Latest

Ledger Stax and Ledger Nano X Wallets: Which is right for you?

Vault12Art Krotou

Ledger Stax and Trezor Model T: two strong wallets compared

Vault12Art Krotou

Voice-Level Security: A New Dimension of Digital Trust

Vault12

How to choose between the Ledger Stax and Trezor Safe 5 Wallets

Vault12Art Krotou

Basics

Learn about how the risks of holding cryptocurrency are different than those of traditional investments, and how to move ahead with confidence and safety.

View all articles

What happens to your crypto when you die?

Understanding your choices when it comes to inheritance of digital assets


Your estate planning should include any cryptocurrency, NFTs, digital art, and other digital assets that you own. The Vault12 Guard app makes that planning easy, so you can rest assured that your crypto will live on when you die.

"Quite simply, if you don't record all of the details about your assets and communicate them to the people who will be the beneficiaries, those assets will likely be lost forever." -Wasim Ahmad, Chief Crypto Officer at Vault12

What should you know about how to pass on your crypto assets?

If you're at all involved in or curious about investing in digital assets, you've probably wondered "Can digital assets be inherited?" The answer is yes! Vault12's Chief Crypto Officer Wasim Ahmad shares his thoughts about the most important things to know about Web3 asset inheritance and passing on your crypto.

Inheritance: What will happen to your NFTs, digital art, and crypto when you die?

What will happen to your NFTs, digital art, and crypto when you die? You need to understand the fundamentals of inheritance, and how to pass on your Web3 assets to your children or heirs.

How is Crypto Inheritance different from traditional Inheritance? 

Hello. My name is Wasim Ahmad, and I'm with Vault12, the pioneering creators of the digital inheritance mobile app Vault12 Guard. Today we're going to talk about inheritance for Web3 assets.

We should carefully consider Web3 inheritance because it is fundamentally different from the relatively straightforward steps for a traditional inheritance. With traditional assets, you go to the bank or the broker, you tell them that someone has passed on or is incapacitated, and then you get access to those assets. But in the Web3 world, as the owner of those assets, you are responsible for the security and safekeeping of those assets.

How can NFT Collectors pass on Web3 assets? 

Who cares the most about Web3 asset inheritance? The most conspicuous group is NFT collectors. People have an emotional attachment to NFTs. They're buying NFTs that they love, often regardless of the value. These are cherished assets that they fully intend to pass on to others.

How can Web3 Creators pass on Web3 assets? 

The second group that cares a lot about passing on Web3 assets is creators. Creators usually keep an inventory of NFTs, often in the form of an inventory of art. They also have royalty wallets, so that every time an NFT is transferred or sold, a portion of that sale's proceeds goes into that wallet. These are wallets that need to be protected for the long term!

How can crypto enthusiasts pass on their assets? 

The third group that needs to pass on Web3 assets is, of course, crypto enthusiasts who have purchased cryptocurrency and want to make sure that it will be passed on. Crypto inheritance can include Ethereum, Bitcoin, and tokens from other blockchains.

How to ensure that your Web3 assets will be inherited as you wish

The most essential part of making sure that your Web3 assets will be inherited is making sure that you have a bang up-to-date inventory of all of your assets.

We've all purchased NFTs and cryptocurrencies on different blockchains, which are stored in a myriad of different Web3 wallets. The number of possible ways to acquire digital assets means that there's not going to be just one thing that needs to be inherited; there will be multiple components. Each of these needs to be documented, and that list needs to be bang up-to-date.

How should an asset inventory list be communicated? 

One of the main elements of risk relates to the protection of your asset inventory. And then somehow, you need to actually pass that inventory list on. Consider what Web3 wallets tell you to do from a security perspective: they say to write down the seed phrase, write down your private key, back up your private key and your seed phrase so that you have it. Often you're doing this on paper, and typically with inheritance-related things, you're writing things down on paper and giving them to your lawyers. Every time you write stuff down on paper, although you might also store it in a safe, or some other safe place, the minute that you hand your asset inventory over to a law firm, a lawyer, or any set of people, you are exposing that information, which initiates a potentially unacceptable risk. After all, it will hopefully be a long time before anyone will need to use those credentials!

In contrast, Vault12 Guard does not disclose your asset inventory to anyone until it is needed.

Does storing assets in a secure wallet mean that Inheritance is set up? 

The second risk is that many people have relied solely on technology like hardware wallets, and other types of cold storage device to store their seed phrases and their private keys. And yes, these technologies can offer secure access to Web3 wallets. However, just storing assets on a hardware wallet does not mean that everything is set up for inheritance in the future! Secure storage protects your assets from internet-based threats and from casual exposure or hacking. But for inheritance, you actually need to communicate what the assets are and how to access them.

