seed phrase

I run a Ledger competitor — but I support them in blow-up over keys

May 18, 2023 Coin Telegraph

Ledger’s latest update — aimed at making private seed phrases on its wallets recoverable — was simply an attempt to innovate and improve user security.

It’s counterintuitive for a CEO to defend a competitor, particularly when that competitor is rolling out a feature similar to one we pioneered years ago. But given the debacle around Ledger’s new “Ledger Recover” feature, it’s time to provide a balanced perspective.

The company is under fire for releasing an update to its wallet firmware that allows it to send a version of the wallet seed phrase to third parties. But the outrage feels out of proportion. The perception that Ledger is carelessly “sending seed phrases to a server” is fundamentally misinformed. Let’s be clear: The new system is opt-in only. There is no forced participation or hidden backdoor. The seed is locally split into three encrypted shards using Shamir Secret Sharing, a well-respected cryptographic process, and sent encrypted, a practice the industry has been familiar with for years.

One of the corporations hosting the shards is EscrowTech, a company we brought into the crypto sector four years ago. I’m confident that Ledger, despite our rivalry, can successfully implement a system that matches its claims. They’ve shown commitment and seriousness in the past, and there is no reason to expect otherwise now.

WTF is this real @Ledger ? this is unreal im literally getting sick

do you have any idea how much money your devices secure ???

have you been lying all this time saying the seed on the device cannot be accessed in anyway? pic.twitter.com/34txno7koR
— Clouted (@CloutedMind) May 16, 2023

In the face of backlash, it’s essential to remember: If you don’t like it, don’t use it. Period.

We have always strived to provide an upgrade to such systems, but for those who choose to stick with seed phrases, Ledger Recover is undeniably a step forward. I’m giving credit to Ledger where it is due: To truly onboard billions, and move assets to our self-custodial universe, Ledger Recover is a potential solution. Securely encrypted secrets stored in the cloud are the future, not pieces of paper or steel plates stored under your mattress or worse in a bank vault (the irony…)!

That being said, there are a few things Ledger got wrong. Their suggested solution identifies a fundamental problem that cannot be fixed by Ledger Recover: seed phrases. I dislike them and consider them outdated and unfit for personal security. An estimated $100 billion in Bitcoin (BTC) (alone) has been lost or stolen in the last decade because of seed phrase mismanagement. And it’s not getting any better: Every day, new stories of key misplacement and loss appear on forums, such as Reddit and Twitter.

Seed phrases represent a single point of failure, which puts too much burden on the user and is prone to human error, phishing attacks, account takeovers and so many more disasters. Multiparty computation (MPC) wallets and other battle-tested cryptographic techniques offer vastly superior trade-offs where seed-based approaches seem archaic in today’s rapidly advancing digital landscape.

Ledger’s current users, mostly hardcore crypto enthusiasts, feel betrayed, but the existing seed model simply doesn’t work for everyone. Even Ledger acknowledged it on its own website.

Beyond ignoring the fundamental seed phrase vulnerability, Ledger Recover itself has its own share of issues: The one-way firmware update, the closed-source sharding, the Know Your Customer (KYC) gating, the pay-to-recover scheme and, most of all, the “trust me this is opt-in only” without ways to verify the source code. The closed code, dependence on external custodians and the seven-day cut-off if payment ceases will absolutely surface more questions (and already has).

The introduction of Ledger Recover might also invite new attack vectors on and off systems: From local malware to government coercion, social engineering (already deployed at scale in their last e-commerce breach) and fake KYC recovery, which need to be addressed. Lastly, Ledger’s communications and timing could have been better articulated and managed to avoid the current uproar.

However, this doesn’t take away from the fact that they are trying to innovate and improve user security, albeit in a different way than we might.

To Ledger, I suggest providing a comprehensive demo video end-to-end, a documented white paper with possible third-party audit reports, and a thorough explanation of how Ledger Recover works. The FAQs leave questions unanswered, and customers are left guessing or misinterpreting the service. The community thought they could trust you blindly, but you need to earn this back after this episode.

