We built Casa to protect our clients from every risk imaginable...including ourselves.
As we all know, trusted third parties are security holes. That’s why Casa has never--and will never--claim to be one.
What is a watch-only wallet?
Watch-only wallets provide users the means to monitor their balances and transactions safely, but only send funds if hardware wallets are available.
They are typically used for keeping an eye on cold storage funds or paper wallets, and they can be created using public keys without ever needing the private keys.
Why do they matter?
As a Casa member, you can use a watch-only wallet to verify that the deposit addresses Casa App is presenting to you are in fact generated from your keys. This provides added assurance that you’re safe from a man-in-the-middle attack (e.g., a malicious code update misdirecting you to send funds to an address controlled by another party). These attacks are rare, and we do everything in our power to protect our clients from them. By following these guides, you can also verify this personally.
Open source security is a team sport.
If you’re worried about what could happen should Casa ever be compromised, unavailable, or under attack, that means you're thinking about your security the same way we do every day. Using open-source software like Electrum to verify your balances and receive addresses entirely outside of our systems helps maximize your personal sovereignty, and provides an important check on Casa. It's part of our "Can't Be Evil" design.