Releases

Downloads#


Windows Desktop Wallet

download the windows binaries!


Linux Desktop Wallet

download the linux binaries!


Latest Version URL#


This is the latest version URL. When asked for it in the desktop wallet loader, please use this as the URL.

The most up-to-date Version URL:

{}

The version URL has last been changed on Invalid Date which is ~null days ago! For more information please check the Version History
Worried this URL might be malicious? Please check: ???

Executive Notes


You might be confused by the terms used above/below, where we talk about the "Moneypot Wallet", and the "Desktop Wallet (loader)", and the "Version URL"

Moneypot Wallet

Let's start off easy: The Moneypot Wallet is simply referring to the main wallet, which can be found here.

Desktop Wallet loader

The Desktop wallet loader is an Electron implementation of the Moneypot Wallet, with integrated tor on Windows
(Please note: on Linux the user himself is responsible to install tor, and for it to be able to bind to 127.0.0.1:9050)
By using it you enhance your privacy and security. (e.g you will have protection against domain hijacking or otherwise malicious wallet versions.) How you may ask?

  • Privacy is enhanced due to Tor being embedded. Note: Your real IP will (by default!) never be shared with any custodian while using the application, but malicious servers might try to log it! (Hence why you might want to use TOR or a VPN by default.)
  • Security is enhanced due to the Version URL you need to enter before loading the wallet. The Version URL contains the main script of the wallet + an integrity check. Were someone to replace the main script of the wallet with a malicious version, the app wouldn't load, since the integrity check would fail.

Version URL

And, at last: The Version URL: contains three essential parts which are necessary for the app to load.

The main.js script is what loads the entire wallet file, and the hash is checked against the wallet file to make sure it is valid, and that it cannot be altered later on (In the case of a domain hack, or malicious developer).


A valid example of this would be the following URL:
https://wallet.moneypot.com/main.08514b5d8eef3b9ddd8f.js#XqOLxPU/AbF3J5F8IaphFFt7H+JsV5jeqn8QvTspYAE=
Where, if we break it down a bit further:

Would be the domain name:
https://wallet.moneypot.com/
Would be the main.js source:
main.08514b5d8eef3b9ddd8f.js
Would be the sha-256 hash:
XqOLxPU/AbF3J5F8IaphFFt7H+JsV5jeqn8QvTspYAE (=)