This is not a clear-cut case of right or wrong. Ledger is making strides in the right direction and has built a remarkable track record in an incredibly hostile environment — we know that first-hand. But they also have room to learn and improve.

Imposing a new security path, even optional, is like asking to believe in a second religion you did not choose in the first place. It’s a divisive issue, certainly, but it’s vital for the crypto community to focus on facts rather than interpretations. Eventually, our words here (or on social media) will not matter, and people will vote with their dollars (I mean their crypto). As competitors, we may not agree on every detail, but we can all agree on the need for innovation, security and transparency.

Ouriel Ohayon is a co-founder and the CEO of ZenGo, a consumer MPC wallet established in 2018. He’s a former executive at ICQ/AOL; the founder of TechCrunch France (sold to AOL); and the founder rof Isai.fr, a leading French VC. He was general manager of the Gemini’s internet lab and Lightspeed Ventures.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Crypto Hardware Wallet Ledger Responds to Criticism of New ID-Based Seed Phrase Recovery Solution

May 18, 2023 The Daily Hodl

What security? Bitcoin enthusiast cracks known 12-word seed phrase in minutes

April 27, 2023 Coin Telegraph

Bitcoin Community

If the words of a 12-word seed phrase are known, it’s deceptively easy to enter the wallet and sweep the funds.

A systems architect cracked a seed phrase and won a 100,000 Satoshi bounty, or 0.001 Bitcoin (BTC), worth $29, in just under half an hour. Cointelegraph spoke to Andrew Fraser in Boston, who underscored how critical it is to keep a Bitcoin wallet seed phrase secure and offline.

A seed phrase or recovery phrase is a string of random words generated when a wallet is created that can access the wallet, similar to a master key. Fraser brute forced a 12-word seed phrase that Bitcoin educator “Wicked Bitcoin” shared on Twitter:

Anyone want to try and brute force this 12-word seed phrase securing 100,000 sats? I’ll give you all 12 words but in no particular order. Standard derivation path m/84'/0'/0'…no fancy tricks. GL.https://t.co/c9FyMv3HYM pic.twitter.com/nPGTB9bX2g
— Wicked (@w_s_bitcoin) April 26, 2023

As shown, Wicked’s Tweet challenged users to decipher the correct order of the 12-word seed phrase.

"Anyone wants to try and brute force this 12-word seed phrase securing 100,000 sats? I’ll give you all 12 words but in no particular order. Standard derivation path m/84'/0'/0'…no fancy tricks. GL.”

It took just 25 minutes to unlock the 100,000 Satoshis–or just under $30. The incident serves as a timely reminder for Bitcoin users and crypto enthusiasts to take crypto security seriously.

Fraser cracked the code using BTCrecover, a software application available on GitHub. The software offers a range of tools that can determine seed phrases with missing or scrambled mnemonics and passphrase-cracking utilities. Over Twitter DMs, Fraser told Cointelegraph:

"My gaming GPU was able to determine the correct order of the seed phrase in about 25 minutes. Though a more capable system would do it much faster.”

He noted that anyone with a basic knowledge of running Python scripts, using the Windows command shell, and understanding the Bitcoin protocol–particularly BIP39 mnemonics– should be able to replicate his success.

Cointelegraph queried Fraser about the security of 12-word seed keys. Fraser explained they are "perfectly secure if the words remain unknown to an attacker or there is a passphrase '13th seed word' used in the derivation path of the wallet."

Moreover, he emphasized the superior security of 24-word seed keys.

"Even if an attacker knew the out of order words of your 24-word seed key, they would never stand a hope of discovering the correct seed.”

Fraser broke down the entropy calculations to explain the difference in security between the two types of seed keys. A 12-word seed has approximately 128 bits of entropy, while a 24-word seed boasts 256 bits. When an attacker knows the unordered words of a 12-word seed, there are only around half a billion possible combinations, which is relatively easy to test with a decent GPU. A 24-word seed, however, has roughly 6.24^24 possible combinations–and that's a lot of zeros.