You still need to back up your hardware wallets, but you also need some kind of solution - like Vault12 Guard - that will take that information and pass it along to your beneficiary.

Who should be the beneficiary of your Web3 assets? 

It is very common to assign beneficiaries or legacy contacts to all kinds of accounts, from bank and insurance accounts to social media accounts like Facebook. Assigning a beneficiary for your NFTs, art and crypto should be just as easy - and with Vault12 Guard, it is.

Introducing Vault12 Guard: How to ensure your NFTs, digital art, and crypto pass on to your heirs when you die

Introducing Vault12 Guard: Ensure that your NFTs, digital art, and crypto pass on to your heirs when you die. Vault12 Guard protects your assets today and in future generations.

What is Vault12 Guard?

Our latest technology release Vault 12 Guard is a mobile phone app designed for ordinary people who are collectors, creators creating digital art and NFTs, and crypto enthusiasts buying cryptocurrency. Vault12 Guard is designed to make it as simple as possible to back up all of your Web3 assets and then assign a beneficiary who can receive those assets in the event of incapacitation or death of the owner.

How to get started with Vault12 Guard

With Vault12 Guard, it's very simple to back things up. It's very simple to activate Inheritance. And it's very simple for your heirs to retrieve those assets when needed.

How does it work? Very easy: Download the app from any of the app stores (iOS or Android), install it, create a digital vault, and then you can immediately start adding assets, which will be stored locally on your phone device for full, distributed, decentralized backup and inheritance.

Who are Vault12 Guardians? 

With Vault12 Guard, you can add and assign your own Guardians. These are people that you know: they could be business partners, family members, or friends who will guard your vault. Your Guardians will grant access to your Web3 assets in the event of your passing.

How will your beneficiary use Vault12 Guard? 

Once you've designated a beneficiary in Vault12 Guard, then everything's set for inheritance. You don't really need to do anything else apart from every time you add an asset, make sure that you put it in the Vault, with a backup, for your beneficiary to use when the time comes. To activate inheritance, all the beneficiary needs to do is make the request, the Guardians review and approve it, and then the beneficiary is granted access to all of the assets. The beneficiary can then access those assets and transfer them to whoever is the Rightful heir as defined in your will.

What are the key takeaways for Crypto inheritance?

One key takeaway is that first, you should work with an attorney to plan your Trust & Estate strategy.

Secondly, you need to understand the risks associated with backing up and planning the inheritance of Web3 assets. Given those risks, you'll need to choose a solution that works for you. We think that Vault12 Guard is the best solution, and that it can do an excellent job for you. Use it, or an alternative Inheritance solution ... or risk losing everything forever.

Why should I care about Cryptocurrency Security

Five risk categories that everyone should know, tales of staggering losses, and recommendations to protect your digital assets.


Learning about crypto security may seem daunting, since cyber threats are complex and ever-evolving. As a crypto investor, you don't need to become a crypto security expert, but there are a few very important concepts that you should understand. This article offers a summary of what you need to know about crypto security, reveals the biggest risks, and suggests a few things that you can do to best protect your assets.

Key Highlights: Crypto security considerations

Here are some of the main considerations when it comes to crypto security:

  • Retain your independence: If you trust any institution to protect your seed phrase for you, you are not taking advantage of the greatest feature of cryptocurrency: independence.
  • Theft is usually permanent: If someone steals your seed phrase and takes your crypto, you will probably never get it back.
  • Your best protection is a private, secure backup: If you lose your seed phrase, and you don't have a backup, your crypto is gone.
  • Don't forget about inheritance: If you don't share access to your seed phrase with anyone at all, your heirs will never be able to access it.
Some simple best practices can help you protect your crypto — let's dive into them.

What are the security threats to cryptocurrency?

To be brutally honest — and this goes for all kinds of valuables — if you don't pay attention to security, hackers or accidents will likely take your hard-earned assets from you.

There is a big difference between using traditional financial institutions to trade stocks and manage your bank accounts, and the world of buying and selling digital currency.

The key difference is:

If you forget the password to your bank account, you can obtain a password reset from the bank, but if you forget the "equivalent to a password" for crypto that you hold, there is no one who can restore your access to your funds.

Why? Because crypto is protected with a digital key represented by a list of words known as a seed phrase, and without this seed phrase, you cannot access your funds. This means that protecting your seed phrase is the same as protecting your funds.

