Why you should protect your seed phrase

February 7, 2023

What if we tell you that keeping your cryptocurrencies safe is not as complicated as you might think it is? 

To answer this, we created an easy-to-read article, which includes the definition of a seed phrase, how it looks, what’s the difference between public and private keys, what kind of wallets have a seed phrase, how to generate one, and most importantly, why you should keep a watchful eye on it.

We’re going to start with a very well-known saying: Not your keys, not your coins. We follow this motto, and you should, too. To explain this in just a few words, we advise you to hold a non-custodial wallet, so that you hold a pair of private and public keys, a seed phrase, and can access your funds anywhere and make whichever transactions you want, but with a very important note: you have full responsibility of your wallet.

As there are still a lot of people who keep their assets in a custodial hot wallet, on crypto exchanges that are third-party custody, we strongly suggest you should move to a non-custodial one and mind only one thing: keeping your seed phrase safe. We’re going to show you below how to properly do that, so let’s dive in!

What’s a seed phrase?

You might have seen several names for it. 

Seed Phrase = Secret Phrase = Secret Key = Recovery Phrase = Backup Phrase = Crypto Seed = Mnemonic phrase = Mnemonic sentence

Cool, right?

If the above names are not enough, you can also call it the “Master Password” for all crypto accounts you own. Typically, it’s a set of 12 to 24 words long, depending on the wallet provider. This sequence of random words is generated when a wallet is created. After that, it serves as the key to your wallet and proof of ownership for the assets. You will only use it later in case you want to restore your crypto wallet, if you lose it or it’s stolen, allowing you to regain access to your funds. It’s the only backup you have in that bad scenario. This is why it’s so important to keep it safe and secure.

Even if the "mnemonic" word implies that the phrase should be memorized, we recommend you not to. Your memory, even if you think it’s super strong, should not be in charge of such responsibility. It’s a gamble, and it’s risky to memorize the seed phrase. The decision about the way you store it should be carefully thought ahead.

How does a seed phrase look?

Seed phrases are long strings consisting of groups of random 12-24 words. The order of the words is very important because mixing the words would give another seed phrase. The phrase is usually generated by the wallet software automatically, so you can’t customize it. 

These words are taken from the Bitcoin Improvement Proposal 39 (BIP39) list, which contains 2048 unique words. To avoid mistakes, similar words will not be included in the same seed phrase. 

A Seed phrase is an easier way to convey a complex number from the private key, expressed in simple, readable words. Each word represents a series of bits from the private key.

BIP39 List

BIP39 (Bitcoin Improvement Proposals) describes the implementation of a mnemonic code or mnemonic sentence, a group of easy-to-remember words, for the generation of deterministic wallets. It consists of two parts: generating the mnemonic and converting it into a binary seed. This seed can be later used to generate deterministic wallets using BIP-0032 or similar methods.

The list has 2048 words that can be used to create seed phrases. The modern wallets generate seed phrases drawn from this 2048-word list. At this point, you may wonder: But how safe are these 2048 words? Are they enough? Isn’t it easy to guess a seed phrase with only 12/24 words from this list? So here’s how it goes: even if 2048 words might seem like a small number, it’s not. It’s impossible to guess the sequence of words from a seed phrase. There are more than a decillion (2048 to the power of 12) word combinations for a seed phrase. Take that worry off the list. 

Seed phrase vs Private key

Because both Seed Phrase and Private Key are ways to access a cryptocurrency wallet, they are often seen as the same thing. Despite being related to each other, there is a difference between a Seed Phrase and a Private Key. Let’s see!

A Private Key is a long string of characters (letters and numbers) used for transacting cryptocurrencies and proving ownership of the funds in a wallet. When exporting a private key, you gain access to the assets in that specific wallet. 

You can create multiple deposit addresses (i.e. private keys) using the same seed phrase. By exporting your seed phrase, you will be able to access all wallets with the same seed phrase (each with its own separate private key). Due to its length and difficulty in reading and remembering, you don't usually handle your private key directly. So, public keys are encoded in the form of a seed phrase.

What kind of wallet has a seed phrase?

There are 2 types of wallets: custodial and non-custodial wallets. We made a really in-depth analysis in a previous article: Custodial & Non-Custodial Wallets. If you choose a centralized exchange like Binance or Coinbase, you don’t need to have a seed phrase. That’s because your assets are in the custody of the exchange (hence the name of the custodial wallet). You actually don’t have full control of your funds, in this case. All of your private and public keys are generated and stored on your wallet app, by a third party. You can't access them in any way. 

But in case you opted for a non-custodial wallet where you are given full control and ownership of your funds, you will also have a seed phrase for it.

How to generate a seed phrase

Most crypto wallets automatically generate a seed phrase when you set them up for the first time. So, if you hold a Ledger, it will generate the seed phrase of your wallet. If you set up a wallet in an app like Maiar App (soon to be XPortal), this will generate your seed phrase. There aren’t other chances available, because the process is automatic. 