Even the probability of an attacker cracking a 12-word seed phrase is borderline absurd. 24-word seed phrases may be superior, but as Wicked points out in a post-mortem to the seed phrase challenge; “it’s not going to be hacked tbh.”

In the off chance that someone finds your seed phrase cut up and out of order, then yes lol.
— Wicked (@w_s_bitcoin) April 27, 2023

Ultimately, it’s a timely reminder to readers to ensure seed phrases are never published or shared online. That means a seed phrase should not be stored in a password manager, a cloud storage solution, and they certainly should not be typed out into a phone.

Fraser also stressed the importance of keeping seed keys secret and to take advantage of a passphrase that functions as part of the derivation path. As for the 100,000 Sats Fraser took home? Fraser tweeted that he spent them on dinner that night: Chicken Marsala. Talk about circular economy.

Cointelegraph Magazine: Bitcoin in Senegal: Why is this African country using BTC?

‘Haunts me to this day’ — Crypto project hacked for $4M in a hotel lobby

February 7, 2023 Coin Telegraph

<div>'Haunts me to this day' — Crypto project hacked for M in a hotel lobby</div>

Ahad Shams

The co-founder of Webaverse said they somehow got their crypto hacked from their Trust Wallet during a meeting with two people claiming to be investors.

The co-founder of Web3 metaverse game engine “Webaverse” has revealed they were victims of a $4 million crypto hack after meeting with scammers posing as investors in a hotel lobby in Rome.

The bizarre aspect of the story, according to co-founder Ahad Shams, is that the crypto was stolen from a newly set up Trust Wallet and that the hack took place during the meeting at some point.

He claims the thieves could not have possibly seen the private key, nor was he connected to a public WiFi network at the time.

The thieves were somehow able to gain access while taking a photo of the wallet’s balance, believes Shams.

The letter which was shared on Twitter on Feb. 7, contains statements from Webarverse and Shams, explaining that they met with a man named “Mr Safra” on Nov. 26 after several weeks of discussions about potential funding.

“We connected with “Mr Safra” over email and video calls and he explained that he wanted to invest in exciting Web3 companies,” explained Shams.

“He explained that he had been scammed by people in crypto before and so he collected our IDs for KYC, and stipulated as a requirement that we fly into Rome to meet him because it was important to meet IRL to ‘get comfortable’ with who we were each doing business with,” he added.

full story https://t.co/vdkAHyBaG9
— 0xngmi (aggregatoor arc) (@0xngmi) February 6, 2023

While initially “skeptical,” Sham agreed to meet “Mr Safra” and his “banker” in person in a hotel lobby in Rome, where he would later show the project’s “proof of funds" — who Mr. Safra claimed was his requirement to begin the "paperwork."

“Though we grudgingly agreed to the Trust Wallet ‘proof’, we created a fresh Trust Wallet account at home using a device we didn’t primarily use to interact with them. Our thinking was that without our private keys or seed phrases, the funds would be safe anyway," said Shams.

However, turns out Sham he was thoroughly mistaken:

“When we met, we sat across from these three men and transferred 4m USDC into the Trust Wallet. “Mr Safra” asked to see the balances on the Trust Wallet app and took out his phone to “take some pictures”.

Shams explained that he thought it was okay because no private keys or seed phrases were revealed to "Mr. Safra."

But after "Mr. Safra" took a photo and stepped out of the meeting room to consult his banking colleagues, the crew vanished and Shams saw the funds siphoned out.

"We never saw him again. Minutes later the funds left the wallet."

Almost immediately after, Shams reported the theft to a local police station in Rome and then filed an Internet Crime Complaint (IC3) form to the U.S. Federal Bureau of Investigation (FBI) a few days later.

Shams said he still has no idea how “Mr. Safra” and his scam crew committed the exploit:

“The interim update from the ongoing investigations is that we are still unable to confidently establish the attack vector. The investigators have reviewed available evidence and engaged in lengthy interviews with the relevant persons but further technical information is necessary for them to come to confidently establish conclusions.”

