Oddbean new post about | logout
 Real answer is where you choose to put your trust: every wallet you download might be compromised. 

For more trust, you can download the source code of the wallet, audit it, and compile it by yours. But this means your moved your trust from the app developer to the compiler developer. This can go on for a while.

In practice, i suggest to at least use open source wallet and always check online if the wallet is trusted for other individuals or if it has been audit by someone