What is a recovery Seed?
A recovery Seed is a failsafe for recovering all the funds stored in acryptocurrency wallet. It is generally a collection of 12-24 ordered words (mnemonics). Think of it as a complex password.
Recovery Seeds are only generated by a specific type of crypto wallet, known as non-custodial, where you fully control the funds. This is the power of true decentralised money, but with great power comes great responsibility.
It is near mathematically impossible for someone to guess your Seed, giving it immense security, but being your own bank means there is no password reset function or 24/7 chat support.
If your Seed is lost, destroyed or stolen, there is no way back, so you need to think very carefully about how and where you store your recovery Seed.
Why you need to protect your recovery Seed
Now you understand what the function your recovery Seed serves, it should hopefully make it clear why you need to safely store it. If you lose access to your custodial wallet, your Seed is your only recovery path. It represents the entire value of the funds stored in the wallet.
How might you lose access to your crypto wallet?
Non-custodial wallets can come in many forms - Browser Wallets, Mobile Wallets or Hardware Wallets. Each of them has similar vulnerabilities whichcan mean you lose access to your crypto funds.
You might delete the App/Software/Extension by accident.
Your phone/laptop/device, might break, be lost or be stolen.
Don’t think it won’t happen to you
In each of those scenarios, your funds might be lost forever without your recovery Seed. You might be reading this and thinking, “that won’t happen to me”. That is what is known in behavioural psychology as ‘normalcy bias’ - the tendency to underestimate threat warnings.
Unfortunately, normalcy bias extends to attitudes toward information security. In late 2021 Google started enforcing the use of two-factor authentication because its own data suggested only 10% of users had activated 2FA despite its effectiveness in reducing the most common threats to your personal data.
Subscribe To The NGRAVE Academy
Knowledge for all levels. Join our newsletter to receive the latest articles.
“A joint study by Google, New York University, and University of California San Diego found that MFA can thwart up to 100% of attacks coming from automated bots, 99% of bulk phishing attacks, and around 66% of targeted attacks.” From Bleeping Computer
Normalcy bias can explain the reluctance to use sunscreen or wear a cycling helmet. It is also one of the main reasons why cybercrime is so rampant, and why newcomers to crypto ignore the importance of safely storing their recovery Seed.
Some estimates suggest that up to 20% of Bitcoin’s Total Supply are lost forever amounting to almost 4 million of 19 million coins that have now been mined, with a staggering value of over $160bn at current values.
The fear of losing a recovery Seed pushes many crypto investors to opt for the custodial wallet option, though that puts their funds in someone else’s control and opens up a bigger list of potential threats.
The challenge, therefore, is to provide a practical and secure way for you to take ultimate responsibility for the list and order of the words that make up your recovery Seed.
To help you decide how best to store your Recovery Seed we’ll walk through the process of how you access it.
How do you access your Recovery Seed?
Let’s start by understanding how you access your Recovery Seed in the first place. Remember, not all cryptocurrency wallets allow self-custody, many act like your banking App, giving you access, but retaining ultimate control. Those that do are known as HD Wallets - Hierarchically Deterministic.
HD wallets simplify crypto security for the end-user because they present the complex cryptography that protects your cryptocurrency in the user-friendly form of the Seed.
So when you set up/install a new HD wallet it will generate the Recovery Seed as part of the process. This is generally in the form of 12-24 unique ordered words, though NGRAVE use our own special Perfect Key, combining letters and numbers with a high level of entropy (randomness) by incorporating inputs specific to the user and their environment - fingerprint and local light. Read about that process here.
When the Seed is generated you’ll be prompted to make a record of it, then confirm this by entering a few of the Seed words based on their position in the order i.e. ‘Please enter words 4, 7 and 9 from your Seed’.
Your wallet will automatically derive all your crypto addresses from that recovery Seed. It means you don’t have to care about storing the individual Private Keys which protect each address on the blockchain, just the Seed, which unlocks all of them.
Hierarchically Deterministic wallets were first introduced in 2011 in Bitcoin Improvement Proposal (BIP 0032), and later applied to other cryptocurrencies through BIP0044, three years later. Seeds are drawn from a standardised list of 2,048 words determined in another Bitcoin Improvement Proposal (BIP 0039).
Having generated the Recovery Seed there are some obvious ways you might initially consider storing it, which on reflection turn out to be bad ideas.