“Specifically, we need more information from Trust Wallet regarding activity on the wallet that was drained to reach a technical conclusion and we are actively pursuing them for their records. This will likely provide us with a better picture on how this has transpired,” he added.

Cointelegraph reached out to Shams and he confirmed he wasn’t connected to the hotel lobby's WiFi when he revealed the funds on his Trust Wallet.

The Webaverse co-founder believes the exploit was carried out in similar fashion to an NFT scam story shared by NFT entrepreneur Jacob Riglin on Jul. 21, 2021.

There, Riglin explained that he met with potential business partners in Barcelona, proved that he had sufficient funds on his laptop, and then within 30-40 minutes the funds were drained.

NFT Scam full story;

After the response to my previous tweets about the $90,000 scam I was involved in, I wanted to share more details on it to help warn any others of falling victim to it.

I was contacted by a Philippe Maloof from Canbury Properties Limited. He said he had a
— Jacob (@jacobriglin) July 21, 2021

Shams has since shared the Ethereum-based transaction where his Trust Wallet was exploited, noting that the funds were quickly "split into six transactions and sent to six new addresses, none of which had any prior activity."

The $4 million worth of USDC was then almost entirely converted into Ether (ETH), wrapped-Bitcoin (wBTC) and Tether (USDT) via 1inch’s swap address feature.

Shams admitted that “the event haunts me to this day” and that the $4 million exploit is “undoubtedly a setback” for Webaverse.

However, he stressed that the $4 million exploit and pending investigation will have no impact on the firm’s short term commitments and plans:

“We have sufficient runway of 12-16 months based on our current forecasts and we are well underway to deliver on our plans.”

Cointelegraph has also reached out to Trust Wallet for commen

How to keep your crypto safe in 2023: a few tips from an analyst

January 9, 2023 Coin Telegraph

Bitcoin Wallet

Lead on-chain analyst at Glassnode, James Check, explains why taking self-custody of your private keys has become more important than ever and how to do it in a few simple steps.

There is no excuse for not putting a few hours of research into how to properly custody your crypto, according to lead on-chain analyst James Check. Joining the latest debate around self-custody, the analyst pushed back against the notion that managing private keys is too complicated and risky for the average crypto user.

“If you have gold in your vault, if you have cash in your wallet, it's the same concept: you need to exercise a level of responsibility,” said Check in our latest Cointelegraph interview.

Check argued that, while third-party custody and semi-custodial solutions such as collaborative custody may appear more user-friendly for the average user, they also have their own, even bigger, vectors of risks.

To the analyst, when it comes to custody "there are no solutions, only trade-offs." His position is that being in full control of your own crypto and eliminating the third-party risk is well worth the effort of learning how to keep your wallet's 12 word seed phrase safe.

Ultimately, Check pointed out that the amount of time and effort someone should put into learning self-custody should be scaled proportionally to the size of thei holdings.

“If you're not willing to put more than 5 minutes into it, then don't put more than $5 into it. If you're willing to do 100 hours now, you can start talking about doing your significant sums of savings,” he said.

To find out more about Check's approach to self-custody, check out the full interview on our YouTube channel and subscribe!

Police body cam leaks suspect’s seed phrase during vehicle inspection

December 20, 2022 Coin Telegraph

Blockchain storage

A viral video making rounds on Twitter showed two police officers searching a suspect’s car and coming across pieces of paper, one of which contained seed phrases.

While self-custody is considered the ultimate way to secure one’s funds, many fail to acknowledge the risks associated with physically storing seed phrases. A search conducted by the State Police agency for Nevada ended up making a suspect’s seed phrase public after being picked up by the body cam.

A viral video making rounds on Twitter showed two police officers searching a suspect’s car and coming across pieces of paper. It turns out, the suspect was a strong believer in self-custody as unfolding the pieces of paper revealed the suspect’s seed phrase, which was hand-written — a popular method to prevent online compromises.

