Cupcake is an Android/iOS app which stores your private keys and acts as a dedicated signing tool alongside Cake Wallet on a separate Android/iOS device, essentially turning an old smartphone into a “hardware wallet.”
Why I think this tool should be added
I’m not sure whether this should be added. I fear this would enable some poor opsec that a dedicated hardware wallet prevents by design. It is also a poorly documented app in terms of how it actually protects your data.
On the other hand, in theory even older smartphones should provide good physical security, and regardless of that, using an air-gapped device will definitely provide good security against malware on the device which you have Cake Wallet installed on, which is probably the primary vector of attack most cryptocurrency holders will be concerned about anyways.
This is certainly a more budget option (assuming you already have an old phone), but my other two candidates for this section already have products starting at $59, and really the only reason not to buy a Trezor Safe 3 or a Ledger Nano S Plus would be iOS compatibility.
You would only use it on a phone that is dedicated to having this app installed and nothing else, and it communicates with Cake Wallet on the other device via QR codes, so you would never need to connect it to WiFi/Bluetooth/Cellular.
However, yes this is still why I’m not totally convinced it makes sense to generally recommend.
i totally agree that it would need to ensure this wont happen. one could call the method maybe “airgapped phone with cupcake installed”. maybe they dont know what airgapped means (frankly i might not even know if is correct here) but atleast the focus lies on the phone and less on an app.
other then that last time i checked cupcake was still very early developement