Do you need to back up your seed phrase?
Apparently, seed phrases are problematic.
Most people would prefer to set up their wallet and use it immediately, instead of writing down words, keeping them safe somewhere, storing multiple backups in various locations, and worrying if someone will find them, etc.
These are probably reasons why people 1) don't do backups and eventually lose access to their on-chain assets forever. 2) Do backups improperly and eventually lose access or get hacked.
Is it possible to leverage existing technology to create a reasonably secure setup without the need for seed phrase backup? That's what we're going to explore next.
Conventional setup
A conventional setup (for example, when you set up MetaMask or a hardware wallet) creates one EOA (Externally Owned Account also known as a Wallet) and one seed phrase, which is advised to be backed up in geographically distant locations in case of fire, flood, etc.
What are some of the risks associated with such a setup?
Seed phrase backups are analog, so they can't be hacked.
Seed phrase backup might be compromised - accessed by someone unauthorized. The likelihood of this depends on how secure the locations where you store your backup are.
The device that stores the seed phrase and signs transactions might be hacked - the likelihood of that depends on the device used (computer, phone, hardware wallet), its operating system, your opsec, and other factors.
No-backup setup
Can you see how it's similar to the conventional setup, except seed phrase backups are nowhere to be found?
This is how we get rid of seed phrase backups. We’ve created 3 different EOAs on 3 different devices, and they act as backups for our Multisig wallet.
The Multisig is configured using the 2 of 3 scheme, which means it executes transactions when at least 2 of 3 EOAs provide valid signatures.
Let's explore the risks associated with this setup:
At least 2 of your devices would have to be hacked simultaneously for your funds to be at risk - highly unlikely, especially if you've chosen devices from different manufacturers with different operating systems and you practice good opsec.
At least 2 of your devices would have to be lost simultaneously for you to lose access to your funds forever - the likelihood depends on how you carry and store the devices. For example, if you take your phone and laptop everywhere with you, and these are 2 of 3 of your EOA devices, one day, they might get stolen from you.
What happens when one of your EOAs gets lost or compromised? Let’s assume for example Device 1 EOA got lost. You simply:
Generate Device 4 EOA
Use the remaining Devices 2 and 3 to reconfigure your Multisig wallet so that it no longer recognizes the lost Device 1 EOA and accepts Device 4 EOA instead.
Comparison
As with everything, there are pros and cons to this no-backup setup:
Hybrid setups - why not have it all?
If only 2 devices are used to sign transactions in the multisig wallet setup, why leave the 3rd seed phrase on a device (digital) instead of on paper (analog, impossible to hack remotely)?
Because we wanted to avoid seed phrase backups, I guess.
But if you want a different set of pros and cons of your setup and/or only have 2 devices available, this might be something for you:
Or maybe you want to protect yourself from a scenario where you lose both of your devices? You can add your friend's device to the multisig setup. They can't do anything on their own (due to Multisig's 2 of N setup) but can assist you with regaining access to your Multisig wallet in case you're left with only one of your devices.
I hope this article showed you how to think about on-chain asset’ security so that you can come up with your own configuration that meets your criteria.
There isn’t only one correct way of doing this. We need to understand the tools available to us and pick a setup that satisfies our current requirements.
Expect your choices to evolve over time.
What do you think: would a no-backup setup be easier to use and protect, by a non-technical person like your proverbial mother? Or is a tried and true paper backup more effective? Tweet at me @matmilbury.