You could avoid the responsibility of protecting your seed phrase by relying on a centralized exchange like Coinbase or Gemini to hold your crypto wallet for you as your custodian. When a custodial exchange controls your wallet, they are responsible for protecting the keys, and if you forget your exchange password, they can give you access to your cryptocurrency again. Although this is very convenient, whatever entity controls your keys or codes also controls access to your cryptocurrency, and that comes with downsides ("third-party risk"). In uncertain times, a primary benefit of owning cryptocurrency is the ability to "be your own bank" and to control your own funds — this is the very promise of the Blockchain and cryptocurrency. To realize this benefit, you must control your own keys, and thus, your own security.

The threats to your seed phrase — and hence to your cryptocurrency — range from hackers attacking centralized exchanges and stealing millions of dollars worth of cryptocurrency, to fraud by the owners or employees of exchanges, to the theft of your own local physical storage drives with seed phrases on them. However, the most likely threat is simply that you will lose access to the seed phrase because you lost the paper that you wrote it on. (Many crypto wallets advise you to just back up your seed phrase onto a piece of paper.)

Other threats include the seed phrase being lost in an accident (e.g., floods and fires that plague certain regions like California), or even — despite your diligent efforts to back everything up — you could simply forget the password to an encrypted drive where you stored your seed phrase.

Why is crypto loss so common?

What are the biggest risks to crypto security?

Let's examine the most common risks to crypto loss.

Don't worry — none of this is "rocket science." Moreover, cryptographic protection (and the "key management" that it requires) is not unique to crypto or Bitcoin, but is essential for your security on the Internet in general.

The best way to reduce these risks is to make sure that you carefully back up your seed phrase.

Supplementing this guidance, Vault 12's Wallet Guides show you how to create wallets in a secure and safe manner, and suggest when you should follow default instructions. We hope that these articles, written by security experts, help you to navigate crypto security in a simple way so that you can enjoy participating in the exciting and empowering world of crypto.

Let's explore in a little more detail.

"Safeguarding money is necessary for the crypto economy to flourish."

Cameron Winklevoss, Winklevoss Capital

What "owning your own money" really entails

In a traditional banking scenario, clients don't have to worry about the theft of their account funds, or incorrect transactions. This is because banks work to block potentially fraudulent transactions, and to issue chargebacks for unintentional transactions. The role of the traditional bank is to provide and ensure such security.

A distributed ledger on a blockchain network is also secure and resilient, though it uses different mechanisms. Blockchain transactions are extremely secure in the validation, resilience, and integrity that they provide.

However, points of failure associated with a blockchain network migrate towards the user's end of the spectrum: by managing your own money, you become the potential single point of failure in protecting your funds. How? As a cryptocurrency owner, your access to this resilient network is through your crypto wallet, and that access is granted through your seed phrase. Your seed phrase can restore your private key if your wallet is lost or damaged. Therefore, your careful storage and use of this private key — and your seed phrase backup — determines whether your crypto funds remain secure, or are exposed to loss or theft. In this way, you are fully responsible for the safety of your funds.

Blockchain transactions are fast and permanent

The decentralized finance (DeFi) movement has introduced a new paradigm in which owning your own money and participating in a decentralized financial network creates a whole new form of economic mechanics. Instead of central authorities solely determining an economy's fate through monetary policies, an economy is also affected by how blockchain software evolves, and by how people interact with it.

How a blockchain network settles and records transactions for a cryptocurrency is determined through the exercise of its operational protocols. Completed transactions remain immutable forever. Immutability is a characteristic that offers great security to monetary transactions: once a transaction is completed, it is committed permanently, and can not be reversed for any reason.

Transaction settlement is very fast compared to traditional banking, where charges may be reversed long after the transaction has been completed. However, because a blockchain is immutable, any losses as a result of a security breach or accident are irreversible. This opens digital asset finance up to a whole new array of security threats.

The challenges of crypto key management

Poor key management is by far the most common way that crypto is lost. Given that many of us need to rely on "forgot password" functions to recover simple 9-character passwords, it's unrealistic to believe that we can be trusted to casually maintain a digital key or seed phrase.

Key management is difficult for those that are tech-savvy — and even harder for those who aren't. Because of this predictable difficulty, estimates show that between 17 and 23 percent of all bitcoin have been lost as a result of losing a private key!

Taking control of your own crypto keys also puts your funds at risk of environmental disaster. Should an earthquake demolish your home and crush your hardware wallet or hard drive with your paper wallet stored in it, it most likely will not be recoverable. If this happened, your funds would be abandoned on the blockchain forever.

Hackers and crypto

Hackers pose one of the most serious threats to cryptocurrency holders. In 2017, 13.7% of the world's population reported a hack of some type digital asset — including both bank account balances and cryptocurrency. This indicates two important points: One: hackers are rampant, and will relentlessly continue to steal from consumers. Two: consumers are not effective at personal digital security. Should the world switch over to blockchain-based finance — where transactions are irreversible — this will be a far greater threat than it is today.

