Topic: Seed and hardware wallets (Read 235 times)

   Seed phrase is a connected series of numbers of 12 or 24 set of words that gives information needed to recover a missing or damaged cryptocurrency wallet,which is best known as security measures for digital asset held ones personal possession.

   Seed phrase and private keys perform two different function which are,
 ° A seed phrase has to do with fingerprint of all your Blockchain assets that can be use as backup for you,Incase you lose your crypto wallet, While Private key links you solely to your Blockchain address.

   The seed is your secret recovery phrase,that backup all private keys stored in your crypto wallet which accept you to get back all your blockchain addresses always without the original crypto wallet.

   When a hardware wallet is broken it needs you to get back your real seed phrase to another able to be used together device, almost the same as to a forgotten pin.
When your hardware wallet is missing or stolen, you have to buy a substitute.

Are you not meant to save your wallet seed phrase before doing whatever you want to do ?
As a user it's always advisable to save your wallet seed phrase in several place maybe if the wallet breakdown or damages beyond usage you can easily go to the stored place to get back your secrete phrase keys to start up back the wallet if damaged. However If you want to review restoration from the wallet most times some wallet doesn't have that feature so what you would is to careful make sure doing the creation and installation make sure to save your seed phrase and keep it safe.

If this is a matter of personal eyesight and reflexes of eyesight and coordination with hand, I know what you mean here and not everyone can clearly look at it. But worry not because there is no time or shot clock like a ticking bomb for you to write and save those seeds/recovery words. So, hurry not with that because it is going to take time and you have to check them clearly upon doing so.

No, you can't. Unless you want to avail their Ledger Recover which is a big no.

Say, that you're still able to access the ledger wallet and you have lost the seeds. You'll have to verify the transaction on the actual device before sending. I think that I understand you here. Yes, send it to another wallet like a desktop wallet, sweep that hardware wallet and generate new recovery phrases and after writing them down and backing it up. Send back the balances on that new wallet that you generated you've sent before.

I find it actually very good and safer if the setup of a hardware wallet requires the user to enter *all* prior presented mnemonic recovery words for a new wallet as verification that the user has actually backed them up (written on paper at minimum at this step). That way a user usually can't proceed with wallet setup if the recovery words are not backed up.

It should be clearly indicated that only an offline backup is safe, no screenshot, no digital copy, no picture to take. Some users are lazy, some are dumb and lack all knowledge of crypto coin safety. It's better to force them to safety than allow them wiggle room as some mobile phone wallet apps allow (for the sake of an easy setup... bullshit!). There will always be fancy pants who will postpone a recovery backup until cry-baby day.

Why would you want to check the backup words on Ledger Live?? Typing your backup on your computer or on your phone is a huge no-no. You should only verify your backup on the device itself like I said; even though Ledger wouldn't make a legitimate backup checker on Ledger Live in the first place because it's just such a bad idea.

Why would a sensible cryptocurrency holder wont back his/her when we both know things are programmed like that in the self-custodial wallet space?

You have a point but we also need to make ourselves responsible at some point not expect all the important tasks to be executed by the manufacturing company and this exact reason is why we see people using CEX as storage when they ought to use self-custodial wallets.
If educate ourselves very well we don't need to wait for the recommendation of a hardware wallet company in the area of backup our wallet seed phrase.

I think that Becassine is right: the feature discussed here may be convenient for a newbie who holds little money and does not have the knowledge on the importance of storing the seed securely.

For the advanced user, however, I was considering the scenario where that feature opens an attack vector which is not worth it because, as far as I knew, it is much easier to crack a pin than a word seed. But reading your post made me think twice:

On one hand, the limited number of tries is meant to make it almost impossible to crack the PIN.

On the other hand, if you lose or someone steals your wallet, by cracking the PIN he/she'd have access to your funds just the same as if they got your seed, no matter if they can see the latter or not.

So the benefits of the discussed feature outweigh the risks: in an emergency, if you lose your seed you won't feel forced to move your funds elsewhere. My two cents.

If an unauthorized person gets access to your mnemonic recovery words backup, that person doesn't need your unlock PIN at all. That person doesn't even need your hardware wallet at all (if you didn't setup some weird derivation path or optional mnemonic passphrase for your wallet). You might even don't notice that someone unauthorized had access to your mnemonic recovery words until your wallet is suddenly drained.


I see quite some things wrong with Ledger crap (I'm surely biased). A Ledger hardware wallet shows you the mnemonic recovery words only when you setup the wallet where you have to confirm every single word as far as I remember. So you have to write it down at setup. That's actually good.