How not to store a recovery Seed
Don’t store your recovery Seed on a device that is connected to the internet as that could be compromised. That includes Password Managers, Google docs, Text files, Digital photos, Emails or USB Sticks.
Don’t even type your recovery Seed out on a connected device as key tracking software could compromise it.
Don’t print your recovery Seed, or take a photo of your recovery Seed, as that creates a copy in the device memory which might be compromised.
Don’t split your recovery Seed up into two or more sections, and separately store those. This will just double your chances of losing it.
Don’t travel with your recovery Seed, this will increase the risk of loss or theft.
Don’t try and memorise your recovery Seed, our brains are only optimised to remember seven pieces of information, which is why car registration plates and telephone numbers use seven characters.
Don’t jumble the order of the words; a Seed has to be recovered in the order it was created.
Don’t add decoy words to your recovery Seed, or store a partial list online. Recovery Seeds are generated from standardised dictionaries so decoys would be easy to spot and partial lists broken by brute force.
Don’t write your recovery Seed on a standard piece of paper. Paper is easily lost or destroyed by fire, water, insects or heat.
How to store a recovery Seed
Having read the list above you might be wondering what options could possibly be left. There aren’t many options, which actually make your life easier.
Imprint your recovery Seed on a material that is resistant to fire, water and the elements. The most popular option is a stainless steel sheet combined with a punch pen or embossing tool. Store the sheet in a safe place and don’t tell anyone.
Write it on special paper that is water-resistant and non-shreddable; ideally, store that paper in a fire-proof strongbox.
The reality of generating a Seed means that it might not be practical to do this straight away. In that case, you might use a standard piece of paper as an initial record, which you then burn once you’ve transferred it to something more resilient.
The NGRAVE approach to storing your Seed
As part of our focus on security, the NGRAVE ZERO hardware wallet comes as standard with our waterproof, non-shreddable, paper, but we’ve developed a far better solution to Seed storage if you're prepared to invest a little more for peace of mind.
NGRAVE’s backup solution is GRAPHENE, consisting of two stainless steel plates - resistant to temperatures up to 1375°C (2507°F), water, corrosion damage and shocks. The steel sheets are used to physically imprint a 64 character pattern - the equivalent of the Recovery Seed list - generated from a combination of numbers and letters. We call this theNGRAVE Perfect Key.
One plate is a blank piece of stainless steel, while the other is a grid consisting of 64 columns, each with 16 character options (0-9 & A-F) and holes, for a total of 1,024 positions.
The grid plate fits exactly onto the blank sheet, and the user punches the Seed generated by the ZERO during set-up, through the corresponding holes in the upper plate, embossing the Seed onto the lower plate.
A pen is provided featuring a click mechanism that automates the physical power exertion required to “punch” the hole in the lower GRAPHENE plate without damaging the upper one.
Given the user interaction in the Seed generation (mentioned above) NGRAVE has no way of knowing what the key is or might be, as the difficulty of guessing it by brute force becomes too high. The order of hexadecimal characters within the columns is unique to each plate so there is no way to have prior knowledge of the upper GRAPHENE template.
The use of two plates enables the Seed to be split into two parts, which on their own are agnostic and reveal no detail of the Seed, but still allow for an ingenious recovery mechanism in case the user loses the upper template.
Even with the unique approach to Seed storage that we have taken with the GRAPHENE, there will always be an element of personal responsibility. Security comes down to how seriously you take that role. Your crypto is worth far more than the flimsy piece of paper your Seed might be written on, so it is definitely worth considering an alternative for the safe storage of your funds.
If you’re worried that your Seed security would mean your funds die with you, NGRAVE’s GRAPHENE provides options to handle inheritance. You could, for example, disclose the separate locations of the upper and lower plate in a will, managed either by a traditional notary, a blockchain notary system (e.g. upon death certificate, the blockchain can release the locations).
No inheritance option for a Recovery Seed is simple or without some counterparty risk, because the reality of taking full control of your crypto means responsibility stops with you.
Now you know how to store your recovery Seed you should see this as a feature and not a bug and can embrace the opportunity to be in control of your wealth, acting accordingly.
Great overview, but how do I explain it to a friend?
A recovery Seed is the ultimate failsafe for funds stored in a crypto wallet. As it is in the form of a list of 12-24 short words the most popular storage options are within an online document or written on a piece of paper. Both are insecure. If you’re serious about protecting your crypto think about more secure solutions such as the GRAPHENE steel plate option offered by NGRAVE.