*Nevada State Police body cam records suspect's seed phrase. Source: Twitter*

As the incident got recorded by one of the officer’s body camera, the suspect’s seed phrase has now become public information.

This video of cops in Nevada searching a suspect and finding a seed phrase is pretty wild. Imagine having your seed phrase become part of public record due to it being captured by an officer's body camera! pic.twitter.com/vS2vm0xh7N
— Jameson Lopp (@lopp) December 18, 2022

Binance CEO Changpeng ‘CZ’ Zhao saw the video and warned investors about learning the various risks involved in different methods of storing cryptocurrencies. He said:

“I am a proponent of free choice. Feel free to hold your crypto anyway you wish. But learn the risks of each method.”

The video sparked conversations around the best way to store seed phrases, with the most popular suggestion being memorizing the seed phrase. While the idea of learning the seed phrase — a unique combination of 12 or 24 words — by heart sounds safe, CZ pointed out that lack of inheritance and the forgetfulness of the human mind are two of the biggest flaws when it comes to storing important information on the “brain wallet.”

The arrest of former FTX CEO Sam Bankman-Fried for alleged misappropriation of funds was perceived as a cue to rethink long-term storage strategies of cryptocurrencies.

While an immediate reaction was to pull out the funds from crypto exchanges, the CEOs came forward to reassure the investors’ fund's safety regardless of where they intend to store their cryptocurrencies.

On the other side of the spectrum, Ray Youssef, the CEO of the crypto exchange Paxful, sided with the idea of Bitcoin (BTC) self-custody. He promised to send weekly reminders to all investors to move their funds away from the exchange.

“My sole responsibility is to help and serve you. That’s why today I’m messaging all of our [Paxful] users to move your Bitcoin to self-custody. You should not keep your saving on Paxful, or any exchange, and only keep what you trade here,” he stated.

Only 1% of people can handle crypto self-custody right now: Binance CEO

December 15, 2022 Coin Telegraph

BUSD

Changpeng Zhao’s comments come as billions of dollars of stablecoins continue to flow out of the Binance exchange.

Binance CEO Changpeng “CZ” Zhao has cautioned the crypto community about self-custody, suggesting that 99% of people choosing to self-custody their crypto will likely lose it one way or another.

CZ has been been a supporter of self-custody for years, referring to its as a “fundamental human right” but has always urged users to “do it right.” He published a “CZ’s Tips” on self-storing crypto in Feb. 2020.

During a recent Binance-run Twitter Spaces on Dec. 14, the Binance CEO continued to urge caution for those using self-custody wallets — suggesting that more often than not, security keys are not stored securely, backed up or properly encrypted, commenting:

“For most people, for 99% of people today, asking them to hold crypto on their own, they will end up losing it.”

CZ reiterated that holding crypto in one’s own wallet is “not risk-free” and postulated that “more people lose money holding their own — lose more crypto when they’re holding on their own than on a centralized exchange.”

And we're live!

Tune-in to our Twitter Space where @cz_binance is answering all of your questions. https://t.co/U0hJOWy74P https://t.co/CDDC20cHgt
— Binance (@binance) December 14, 2022

“Most people are not able to back up their security keys; they will lose the device [...] They will not have the proper encryption for their backup; they will write it on a piece of paper, someone else will see it, and they will steal those funds,” he explained.

The Binance executive also stated that even where self-custody funds are properly managed, “if a person passes away, they don’t have a way to give to their next of kin,” but custodians like Binance can implement a “standard operating procedure” to solve that problem, he said.

The Binance executive concluded that “different solutions have different risk profiles” and that it is up to the user to decide what is best for them.

Despite most of Binance’s operations being “centralized,” CZ iterated that the company remained “neutral” on its preference towards custody and self-custody solutions, with the CEO stating in an earlier Twitter Space discussion on Nov. 14 that he’d happily shutdown the centralized cryptocurrency exchange if users moved to decentralized alternatives.

“If we can have a way to allow people to hold their own assets in their own custody securely and easily, that 99% of the general population can do it, centralized exchanges will not exist or probably don't need to exist, which is great,” CZ said.