Hacking attacks are possible through targeted malware or virus attacks, and through other deliberate compromises. In 2017, a virus attack named "WannaCry" yielded a loss of over 108,000 Euros from everyday consumers using applications compromised by the virus. In July 2018, a Chrome browser VPN extension was hacked and used to retrieve private keys entered into a MyEtherWallet browser tab — leading to a loss of over US$1.2 million from average consumers. In 2018, a MyEtherWallet browser plugin DNS hack let hackers steal over US$365,000 from users.

Exchanges have also not been left out of the fun — see Risk 1 below, showing that numerous major exchanges have seen thefts through security breaches. Some of these include Mt. Gox, BitInstant, CoinCheck, and BitGrail. Hundreds of millions have been lost, and not all of these exchanges covered the losses that exchange users faced. This all goes to show that hackers indeed pose a risk to both cryptocurrency holders and cryptocurrency custody handlers.

How to secure your crypto: Risks and recommendations

Below are some poignant examples of loss, a summary of risks, and some common-sense recommendations.

Risk 1 - Leaving cryptocurrency on an exchange

When many people first start trading cryptocurrency, they end up leaving their crypto on an exchange. It's convenient, and the coins are conveniently available to use in transactions — but unfortunately, hackers love the fact that so much crypto is in one central place, ready for the taking.

According to to Inside Bitcoin, more than $11 billion (and counting) has been stolen not only from supposedly secure crypto exchanges, but also from other custodial wallets and mining platforms, mostly due to hacking incidents.

The number of exchange hacks is not declining over time. According to NASDAQ, Cyber-attacks and hacking incidents on digital assets netted $1.8 billion in the first 10 months of 2020 alone.

A large hack happened on the KuCoin centralized exchange in September 2020, with hackers stealing $275 million from the Singaporean exchange.

Hackers have gotten their hands on $11 billion in stolen cryptocurrency since 2011. More than US$11 billion has been stolen from supposedly secure crypto exchanges, wallets, and mining platforms since 2011, mostly due to hacking incidents, research from Inside Bitcoins has revealed. - July 2020

Exchange hacks are not just limited to third parties - employees, and even founders of exchanges have perpetrated massive frauds, as demonstrated by the now-infamous FTX exchange fiasco.

In addition to the famous QuadrigaCX case in 2019, another top10 exchange, OKEx, suffered an outrageous hack by a founder who went missing, absconding with exclusive access to users' private keys. This led the exchange to freeze withdrawals on all users' assets for more than five weeks.

This is why it is essential that you not leave your crypto assets on exchanges, regardless of assurances to the contrary.

Recommendations:

Exchanges are the main target for hackers. Those are the biggest honeypots. So the number one rule in Crypto is, do not keep your money on an exchange, and if you're going to custody that money, you need to do it off of the exchange..."

Joe DiPasquale, BitBull Capital

Risk 2 - Storing Cryptocurrency locally

There are many, many stories of seed phrases being backed up onto local devices and then getting lost or stolen, or the PIN/Password being forgotten. The trouble with local storage is that it's easy to lose, or even for someone to target and steal the storage device.

Recommendations:

Risk 3 - Being targeted by criminals

With so much of our personal information available to anyone who wants to target us, the risk of your crypto being targeted is very real. Personal attacks include email phishing attacks, SIM Swap attacks that can sidestep 2-factor authentication, and various other ingenious social engineering attempts. The majority (50%) of crypto thefts in 2020 occurred on Defi protocols.

"We know how some hackers passed away their time during the lockdown: By running Bitcoin-related hacks and potentially netting "nearly $3.78 billion" in 2020," according to a report from Atlas VPN. - Jan 2021

Recommendations:

Risk 4 - Accidental loss and natural disasters

Data on cryptocurrency lost due to accidents and natural disasters is hard to come by, but estimates indicate it is north of $10 Billion. Accidents - whether losing your hardware wallet, or leaving your paper seed phrases behind because you had to evacuate California wildfires and earthquakes, have contributed. Many believe that the biggest loss comes from simply forgetting PINs and passwords - something that can happen even if you take precautions.

Tens of billions worth of Bitcoin has been locked and effectively lost by people who lost or forgot their key. Of the existing 18.5 million Bitcoin, around 20 percent appears to be in lost or otherwise stranded wallets, according to the cryptocurrency data firm Chainalysis. - Jan 2021.