Later you can't reveal the mnemonic recovery words anymore. You can only check the words with a Ledger verification app that takes your recovery words which you have to input in the hardware wallet and verifies that the derived seed matches the internally stored seed of your wallet. Doing it this way is also rather good.

What's wrong with Ledger crap is: they lied about that the seed never can leave the device. They just implemented this with their subscription based Recovery service. So it's only a matter of firmware software to allow your precious seed to leave the device. This firmware is closed-source, suprise, surprise. Dooh!

Being closed source, you have no idea what kind of shit is in their software/firmware. You have to trust a company that lied to you and that messed up other stuff, too. Good luck with that.

And I don't believe any claims of Ledger to go open-source in the important parts. That's just their usual fog candles in any shit storm they earned and deserved.



Trezor e.g. is not air-gapped (did I miss something?). I have no issues with non-air-gapped hardware wallets as long as you can verify in the firmware that an USB connection doesn't allow a network connection to and from the hardware wallet and that via USB no keys can leak.

Pin code won't protect your assets from been stolen, if anyone has access to your recovery backup then your pin code won't stop them from moving the assets out, pin code only protects you from someone who don't have access to your recovery seed.

Point of correction, I don't see anything wrong with Ledger wallet and they give users the access to their recovery seed, the only issue they have is closed source wallet, it would be great if this wallet is a open source wallet, maybe I would be using Ledger hardware wallet right now if they are open source.

Always make sure you keep your recovery seed, out of the public places, it's meant to be private, and always make sure that you go with a airgapped hardware wallet instead, the minimal I recommend is a Trezor hardware wallet.

Only an idiot won't try to save and check every words that it is correct so it can be use to import or recover the wallet if you lost access to it or wanted to import the wallet to a different wallet provider that support the same and I know that you are aware where some wallet provider use private key instead of a seed phrase. Password should also be taken into account as it is also important if the wallet requires a password or pin when creating sn account.

In the context of hardware wallets protected by some PIN code, you usually have only a very limited number of tries to enter PIN codes to unlock the hardware wallet. If you exceed that number the hardware wallet resets itself and erases the wallet.

If the PIN is only numbers then go with at least an 8-digit PIN (more is safer) and of course it shouldn't be trivial like 12345678 or your birthday or any publicly deducible personal numbers like your bank account or so. And don't have a sticky note with your PIN anywhere near your hardware wallet... 

It's not very likely that someone hits exactly your number-only PIN code within that very limited number of tries that a hardware wallet usually only allows. Sure, an unlock password consisting of characters, numbers and special characters provides more security.

It's best to check your seed words every time they are generated to confirm you wrote them down correctly.
Trezor hardware wallet have the option from settings to do Check Backup, and I think it's a good idea to have this.
But I don't like the idea of any hardware wallets showing and exporting seed words.

No, PIN code will not protect you from anything, it's just numbers, there are no letters or special characters.

I get what you're saying, but I don't view it as a real problem.  The way I see it - you can always hit the reset button and start fresh if you mess up.  Even Ledger gives enough warning when you first set up your wallet.  They practically strong-arm you into writing down your backup phrase before they'll even let you finish the setup.  You gotta confirm each word one by one and  so unless you deliberately ignored all their warnings, you'd have that recovery phrase stored somewhere external.

when choosing the kind of wallet you're to use, it is very important hat you make research on the functionality of the wallet and also know the category of wallet types it belongs, first of all, ledger wallet is not good for privacy anymore because of their data bridge in which their source code is closed, they don't make it an open source and this alone gives them the priority over doing some things undercover which we may not be able to see, no wallet will write out their descriptions and advantages and disadvantages for you except you make efforts by yourself in knowing them.

Just the idea or impulse to enter your mnemonic recovery words outside your (usually offline) hardware wallet, is completely wrong and voids the security of your wallet's private keys which the hardware wallet should protect from outside access.

You should never do this. Do not enter your hardware wallet's mnemonic recovery words on any online digital device like a usually online computer running Ledger Live (if you're a Ledger user) or (worst of all) an online website. This is an absolute no-go.

You need to understand the security concept of a hardware wallet. The random entropy (some call it seed) represented by BIP-39 mnemonic recovery words should never leave the hardware wallet, except for backup when creating the wallet. The mnemonic recovery words should only be shown on the hardware wallet's own independent display and never be able to be read by any outside software or any hardware probe. Before you sign a transaction with your hardware wallet, be sure to check every detail of this transaction and that it matches what your wallet software on your controlling computer or mobile device has submitted to your hardware wallet to be signed with your physical confirmation.
If there's any discrepency, abort and consider your online computer compromised!

