🟡 Trust Rating: Moderate
Zengo fails a strict privacy test on almost every axis: closed-source client, an account tied to your email, biometric recovery, and a company you have to keep trusting. It just got bought by eToro. So why not a red rating? Because Zengo solves a real problem for real people. Most beginners are far more likely to lose a seed phrase or get phished than to be targeted by a nation-state. For that person, seedless MPC is a defensible tradeoff. For a privacy maximalist, it is not. Know which one you are before you install it.
What is Zengo?
Zengo is a mobile crypto wallet from Zengo Ltd (formerly KZen Networks), founded in Tel Aviv, Israel in 2018. It reports more than 2 million users. On April 15, 2026, eToro Group announced it would buy Zengo for roughly $70 million, mostly cash, in eToro's first acquisition since its 2025 IPO; the deal has since closed. eToro says the wallet stays separate from its regulated services, with users interacting directly with third-party protocols.
The pitch: no seed phrase. Instead of the usual 12 or 24 words you write on paper and pray you never lose, Zengo splits your key into two mathematical "secret shares" using multi-party computation (MPC). One share lives on your phone. The other lives on Zengo's server. Neither is ever a full private key, and the two never combine. To sign a transaction, both shares run a cryptographic protocol together. Zengo alone cannot move your money, and a thief who steals only one share gets nothing usable.
Critical Privacy Concerns
⚠️ Where Zengo Fails a Strict Privacy Standard
- Closed-source client. Zengo's app and server code are closed source. The company confirms this. Their MPC cryptography library (Gotham City, Curv, Multi-Party-ECDSA) is open source, audited, and on GitHub, but the actual app you download is not. Zengo says it does not obfuscate the client so professionals can reverse-engineer it. That is a weaker guarantee than reproducible open-source builds you can verify yourself.
- Account-based and email-tied. Recovery hangs on your email address plus a cloud account (iCloud, Google Drive, or Dropbox). That is an identity anchor a fully anonymous wallet never asks for.
- Server share = company dependency. Half your signing capability sits on Zengo's infrastructure. If they go down, you fall back on their recovery promise, not your own paper backup. And "they" is now eToro.
- In-app buying means KYC. Zengo's fiat onramp runs through third-party partners such as MoonPay, Banxa, Ramp, and Transak, depending on your region. Buying crypto in-app requires full identity verification with the chosen partner, including an ID upload and its KYC and AML checks. The moment you use it, the privacy of the wallet is gone.
How the Seedless MPC Actually Works
Zengo uses a 2-of-2 threshold signature scheme. Two independently generated secret shares: one on your device, one on Zengo's server. They are "never exposed to each other at no time," in Zengo's words. When you spend, both shares cooperate in a math protocol that produces a valid signature without ever reconstructing a single complete key anywhere.
The upside is concrete. There is no seed phrase to phish, photograph, mistype, or leave in a drawer. That kills the single most common way beginners lose funds. The downside is equally concrete: you have swapped "I control one secret" for "I depend on a company holding the other half and on my own biometrics and cloud account working when I need them."
Recovery: What You Are Actually Trusting
Zengo recovery uses three factors:
- Email. Your account credential.
- Cloud Recovery Kit. An encrypted copy of your device secret share is stored on Zengo's server (which the company says it cannot use), and the decryption code is stored separately in your personal cloud (iCloud, Google Drive, or Dropbox).
- 3D FaceLock biometrics. Only your biometric face scan decrypts the encrypted share.
So an attacker needs your email, your cloud account, and your live face. That is a genuinely hard combination to beat remotely. It is also three things you have to keep intact for years. Lose access to the cloud account, or lose the face scan, and you are leaning entirely on Zengo's fallback.
For the "what if Zengo dies" question, the company points to a guaranteed access service run by independent companies, meant to let you access and spend your crypto even without Zengo. Read that carefully: your recovery path in a shutdown is a promise about third parties you have never met, not a seed phrase in your own safe. That is the core difference between this model and a self-custody wallet you could restore on any compatible app.
The "Never Hacked" Claim
⚠️ Treat This as Marketing, Not Proof
Zengo markets that zero wallets have been hacked, drained, or phished since 2018 across its user base. It backs this with a public bounty it branded the $500,000 Zengo Wallet Challenge: 10 Bitcoin (around $430,000 at the time) left on-chain in a wallet for 15 days in January 2024, with recovery hints progressively revealed. Reportedly 200+ attempts, no winner. The MPC protocols have been audited by Kudelski, CertiK, Scorpiones, and AppSec.