James Howells, a Welsh I.T. worker, began mining Bitcoin on a personal computer in 2009. By 2013 he had mined 7,500 Bitcoin which is worth about $270 million in Jan 2021. In 2013 he stopped mining and sold the computer he was using for parts on eBay. He kept the hard drive with the hope that Bitcoin would rise in value. In 2013 when cleaning his house he accidentally threw the drive away and it, along with the rest of his trash was taken to the local landfill in Newport, South Wales and buried. Asked how it ended up in landfill, he explained that it was "thrown out into a bin bag during a clear-out in a case of 'mistaken (hdd) identity' in summer 2013. There were two HDDs in the same drawer, the wrong one got binned? s*** happens."

The landfill reportedly contains about 350,000 tons of waste and 50,000 more tons are added every year. An article reported that "a council spokesperson said their offices have been "contacted in the past about the possibility of retrieving a piece of IT hardware said to contain bitcoins," but digging up, storing and treating the waste could cause a "huge environmental impact on the surrounding area."


Recommendations:

Risk 5 - Loss of Generational wealth

We usually don't think of death or incapacitation while contemplating how to enter the brave new world of crypto, yet the consequences of how crypto is secured means that to ensure the accessibility of funds by future generations, specific protective steps must be taken. This starts with talking to a trust and estate lawyer to draw up a will and a plan for how beneficiaries can access assets. This can be a convoluted process. As a result, companies like Vault12 have identified solutions to provide simple and easy-to-use solutions for digital inheritance.

There is a steady drumbeat of these stories happening with worrisome regularity:

In December 2018, Gerald Cotten, the founder of the bitcoin trading exchange QuadrigaCX, died (under somewhat mysterious circumstances) resulting in the loss of $250M and the exchange going bankrupt. Gerald was only 30 years old and had not created an inheritance plan, nor were instructions of how to access the centralized assets ever found.

In April 2018, Matthew Mellon, heir to Mellon family banking fortune and former chairman of the NY Republican Party finance committee, and cryptocurrency proponent, died. Prior to his death, he held an estimated $1B in Ripple (XRP) - all of this remains were inaccessible as he left no instructions, even though he protected the cryptocurrency via cold storage in multiple locations around the US in different people's names.

In 2017, an unidentified young crypto investor in Colorado died with a small fortune in cryptocurrency held in a coinbase account. The family, however, had no access to the account and eventually had to petition Coinbase directly. Eventually the assets were released after a lengthy process. If the account holder had not been a U.S. Citizen, this would have been a much more complicated process.

Recommendations:

What is a Seed Phrase or Recovery Phrase?

Why a seed phrase is so critical to protecting your crypto assets, and how it works with your crypto wallet.

A seed phrase is one of the most important concepts in cryptocurrency security. It can be alternatively referred to as a recovery phrase, backup code, or mnemonic phrase.

To fully understand this guide, you should first familiarize yourself with wallets and private keys to understand the basics of what seed phrases protect. Then you will see why seed phrases are so important to properly backing up your crypto assets.

Key Highlights on Seed Phrases or Recovery Phrases

Seed phrases are a series of words that are used for the backup and recovery of cryptocurrency wallets. They are defined by the BIP39 standard, which is implemented by most crypto wallets.

Here are some important facts about seed phrases or recovery phrases:

  • Your seed phrase can be used to restore your crypto wallet.
  • Your seed phrase must be backed up and kept secret.
  • Writing down your seed phrase on paper is not a very robust way to protect it.
  • An additive "passphrase" could add some security, but it could cause problems - it is an advanced feature with potential pitfalls.

What is a seed phrase?

In cryptocurrency wallets, the all-important private encryption key that secures crypto transactions is a long string of hexadecimal characters (a mix of letters A through F and numbers zero through nine) that is not possible to memorize, and is tricky to transcribe in any form. For example, "A5CD7462F..." could be just a small part of a 64-character private key. Instead of having to deal with such a long string of meaningless characters, the wallet seed phrase is made up of a much smaller set of words (often 12, 18, or 24) that can be used to generate your wallet's private key.

Crypto wallets handle these complicated transformations for us so that we humans can just deal with simple seed phrases rather than encryption keys.

This seed phrase can be used to back up and later regenerate your private key in case you ever need to restore your wallet. The order of the words is critical: if your seed phrase starts with the words "state, tiger, collect, license...," for instance, they must remain in exactly that order.

When creating a seed phrase, it's important to use a reliable form of random word generator rather than simply selecting words based on your preferences. A random number generator will ensure that your words are chosen more randomly than you could choose, making your seed phrase as secure as possible.

Where did the idea for seed phrases come from? Seed phrases are part of the BIP39 standard, which is an industry-accepted way to generate crypto wallet private keys from seed phrases. Because it is a standard, you can use your seed phrase with any BIP-39-compatable wallet manufacturer, rather than being "locked into" just one wallet.

How does a seed phrase protect your crypto assets?