Binance’s latest Twitter spaces comes amid a turbulent time for the exchange, which has seen significant withdrawals on concerns over its balance sheet and potential incoming litigation.

A Dec. 11 report from The Wall Street Journal suggested several red flags in Binance’s proof-of-reserves audit, while a Dec. 13 Reuters report suggested that the U.S. Department of Justice is nearing the end of a three-year investigation into Binance, which may come with criminal charges.

The last few days has seen a high volume of stablecoin outflows withdrawn from the trading platform, including $2.2 billion outflow of stablecoins Binance USD (BUSD), Tether (USDT) and USD Coin (USDC) over a 24-hour period between Dec. 13-14, according to data from blockchain intelligence platform Glassnode.

*Outflows of BUSD, USDT and USDC on Binance Over 24 Hour Period Dec. 13-14. Source: Glassnode.*

Interestingly, Bitfinex’ed — a long time Tether critic —shared a screenshot to its 98,000 Twitter followers on Dec. 14 of Binance’s latest offering 50% APR on staked USDT to its customers, alleging that the exchange may be looking to shore up its allegedly fast dwindling stablecoin reserves.

Binance now offering 50% APR on Tether fraud tokens. Binance appears to be desperately attempting to increase deposits.

First cloud mining scams now 50% APR rates on Tether fraud tokens!

H/t @Tethertothe1 pic.twitter.com/TZ0oPKxvss
— Bitfinex’ed Κασσάνδρα (@Bitfinexed) December 14, 2022

In the latest Twitter Space discussion, CZ attributed the weakened market sentiment — particularly with reference to custodial solutions — to the catastrophic fall of FTX.

Web3 Must Overcome Significant UX Challenges to Reach Mass Adoption

November 12, 2022 Bitcoin.com

What is a seed phrase and why is it important?

August 27, 2022 Coin Telegraph

Bitcoin Wallet

It’s crucial to remember your seed phrase, which is a string of random words produced by your cryptocurrency wallet when you initially set it up.

How to keep your seed phrase safe

A crypto seed phrase in the wrong hands can do damage, so it is advisable to always ensure it is safe. The following are some tips for ensuring your seed phrase is secure.

Never share your seed with anyone else: It’s extremely important that you never reveal your recovery phrase to anyone. Why? Because if someone else finds out your recovery phrase, they will be able to access — and therefore control — your crypto funds.
Make a note of it on paper and keep it in a secure location: This is the most old-fashioned way of storing your recovery phrase, but it’s still a perfectly valid option. You can either write it down by hand or print it out — just make sure that you keep it in a safe place where only you can access it. A fireproof and waterproof safe would be ideal.
Storing inside a Password Manager: A password manager is an encrypted digital vault that can store sensitive information like usernames, passwords, and recovery phrases. This way, you only have to remember one password (the password to your password manager) instead of dozens or hundreds of different ones. Some examples of password managers include Onepassword and Lastpass. Storing your recovery phrase in a password manager has several advantages, one of which is added security. Adding a secondary password — also known as a passphrase — users can create an even stronger and more secure backup.

If you want to be extra safe, store your recovery phrase in multiple locations. That way, even if one backup gets destroyed, you’ll still have another one intact.

Purchase a licence for this article. Powered by SharpShark.

What happens if you lose a seed phrase?

Losing a seed phrase is really the worst-case scenario for a cryptocurrency owner. One cannot recover a wallet seed in case they lost or forgot it.

Giving your seed phrase to someone or entering it on a website has no practical benefit as it may lead to losing your cryptocurrency assets. Additionally, avoiding writing a recovery phrase on a refrigerator may help you protect against theft.

The best way of ensuring you don’t lose your seed phrase is by noting it down and keeping it safe. In addition, keep your seed phrase somewhere it cannot be destroyed by any element. But, can someone guess a seed phrase?

