In my opinion, this anecdote is enough reason for Apple to reject any app that purports to be a cryptocurrency wallet or in any way be a secure mechanism for cryptocurrency. There's no practical way for Apple to prove that any app won't betray the user.
Or in the alternative, Perhaps Apple should create a different tier of app review for any apps which claim to facilitate financial transactions (other than purchases, game currencies and microtransactions). This would encompass all apps for banking, investment and crypto. This tier should require a much higher verification of the developer's identity. The iOS sandbox should be further locked down to limit communication only to whitelisted IPs/domains which must all be under the control of the verified developer. And hey, you know what, let's even require the developer to submit the app in source code form.
I remember the early of days of Bitcoin, when Apple was rejecting wallet apps by default. I was honestly surprised that they relented: from consumer safety, to regulatory concerns, to 30% protectionism, they have every incentive (from their walled-garden/theme-park philosophy) to categorically ban on-device wallets.
> There's no practical way for Apple to prove that any app won't betray the user.
This is honestly a fundamental problem with both the App Review model, and the very concept of cryptocurrency (which for the record, I'm positively inclined towards, both technologically and ideologically):
- The Review model because the developer doesn't actually submit code, and static analysis tools can only go so far. Even if Apple started requiring source (opening many thorny IP liability issues), no reviewer can realistically audit every line. Even then, the mere fact WebViews are trivially common means a developer (or a malicious hacker) can always swap out the web backend with phishing attacks, credit card scams, etc.
- The cryptocurrency model because while it tells a story of "trustless" interaction and autonomy, in practice even the most knowledgable techies end up having to outsource trust to developers, firms, and communities. While it tends to be a safe bet to trust a highly-trafficked community GitHub over a random .ru site, (a) it still requires making a trust decision on imperfect information, and (b) non-technical users suffer an agent-principal dilemma when it comes time to make those decisions, which is a prerequisite to actually use crypto-currency. There are many, many shortcomings to the central-banking state currency model; but at least it has a pretty well-defined UX to the average "holder", and some hope of recourse in the event of a scam.
FWIW, browser-based wallets (with or without client-side storage) do exist, and would probably be used more heavily on iOS if Apple were to forbid native wallets. In which case, it's possible the guy who lost his life savings would have gotten scammed by a "trusted" web app instead.
Or in the alternative, Perhaps Apple should create a different tier of app review for any apps which claim to facilitate financial transactions (other than purchases, game currencies and microtransactions). This would encompass all apps for banking, investment and crypto. This tier should require a much higher verification of the developer's identity. The iOS sandbox should be further locked down to limit communication only to whitelisted IPs/domains which must all be under the control of the verified developer. And hey, you know what, let's even require the developer to submit the app in source code form.