A seed phrase is essentially a backup for your private key. Because your seed phrase is a secret that no one else knows, and it is so random that it is impossible to guess, losing your private key effectively means losing your crypto assets.

If you lose access to your crypto wallet, re-entering your exact seed phrase into a new BIP39 software wallet is the only way to get your cryptocurrency back. This is why it is so important to back up your seed phrase securely and privately.

Where can you get a seed phrase?

Hardware, software, and desktop wallets can generate a seed phrase for you, or there are methods that you can use to choose a series of random numbers that can be associated with the BIP39 dictionary. There are a variety of techniques you can employ, including using Vault12 Guard. Here is a comprehensive list of ways to generate a seed phrase.

How do you use a seed phrase and passphrases in your crypto wallet?

Most digital wallets will have a "Restore from Backup" option, which will ask you to type in your 12, 18, or 24-word seed phrase. As long as you have your seed phrase backed up, it is simple to restore your wallet: just enter the words in the correct order, and your assets will be recovered.

In addition to relying on your seed phrase to secure your wallet, you could also add an additional "passphrase" to your seed phrase. That way, if someone gains access to your seed phrase, your assets have another layer of protection. For wallets that support the addition of passphrases, like the Trezor hardware wallet, passphrases can be long strings and can even include spaces. However, forgetting this passphrase would also mean you lose access to your cryptocurrency forever, even if you have the seed phrase.

Given the added risk of loss, experts do not agree that the use of a passphrase is helpful, especially if you are confident in your method for securely storing your seed phrase. Most wallet vendors counsel that passphrases should only be used by advanced users. Additionally, not all wallets support passphrases in the same way, so not only do passphrases come with added risks of loss and error in transcription, but they can complicate wallet migration or restoral.

How should you back up your seed phrase?

The most common way to back up a seed phrase is to write it down on a piece of paper - which is not recommended. And while it's also possible to memorize the phrase, it is very risky to rely on memory for such an important piece of data. Each copy must be securely and thoughtfully protected ... do not retain "extra" or temporary copies of your seed phrase anywhere.

How can you restore your seed phrase from Vault12 Guard?

If you backed up your seed phrase in Vault12 Guard, Vault12 does not have access to it, but each of your selected Guardians uses Vault12 Guard to store just a piece of an encrypted form of it.

To gain access to your seed phrase backups, just follow simple steps to restore your Vault.

Vault12 offers much more guidance to help you properly back up your seed phrase and protect your crypto.

Voice-Level Security: A New Dimension of Digital Trust

Personal Voice Memos add a new layer of protection to your Digital Vault recovery requests

Expanding the ever-evolving landscape of digital security, Vault12 has enabled Voice-Level Security for the Vault12 Guard app. This innovative feature adds another mechanism to the ways that Vault12 Guard users can authenticate to each other. Now Vault Owners can use personal voice memos during Vault recovery requests. Voice memos can be used in multiple simple but powerful ways for better safety during recovery requests, adding a new layer of protection to your Digital Guardianship.


Simple Voice Authentication: Added Security for Vaults

Incorporating simple voice authentication as an additional security layer ensures that only the Vault Owner can initiate recovery requests. This method verifies identity through unique vocal characteristics.
Benefits:

  • Enhances security by including the Vault Owner's voice message for verification
  • Adds an extra layer of protection to recovery processes

The Canary Protocol: Your Early Warning System

The Canary Protocol acts as a subtle security measure, embedding a familiar verbal cue into your voice memos for recovery requests. An agreed-upon phrase, known only to you and your Guardian, serves as a covert password. Its absence suggests a compromised request, signalling an unauthorized recovery attempt.

How it Works:

  • Record a voice memo with a pre-agreed verbal cue
  • Use this cue in all recovery requests or safety checks
  • Guardians recognize the cue, ensuring the request's authenticity

Example:

A friendly greeting or inside joke could serve as the Canary, seamlessly integrated into your communication, adding a layer of fun and security.

Emergency Words: Discreet Alerts

Emergency words provide a discreet method to alert Guardians of potential threats. These phrases, understood only by the recipient, can signal a call for specific behavior (e.g., to avoid confirming recovery requests, or to implement an emergency plan).

Key Features:

  • Pre-agreed phrases that indicate distress
  • Only recognizable by trusted Guardians
  • Prevents unauthorized recovery confirmations, and may help signal for assistance

Example:

A subtle phrase within a memo can alert a Guardian to halt the recovery process, protecting you and your Vault contents.

The backbone for Voice-Level Security implementation

Voice memo data is transferred over the secure and decentralized messaging protocol Zax, developed by the Vault12 team as a foundation of the Vault12 Guardian app. This means that in the case of a private Zax relay, your communication and voice memos will be transferred only by your own private network.