Here is the skeptic's note. "No wallet has ever been hacked" is an unfalsifiable claim by design. You cannot prove a negative, and a bounty that nobody claimed is evidence the challenge was hard, not proof the system is unbreakable forever. Audits and bounties are real positives. They are not a guarantee. Size your holdings as if the marketing might be wrong.
Technical Specifications
- Type: Non-custodial mobile wallet (iOS, Android), seedless
- Key model: 2-of-2 MPC / threshold signatures, device share + server share
- Recovery: Email + Cloud Recovery Kit + 3D FaceLock biometrics
- Client code: Closed source (MPC crypto libraries are open source on GitHub)
- Onramp: Third-party partners by region (MoonPay, Banxa, Ramp, Transak, and others), KYC required to buy in-app
- Assets: Bitcoin, Ethereum, and dozens of tokens and chains, plus NFT and DeFi support
- Owner: eToro Group (acquisition announced April 2026, since completed)
Pricing Structure
| Plan | Price | What You Get |
|---|---|---|
| Zengo Essentials | Free | Full MPC wallet, buy/sell/swap, core security |
| Zengo Pro | About $19.99/month (annual billing discounted; figures vary by region, verify in-app) | Legacy Transfer (self-custodial inheritance-style transfer), Theft Guard (MFA on outgoing transactions locked to your biometrics), Web3 Firewall, priority 24/7 support (under 1 hour), up to 5 segregated wallets, up to 50% off purchase fees |
The free tier is a complete wallet. Pro is a security-and-convenience upsell. None of the Pro features fix the underlying privacy tradeoffs, and paying by card adds another payment record with your name on it.
Zengo vs. Alternatives
Zengo vs. Exodus
- Zengo: Seedless MPC, biometric recovery, closed-source client, company-dependent. Beginner-proof against seed loss.
- Exodus: Traditional seed-phrase wallet, you hold the words and the risk. See our Exodus review.
Zengo vs. Hardware Wallets
- Zengo: A hot wallet on an internet-connected phone. Convenient, but your keys touch a networked device every day.
- Hardware wallets: Keys stay offline in a dedicated device. If you hold meaningful money or want open, verifiable firmware, this is the stronger path. Start with our Trezor review or Ledger review, and our hardware wallet comparison.
When to Use Zengo
✅ You are new to crypto and honestly more likely to lose a seed phrase than to be targeted by a sophisticated attacker. Seedless recovery removes your biggest real risk.
✅ You want a hot wallet for small, active balances and value not managing a paper backup.
❌ You need strong privacy. Account, email, biometrics, closed source, and a KYC onramp all cut against anonymity.
❌ You are holding serious money for the long term. A hot wallet on a phone, dependent on one company, is not where large cold savings belong.
The Bottom Line
Consider Zengo if:- You are a beginner whose real threat is losing your own keys, not being hunted
- You want a simple hot wallet for modest, spendable amounts
- You value biometric recovery over holding a seed phrase yourself
- Privacy and anonymity are the point of using crypto for you
- You want open-source, verifiable client code
- You are storing large or long-term holdings (use a hardware wallet)
- You refuse to depend on a company (now eToro) for half your key
⚠️ Final Assessment
Zengo is a good answer to the wrong question if you came here for privacy. It is a genuinely good answer if you came here to stop losing your own crypto to a misplaced seed phrase. Judge it against your actual threat model, not the marketing. Keep amounts small, never use the in-app KYC onramp if anonymity matters, and treat the "never hacked" line as advertising.
If You Use It Anyway
Not for everyone, but if Zengo fits your threat model, lock these in:
- Sign up with an alias email you use for nothing else, not your main inbox.
- Skip the in-app fiat onramp. Buying via any of the in-app partners (MoonPay, Banxa, Ramp, and others) forces full KYC. If you want to avoid that, fund the wallet from crypto you already hold elsewhere.
- Treat it as a hot wallet. Keep only spending money on it. Long-term savings belong on a hardware wallet held offline.
- Test recovery early. Before you fund it seriously, confirm you can actually restore on a second device. Verify the cloud account and biometrics work now, not during a crisis.
- Use a VPN so your IP is not logged alongside your wallet activity every time you open the app.
Resources
- Zengo Help Center: How the Zengo Security Model Works
- Zengo Help Center: Zengo Pro Guide
- Zengo: Zengo and Open Source
- Zengo: The 10 Bitcoin Wallet Challenge
- CoinDesk: eToro to Acquire Zengo in $70 Million Deal (April 2026)
- Bloomberg: eToro to Acquire Crypto Wallet Startup Zengo in $70 Million Deal
- GitHub: ZenGo-X open-source MPC libraries
- Crunchbase: KZen Networks (Zengo) company profile