If you can check that on Ledger Live, maybe Ledger could also get those words. It would be incredibly unsafe!
Checking on the actual device - let's say it's okay - but leaving the device is a very bad idea.

And if you lose your seed you can still create a second wallet and send your coins there. Of course, it's advised you create the second wallet in a safe environment (possibly another HW!).
However, it's an unnecessary headache imho. Keeping physical seed in a good place is the easy approach. (If you forget where, that can cause a couple of hours of panic, but in most cases you will find it).

Thank you for your answers. Yes, I know that you have to write the seeds on paper or metal and hide them well, but we don't always do what we should. And I thought of all this while reading a thread on the French forum with this person who had a ledger (and lost the restore words). In the end, he managed to access his funds through Electrum. I don't have a ledger, but a bitbox, it can display the words if necessary.
Personally, I think it's very practical, in addition to the SD card that memorizes the seeds, it gives you several backups when you're distracted and/or a beginner. So I was wondering how the other wallets worked, more like Ledger or more like bitbox.

If the wallet is stolen or destroyed, a good pin code will prevent the thief from accessing the funds. In reality, you have to find the right balance between security and ease of access to funds for the owner, which isn't always easy.


The question is: can we check the restoration words on Ledger Live or, if we've lost them, do we have to send them to another wallet and write down the new words?
I assure you that there are many more distracted people than you think... Not to mention forgetfulness, moving house, unexpected destruction, etc. etc. etc.

If your hardware wallet allows you to spend by simply entering the correct PIN, then showing the wallet seed or not will not change anything. Conversely, showing the wallet seed will reduce the headache of creating a new wallet and paying onchain fees. Therefore, if the wallet does not show this option, it is a defect, not an advantage.

In general, it is difficult to trust ledger, especially since it is closed source and it has been proven that they lie many times.

Last time I checked you can check/verify your seed on your Ledger (you enter in the seed on the device itself, not on a computer/web app).

Anyway, why do you even need such a feature? You should've checked at first setup if you've written down the correct set of words.

Imagine using a hardware wallet that has no recovery seed for users to write down or back up, and that hardware wallet damaged due to an incident, how will you have access to your fund? This is why recovery seed in the hand of it's rightful owner is the best thing.

Every good hardware wallets must give users their recovery seed just in case something happen, a good hardware wallet must always consider open source too, for tech savvies and none tech experts to see their code and also be able to trust the hardware wallet company.

Nothing beats non-custodial

Open source.

Airgaggped.

Any custodial or closed source wallets are a big concern to me, don't rely on them as safest option.

I think that this "lack of a feature" can be seen as an extra security measure. The first thing that comes into my mind is what if somebody has multiple wallets, based on the same seed and very few standard English words. While, if knowing the PIN, only one can be emptied, with this "feature" and a dictionary based attack, all the wallets can be emptied.
But maybe I am thinking too far and was just seen as an unnecessary feature, since people should properly save their seed words somewhere else.

It's crucial if other people get the hold of that HW wallet with your pin. Hardware wallets should only work on creating wallets, sending/receiving, restoring the wallet seed and a malware-proof that it will not get affected when making transactions on malware-infected device (at least that was advertised). Nothing more, recovery depends on the user's practice as it always recommends to have backup.

I do not see it as an advantage because we should think about the senario of a hardware wallet owner not backup the seed phrase and the wallet got damaged or stolen.

A good wallet will recommend its users to backup the seed phrase. Also letting the users know the importance of the seed phrase and the reason not to misplace it.

Although, not that I am recommending Ledger Nano wallets.

You are supposed to save the seed phrase backup anywhere somewhere safe if you don't save it or lose and forgot the seed phrase you don't have other choice but to transfer funds from the ledger to a new wallet and reset the ledger hardware device to generate a new seed phrase backup and transfer all funds back to your ledger wallet.

About Bitbox hardware wallet yes they do have advantage features that you can't find on the ledger wallet like "show BIP39 Mnemonic" and take note Ledger doesn't have an open-source code we do not know how safe the ledger wallet is.

All open-source hardware wallets are much safer than closed hardware wallets like Ledger check other open-source hardware wallets from this link below.
- https://bitcointalksearch.org/topic/list-open-source-hardware-wallets-5288971

I haven't tried every wallet on the market. According to my latest tests, you can't check your seed with the ledger, for example, but you can with a bitbox. (handy if you've lost the words, for example, but have access to your wallet and want to write them down somewhere). It seems to me that being able to review restoration words is very important for a beginner, as you don't always have the right reflexes at first. What do you think? This information (whether or not recovery words can be accessed) is never found in wallet descriptions. (unless I'm mistaken)