Privacy and Ethical Considerations for Voice-Level Security

Vault12 is committed to maintaining the highest standards of privacy and user consent. All voice authentication data is:

  • Encrypted end-to-end
  • Stored exclusively on user devices
  • Never shared with third-party services
  • Fully under user control

Summary: Enhancing Security with Voice-Level Authentication

By treating your voice as a unique, dynamic authentication tool, Vault12 is creating a more intuitive, secure, and human-centric approach to safeguarding digital assets. Voice-Level Security, with its innovative use of voice memos and verbal cues, provides a robust, personalized security solution, ensuring your digital assets are protected with an additional layer of trust.

This additive security function complements the existing high-security measures of Vault12 Guard, such as end-to-end threshold encryption and decentralized messaging. By integrating voice authentication, Vault12 enhances the robustness of its security framework, providing users with personalization tools to ensure that only the legitimate Vault Owner will be able to recover assets from the Vault, thus protecting digital assets with an additional layer of confidence.

How to use Voice memos?

Have questions on how to use voice security? Proceed with our step-by-step help article:

Glossary

Common terms and definitions used when describing cryptocurrency, blockchain and security.


BIP32

BIP32 is a standard for hierarchical deterministic (HD) wallets for Bitcoin.

This means that it's a way to generate a hierarchical, tree-like account structure of private and public keys, starting from a single "seed" key (or master private key). The advantage of using an HD wallet is that it allows you to generate a large number of separate accounts within a single wallet, and it’s easier to backup and restore your wallet. There is an improved version of this proposal, BIP44, that supports keys for multiple cryptocurrencies.

BIP39

BIP39 is a standard for a mnemonic phrase (more widely known as “Seed phrase”) that is used to control a wallet.

This means that it's a way to represent a wallet’s private key as a set of 12 or 24 words. The advantage of using a mnemonic phrase representation of a cryptographical private key is that it's easy for people to read it and write it down, which makes it easier to backup and recover your wallet.

BIP44

BIP44 is a Bitcoin improvement Proposal that built on BIP32 by extending standards for multi-coin wallet management. Not only Bitcoin supported, but almost all other cryptocurrencies, like Ethereum, Dogecoin, etc.

Bitcoin

Bitcoin is a digital currency that allows people to send and receive payments securely over the internet. It is a public money protocol. It was created in 2009 by a person or group of people using the pseudonym "Satoshi Nakamoto". Unlike traditional currencies, which are issued by governments, Bitcoin is decentralized, which means that it is not controlled by any single entity. Instead, it is underpinned by a network of computers that work together to verify and record transactions on a public ledger called the blockchain. The supply of Bitcoin is limited, and the currency can be bought and sold on online exchanges. Many people are attracted to Bitcoin because of its potential for high returns on investment, as well as its independence from governments and central banks.

Bitcoin Address

A Bitcoin address is a unique string of characters that represents the destination of a Bitcoin payment. It is similar to an email address, but instead of being used to send and receive messages, a Bitcoin address is used to send and receive payments on the Bitcoin network. A Bitcoin address can be shared publicly, and anyone who knows the address can send payments to it. It is important to keep your Bitcoin address private and secure, as anyone who has access to your address can potentially steal your funds. Bitcoin addresses are typically generated by a wallet software and are composed of a string of letters and numbers. They typically begin with the number "1", or "3", or “bc1” (defined by BIP44, BIP49, and BIP84 accordingly).

Bitcoin Core

Bitcoin Core is a software program that allows users to send and receive Bitcoin payments. It is a full-featured Bitcoin software that forms the backbone of the network, and it is the most trusted and widely-used Bitcoin software in the world. Bitcoin Core includes a built-in wallet, which allows users to store and manage their Bitcoin, as well as a built-in miner that can be used to secure the network by verifying transactions. It is an open-source software, which means that anyone can view and contribute to the source code. Bitcoin Core is available for free, and it can be downloaded and installed on a computer running Windows, Mac OS, or Linux.

Bitcoin Improvement Proposal (BIP)

A Bitcoin Improvement Proposal (BIP) is a proposal for a change or an improvement to the Bitcoin network. It is a way for anyone who has an idea for how to improve Bitcoin to submit their proposal to the community for discussion and review. BIPs are typically submitted by Bitcoin developers, but anyone can submit a proposal. The process of reviewing and implementing BIPs is designed to be open and transparent, and it is overseen by a group of volunteers known as the Bitcoin Improvement Proposals Working Group (BIPs WG). BIPs can cover a wide range of topics, including changes to the Bitcoin protocol, new features for the software, and improvements to the user experience.

