A seed phrase consists of 12 or 24 words representing your bitcoin ownership - it’s a human-readable version of the secret that can unlock your bitcoin on the blockchain. Lose track of it, and you’ve lost access to your money – potentially forever. Let someone else see it, and you’ve given them all they need to take your money. Keeping them safe is a lot of responsibility! It’s a sharp edge of self-custody that we are aiming to smooth out.

And smoothing out sharp edges requires us to take a close look at the balance between availability and security we want to strike to make sure customers can reliably keep their funds safe. Keeping attackers out can make it harder for the rightful owner to access their funds when things go wrong (e.g. by misplacing this long string of random words). On the other hand, sometimes making it easier for the rightful owner to access their own money can make it easier for attackers to get in. We’ve previously posted about our plans for helping people recover from losing access to their keys. Alongside this, we also want to make sure bad actors don’t get a hold of customers’ keys.

To prevent attackers from stealing people’s keys, we want to make it hard to accidentally leave the keys in an unsafe state or even to accidentally hand the keys over. Many bitcoin owners are new to digital assets, and come to bitcoin for different reasons, with different life experiences, and with different levels of exposure to technology and safety on the internet. Protection of a seed phrase might come naturally to a longtime bitcoiner who’s been learning about security for years. But a newcomer who just went through a lengthy, complex setup process for a self-custody product might not immediately get around to finding a really safe place or format for the seed phrase they wrote down - if they know they should do that in the first place.

Figure 1: Transcription of a seed phrase during wallet setup

More fundamentally, beyond safe storage of these seed phrases, a newcomer to bitcoin might not fully understand that the seed phrases are all they - or an attacker - needs to move their money. If they don’t understand the sensitivity or think there is some extra layer of protection, revealing all or part of a seed phrase might sound like a reasonable form of authentication to a scammer pretending to be a ‘customer support’ representative for the company whose wallet they just started using. And there are so many ways for people to get tricked with seed phrases, from social engineering to phishing to schemes that trick people into using an attacker-provided seed phrase during wallet setup. We don’t want our customers subject to these types of attacks, so we aren’t burdening them with seed phrases in the first place.

Seed phrases also represent a juicy target for mobile malware - and particularly the unsophisticated kind. Mobile malware is still not nearly as common as desktop malware, and is most commonly distributed through mechanisms other than the Play Store or App Store. Of the attacks out there, many abuse accessibility API’s (like this Android malware), essentially tricking victims into providing a malicious application with extensive permissions. These applications are able to gain capabilities like the ability to read sensitive information from the screen -- and even to give an attacker limited ability to remotely control a subset of the mobile device’s functionality, mostly via the user interface, similar to the control a human holding the device has. Software wallets with the ability to display a seed phrase are ripe for abuse by this type of malware.

Even customers who use hardware wallets and don't hand over their seed phrase to scammers can still be subject to remote theft. When customers have to figure out how to back up a sensitive seed themselves, some end up with a copy in their cloud storage that is either completely unencrypted or secured with a password weak enough to be brute-forced by an attacker who steals the file.

So if seed phrases have so many sharp edges, why does anyone use them?

The first reason is to have a backup: people use seed phrases to back up keys without needing to worry about file formats or other ways to protect digital information. After all, seed phrases are easy to write on post-it notes, or take a picture of and put in cloud storage. Bitkey is a multisignature wallet that uses three keys instead of one, so our approach to recovery allows customers to recover from losing either or both of their devices, but without having to rely on unencrypted seed phrases left accessible to prying eyes.  

A second reason people use seed phrases lies in ‘key portability’: the ability to freely move your keys and money to and from different wallets, often by importing a seed phrase. If the provider of your software or hardware wallet goes out of business, or otherwise stops providing services to you for any reason, you can take your seed phrase - and your money - elsewhere. We think this property is essential to self-custody, and are working on a feature that will allow customers to export their keys and take them to another wallet if they so choose, but without asking people to hold onto seed phrases until they need them.

We want Bitkey customers to be able to move their money using the keys in their hands – always, even if they can't reach Bitkey servers for any reason over any time period, or if they no longer have access to the Bitkey app. We believe self custody that provides you with the autonomy to take your money elsewhere is possible without seed phrases and are excited to give people a self-custody option that doesn't require holding onto one. Reach us with any feedback on our direction at bitkey@block.xyz, on Twitter, or on nostr.

Share this post