Reviewing: Toshi (v1.1)

I’ve mentioned Toshi in passing before and have been meaning to write about it more in depth. Seeing as how the Toshi team just released an update – I figure now is as good a time as any to give it a closer look.

Let’s explore what Toshi is and what it does.

What’s Toshi?

Toshi is an open-source software wallet, secure messaging app, reputation facilitator, and dApp browser that runs on your mobile devices. It’s part of the Coinbase family, but you wouldn’t know it from anything inside the app. It runs on both iOS and Android platforms. You can find it in either platform’s app store.

A Wallet

It does what all wallets do – which is help you to manage your digital assets. Originally, it only supported ETH, but the most recent update added support for ERC20 and ERC721 tokens. In theory, having all of your Ethereum-powered assets in one place is really convenient… but:

Because Toshi can only be as secure as the internet-connected phone it’s running on – it’s not safe for large sums of ETH… or any other digital asset. So, while having access to all of your CryptoKitties or Etherbots on your phone might be really convenient… if they’re too valuable, then it’s probably not a good idea. Same goes for all of your ICO tokens and whatever else gets tokenized on the Ethereum platform in the future.

Also, it’s worth mentioning that setting up a Toshi wallet is easy. Like, probably too easy. You download the app, accept the terms, and then… you have a wallet… just like that. You can transfer ETH to it right away. Anything problematic about that series of events? Need a hint?

Without your private keys, a lost phone means lost wealth. Remember, neither Coinbase nor Toshi can recover your private key for your new Toshi wallet. You need to write down your seed words as soon as you set it up. In my opinion, this shouldn’t be an optional step. It should be required and harped on repeatedly until dealt with… but, you know, ease of use and all that jazz.

Always write down your passphrase / seed words ASAP.

Oh, and one last thing. Since Toshi uses the standard twelve seed-word recovery phrase, importing your Toshi keys into another wallet should be relatively simple. Moving in the other direction, from another wallet to Toshi, should be easy too. You can read more about that here.

Secure Messenger

Toshi uses the Signal Protocol to facilitate encrypted messaging. I know what you’re thinking… “who needs another messaging app?” Hold on a second, because you’re thinking about this all wrong. Think: Why would you use a messaging app that didn’t facilitate peer-to-peer value transfers? See. Genius!

If the future is really about peer-to-peer payments – then it makes sense to integrate a wallet into your messaging client (or vice versa). Apparently, Coinbase and Toshi think this will be what the future looks like…
Hey, what a surprise! So do I!

Now, when your kid sister asks for money – you won’t have to switch apps to fulfill her request. See, Toshi’s making crypto more convenient. This is good!

A few things could certainly be improved on the messaging front… Giphy support, a button for easier access to emoticons, and some other messaging-centric niceties still need to be integrated. Native group chats were just recently added though, so Toshi isn’t suffering from lack of development by any means. I bet they’ll keep refining the messaging capabilities.

Reputations

Part of the Toshi experience needs more work than all the rest – this is, by far, its broken reputation system. Toshi doesn’t make it clear what metric users should be rated on. Smile? Reliability? To make matters worse, leaving reviews without any written feedback is trivially easy – in fact, even if feedback is left, no one else can read it. The end result is that no one has any idea why you have the rating that you do.

I’ll tell you why – because you decided to make your profile public and were immediately sent random requests to send people you’ve never met some ETH. You declined. BAM – one star reviews.

Wait, it gets worse. There is a reason a cat has 10k five star reviews and the rest of the public users have nothing other than one and five star reviews… (Actually, thumbs up/down might be ok.) The issue is that there are no safeguards in place to deal with fake reviews. The same IP address can generate a thousand accounts and completely manipulate the entire reputation system. Again, because no one can SEE the reviews, they would have no idea the reviews are probably fake.

If the reputations are going to be valuable in any way – the system needs serious work. A CAPTCHA would be a good start, disregarding the tenth (or third) review for the same account from the same IP address would probably be another step in the right direction. As it stands – the current reputation system is worthless at best and completely misleading at worst.

This goes for reputations/ratings of the dApps within Toshi as well as the users.

dApp Browser

Toshi makes finding dApps really easy. The Toshi team (@sid) reaches out to developers and is active within the Ethereum community. This is really cool.

Recognizing that Ethereum isn’t just for sending money to your friends – that it is also for interacting with all of these decentralized applications – is a big deal. Toshi puts this “bigger picture” of crypto front and center.

Toshi does have a tendency to overestimate the cost of transactions and manual TX controls would be a welcomed addition (à la CIPHER)… but for new users, Toshi makes discovering and interacting with dApps a breeze. For power users – at least you can manually enter dApp URLs.

The dApp showcase is probably Toshi’s most interesting feature – and it’s great for the entire Ethereum ecosystem. I would be interested to know how an app gets “Featured” though 🤔…

Chat Bots

Combining their messaging platform with their dApps focus – and you end up with apps that can be controlled via chat. The concept is interesting and certainly has potential – but isn’t particularly captivating yet. I’ll let that feature develop a little more before making any judgments.

TL;DR:

Toshi’s an actively developed, fully open-source app that’s supported by Coinbase – one of the largest exchanges in the crypto space. Despite its behemoth backer, the Toshi team is actively engaged in the Ethereum community and doing things to advance the Ethereum ecosystem as a whole.

Toshi is a good wallet, a decent encrypted messaging platform, an awesome dApp explorer, and a broken reputation system – all wrapped into an app that’s user-friendly and constantly improving. It’s a great way to get people experimenting with dApps and understanding the Ethereum platform.