockchain, there were desktop wallets for BitcoinCore and web services offering a “web wallet”. Desktop wallets downloaded a blockchain and allowed a user to create a wallet (address), sign and send transactions. In this case, the user owns his private key, thus, owns his Bitcoins and addresses in fact.
Web services did not actually create a wallet for a user. They created an account for the user and this account was tied to a wallet (address or a set of addresses) that was stored on their servers and operates through their nodes. This means that the user did not own his private keys when using Bitcoin’s web wallets. The web service owns user’s addresses and Bitcoins in fact.
This changed when Ethereum came to existence. Ethereum nodes are different from BitcoinCore ones. This allowed to develop web wallets that do not store users private keys. For example ClassicEtherWallet, MyEtherWallet and MyCrypto. As a result, it does not matter whether you use a Desktop wallet or a Web wallet with Ethereum — you own your private key in both cases (i.e. you own your address and your funds).
Technical background: RPC nodes.
Bitcoin was the very first cryptocurrency and its functional structure lacks some important features. For example, a node needs a private key to sign a transaction and broadcast it to the network. A user have two options: (1) download the blockchain and keep a full node with a desktop wallet at his own machine or (2) trust the node and give it the private key.
What a node can do if you give it your private key?
Sign transactions on your behalf and send your funds wherever the node owner wants.
Ethereum is the next generation of blockchains and it has advanced RPC. In particular, nodes can broadcast an abstract transaction to the network if the transaction was signed. This does not require the node to know the private key that signed the transaction. This means that a user can sign transaction at his own machine without a necessity to download blockchain or even connect to the internet for this purpose (this is what is called Web3.js in Ethereum). Then the user can deliver the signed transaction to any node and ask it to broadcast the transaction to the network without any risk of losing funds or compromising his keys.
What a node can do if you give it a transaction that was signed by your private key?
A node can broadcast the transaction to a network. Each transaction can be executed only once. This means that the node can not repeat the transaction after its successful execution. A node owner can not derive your keys from the signed transaction. He has two options: (1) broadcast transaction to the network and (2) not to do it. Thats all he can do.
This allows to create such an open source wallets like ClassicEtherWallet which do not store user’s private keys. Again, this was impossible at the moment of BitcoinCore web wallets development because of limitations of Bitcoin RPC. Ethereum web wallets offer a user to create an account and hold his keys at his own.
Desktop wallets offer extended functionality compared to Web wallets.
This was true at the very beginning of Ethereum. There was a Mist wallet which served as a blockchain interaction tool and offered to create, compile and deploy smart-contracts. There are some important development features of Mist that MyEtherWallet and MyCrypto lacks.
However, we did significant progress with ClassicEtherWallet development during the last months.
- Deploying contracts with constructor parameters. (Critical for contract developers)
- Message System.
- Wallet encryption functionality that allows to re-encrypt an exported private key into a key-store file format. (Important security feature)
- Contract deploying with ClassicMask/MetaMask.
- Array type support for contract calls. (Critical for contract developers)
- Implemented automated search of known contract addresses for automated ABI loading.
- Implemented “background node” functionality (interchain services)
Now the ClassicEtherWallet has advanced functionality compared to any Desktop wallet that currently exists. It also provides interchain operability that no one of Desktop wallets can implement unless it will require you to download 4 different blockchains simultaneously. In the next release (3.11.3), ClassicEtherWallet will be fully functional and completely sufficient tool for developing and blocking interactions, which implements all the necessary functions for the development of smart contracts.
This means that there are no such necessary development functions that are not yet implemented in CEW and can be implemented in other wallets. Currently, Remix IDE and ClassicEtherWallet are fully sufficient tools for solving problems of smart-contract development that a developer can ever face.
You can use a web wallet as your cold wallet.
CEW, MEW and MyCrypto are open-source free wallets that can operate at any environment. A user can download a copy of the wallet’s source code and run it locally at his own machine. A user can connect the ClassicEtherWallet to his local node (Geth or Parity). This is exactly as Desktop wallets work.
This means that it is possible to use the open-source web wallet as cold wallet or a hot wallet depending on what the user prefer. This is only possible to use desktop wallet as a cold wallet but this will work similar to how web wallets works in cold mode.