The seed phrase is generated randomly; not even the cryptocurrency user knows what word combination will be used to generate the seed phrase. Due to a seed phrase’s random characteristic, it is hard to guess a seed phrase. Something else that makes it challenging to know a seed phrase is that it consists of 12 to 24 words leaving no chances of getting all the words right.

Can a seed phrase be hacked?

In the crypto world, losing cryptocurrency is a nightmare for all cryptocurrency owners. Losing your seed phrase to an attacker means you can’t recover your crypto funds.

Being in a digital world, crypto heists are tirelessly working to reap what they didn’t plant. The worst part you would want a hacker venturing into is your cryptocurrency wallet. As seen earlier, a seed phrase is a master key to accessing a cryptocurrency wallet, which means that in the wrong hands, damage is inevitable.

However, by having a large number of words in a seed phrase, it is hard to hack it. In order to access a seed phrase, phishing is the main method used. One way scammers try to get a seed phrase is by sending emails pretending to be customer support and request for a seed phrase or private key.

Once the seed phrase lands in their hands, they can access a crypto wallet and steal everything in it. It is always advisable to keep your seed phrase private and never share it with anyone else.

Recovery phrase vs. private key

Despite being related to each other, the recovery phrase and private key are different. They both are used for securing cryptocurrency wallets.

A recovery phrase is a crypto wallet recovery password. The recovery phrase is used for the recovery of a cryptocurrency wallet in case the owner forgot their password. A private key, on the other hand, is used to point to a blockchain address hence securing transactions. A private key is used for transacting cryptocurrencies by proving ownership.

In short, a recovery phrase is a master key to all of your crypto accounts. These words are what give you access to all of the private keys stored in your original wallet. The goal is to have full control over your assets. Having this phrase allows you to still access your blockchain assets even if you lose or damage your physical hardware device. But, how does a seed recovery phrase work?

Simply put, users may access their crypto accounts from whatever wallet they choose — it’s like having a charger for every type of phone. Imagine the confusion if every wallet necessitated a different recovery phrase format. This would imply that your crypto assets would be entirely dependent on which sort of recovery phrase you’re using, leaving you no control over them.

How does a seed phrase look?

A seed phrase might be confusing and probably you might be wondering how a seed phrase looks and maybe how it is created. The seed phrase is generated by a cryptocurrency wallet and the user has no way of customizing it.

The words generated are derived from a list of 2048 words. So, how many words is a seed phrase? A seed phrase is made up of a long string consisting of a group of random words.

The words on a seed phrase are simplified so that the user can remember them, unlike if the seed phrase consisted of long numbers or special characters.

The recovery phrase consists of 12 to 24 words like energy, road or open. To avoid errors, these randomly generated words do not include pairs like “man” and “men” in the same seed phrase. Bitcoin improvement proposal-(BIP)-39 in 2013 introduced these types of phrases and established a standard for deterministic wallets. Here is an imaginary 12-word seed phrase: Cry, planet, Loose, Typical, Humankind, Toddler, Anxiety, Difficult, Happy, Never, Alternative, Remorse.

A seed phrase controls all the private keys associated with a deterministic wallet. BIP-39 proposal makes major wallets cross-compatible, allowing the users to load the recovery phrase to a new BIP-39-compatible wallet to access the funds when they are lost or if you want to switch wallets.

What is a seed phrase?

A recovery phrase (also called a seed phrase) is a group of random words generated by the cryptocurrency wallet that allows you to access the crypto stored within.

One can consider it as a wallet comparable to a password manager for crypto, and the recovery phrase to be similar to the master password. You’ll have access to all of the crypto linked with the wallet that created the phrase — even if you delete or lose it — as long as you remember your recovery phrase.

A seed phrase aids to recover a cryptocurrency wallet when a user forgets their password. The seed phrase can be said to be a crypto wallet’s master key. For example, if you had a hardware wallet and lost it or deleted your wallet from your computer, you can easily create a new wallet and use the seed phrase, which will recover your cryptocurrencies.

The 2 Most Common Airdrop Phishing Attacks and How Web3 Wallet Owners Can Stay Protected

June 18, 2022 Bitcoin.com