So you can't really manually generate the secret phrase for any hardware wallet, nor for most software ones, at the moment it is initiated. Using pseudo-random words for the seed phrase of a hardware or software wallet could be possible, but it’s tricky. However, your wallet might not accept it if the last word is a checksum and you don't know how to calculate it.

If you are curious about how a seed phrase is generated, let us tell you the process!

  1. At first, you need to generate entropy, which gives the source of randomness. This entropy is actually a very large number, a series of bits. It has to be a multiple of 32 bits, somewhere between 128 and 256 bits.
  2. Secondly, you encode the entropy in a mnemonic. After adding a checksum, 1 bit is taken for every 32 bits and it’s added at the end. Then, you split the number into groups of 11 bits that are converted from base 2 to base 10 (that is, in the numbers that we humans understand) and these numbers will correspond with the words in the BIP39 list.
  3. The last step is converting the mnemonic into a seed. The backup phrase obtained above is passed through a PBKDF2 function which hashes it several times until a final result of 64 bytes (512 bits) is obtained - hexadecimal. This is the seed that produces a Master Extended Key for a deterministic hierarchical wallet.

What happens if someone has my seed phrase / if I lose it?

It’s simple and heartbreaking. You are in danger of not owning your assets anymore. 

In the first case, when someone has your seed phrase, he can access your wallet with it. If it has access to your wallet, it could also do anything with the funds. So he could transfer all of them to his wallet and steal your money. It’s that easy to understand. This is why you should absolutely protect and store well your seed phrase.

If you lose it but didn’t give access to anyone else, it’s still bad news. Usually, you can’t do anything about it.

There is a way, though. If you've lost your seed phrase for your MultiversX blockchain wallet, you can still access it if you use the web wallet, with the json file. So make sure you keep that in a known folder, in case you need access. So if you don’t have your seed phrase anymore, but still have the json file, you can access the wallet. After that, make sure you transfer the funds to another wallet of your own. And protect that wallet’s seed phrase. If you only use the Maiar App and not the web wallet, you'll need to have previously entered your seed phrase in the web wallet, in order to recover your wallet. 

What is the best way to keep safe a seed phrase?

At the moment you set up your wallet and your seed phrase is generated, you have 2 options. Either you have to note down the 12/24 words and store them well, or it’s encrypted in your cloud. For example, Maiar App offers you the possibility to make a backup of your seed phrase in your Drive. Even if it’s online, the fact that it’s encrypted makes it safe. You will have to set a password for the encrypted file, so it’s your mission to keep that one safe. 

On the other hand, Ledger will ask you to note down one word at a time. Ledger also has some papers in its package for this purpose. After you note down all the words on the paper, it’s your final mission to keep them safe. What’s the best way to do that? You know we’ll say this - Kryptodots! If you haven’t heard of it, you should know Kryptodots is a device. Not an electronic one, but a very solid one made of stainless steel. Its scope is to protect your secret phrase - therefore, your digital assets. 

Now comes the interesting part… your secret phrase’s 24 words - or 12, by case, can be converted into dots, using a bip39 word list. After that, you mark the dots on the plate, following the instructions you find within the Kryptodots kit.

What’s neater about this product is that you can apply any scrambling/encoding algorithm you can think of to the passphrase, so only you know how to extract the information.

So, to sum up, Kryptodots is the best way to ENCODE, STORE, and PROTECT your digital assets. The only reasonable alternative to the Kryptodots is a piece of paper. But we all can imagine its weaknesses. It can easily degrade, catch fire, or get wet and become useless. And it’s not just that. Let’s say you choose to make a laminated paper that's impermeable. It’s true, you get a higher level of protection, but not the best one. It still can burn easily and also your words wouldn’t be encoded. Owning a Kryptodots assures you of this protection, too.

What NOT to do with a seed phrase?

Clearly, you should not give it to anyone. Even if you have a problem and need help from someone, you should still NOT share your seed phrase. There are many scams in crypto around this issue. 

Secondly, you should never store it somewhere digitally. That means you must assure you don’t make screenshots of it, note it in Notes or any other app. Also, don’t keep it in your gallery, and don’t take photos or videos with it. Keep it only offline, away from digital “view”. 

And even offline, we advise you not to keep it in only one place, just in case. Don’t just write it down on a piece of paper and put it in an insecure location. 

____________________________________________________________________

Now you know why you should protect your seed phrase so well. So keep this in mind: Always back up your Secret Phrase in a safe offline place. Your seed phrase is the key to your wallet. Make your journey in the DeFi universe a safe one!

Error!
No 'MonsterInsights_Popular_Posts_Widget_Sidebar' widget registered in this installation.

Leave a Reply

Your email address will not be published. Required fields are marked *

19 − 6 =