Advanced: Details of all BIPs can be viewed in the GitHub repository https://github.com/bitcoin/bips.

Bitcoin Script

Bitcoin Script is a programming language that is used to define the rules for transactions on the Bitcoin network. It is a simple, stack-based language that allows developers to write scripts that specify conditions for spending Bitcoin. For example, a script might specify that a certain number of signatures from a group of people are required in order to spend some Bitcoin (see “multisignature”), or that a payment can only be made if a certain condition is met. Bitcoin Script is used in the creation of smart contracts on the Bitcoin network, which are self-executing contracts with the terms of the agreement between buyer and seller being directly written into lines of code.

Cold Storage

Cold storage refers to the practice of storing Bitcoin or other cryptocurrencies in a way that is not connected directly to the internet. This is typically done for security reasons, as it reduces the risk of the cryptocurrencies being stolen by hackers. Cold storage can take many forms, such as storing the private keys for a cryptocurrency on a piece of paper or a hardware device that is not connected to the internet. Some people also use offline computers or "air-gapped" devices, which are not connected to the internet at all and are therefore considered more secure. Cold storage is typically used for long-term storage of cryptocurrencies, as opposed to hot wallets, which are connected to the internet and are used for more frequent transactions.

Cryptographic Signature

A cryptographic signature is a mathematical scheme that is used to verify the authenticity and integrity of a message or a piece of data. It is a way of signing a message with a digital key, which can be used to verify that the message was indeed sent by the person who claims to have sent it. Cryptographic signatures are an essential part of many cryptographic protocols, and they are used in a wide range of applications, including secure communication, digital signatures, and blockchain technology. To create a cryptographic signature, a sender uses a secret key to generate a unique "signature" for the message. The signature is then attached to the message, and it can be verified by anyone who has the corresponding public key. This allows recipients to verify that the message was indeed sent by the owner of the secret key, and that it has not been tampered with.

dApp

A dApp, or decentralized application, is a type of software application that runs on a decentralized network, such as a blockchain. Unlike traditional applications, which are typically hosted on a single server or a group of servers, dApps are distributed across a network of computers, which means that they are not controlled by any single entity, they are executed collectively. This makes them more resistant to censorship and tampering, and it allows them to operate in a decentralized and trustless manner. dApps can be built on top of various blockchain platforms, such as Ethereum, Polygon, and others, and they can be used for a wide range of purposes, including financial transactions, gaming, and social networking. Some popular examples of dApps include decentralized exchanges, prediction markets, and decentralized autonomous organizations (DAOs).

Decentralized Finance ("DeFi")

Decentralized finance, or "DeFi", refers to a new financial system that is built on top of blockchain technology. It is a way of providing financial services and products, such as loans, insurance, and investment opportunities, without the need for traditional intermediaries, such as banks and financial institutions. DeFi allows users to access these services directly, using smart contracts and other blockchain-based technologies. This allows for faster, cheaper, and more secure transactions, and it also enables new types of financial products and services that were not previously possible. DeFi has the potential to revolutionize the way that finance works, and it is attracting a growing number of users and investors who are attracted by its potential for high returns and its independence from traditional financial institutions.

Elliptic Curve Digital Signature Algorithm (ECDSA)

The Elliptic Curve Digital Signature Algorithm (ECDSA) is a type of digital signature algorithm that is used to sign and verify messages in a way that is secure and efficient. It is based on the mathematics of elliptic curves, which are curves that can be used to define a group of points that have certain mathematical properties. ECDSA is used in many cryptographic protocols, including the Bitcoin and Ethereum networks, and it is considered to be more secure and efficient than other digital signature algorithms. To create a digital signature with ECDSA, a sender uses their private key to generate a unique "signature" for the message. The signature is then attached to the message, and it can be verified by anyone who has the corresponding public key. This allows recipients to verify that the message was indeed sent by the owner of the private key, and that it has not been tampered with.

Encryption

Encryption is a way of converting information into a secret code that can only be read by someone who knows the "secret key" to decrypt it. It is a fundamental technique in cryptography, which is the science of keeping information secure. Encryption is used to protect sensitive information, such as credit card numbers, passwords, and military communications, from unauthorized access. It is also used to verify the authenticity of a message or a piece of data, by generating a unique "signature" that can be verified by anyone who has the corresponding key. Encryption is a key component of many security systems, and it is essential for protecting information in the digital age.

Encryption Keys

Encryption keys are a crucial part of encryption, which is the process of converting information into a secret code. An encryption key is a piece of information that is used to encrypt and decrypt a message or a piece of data. It is a secret code that is used to scramble the original information in a way that can only be undone by someone who knows the key. Encryption keys are a fundamental concept in cryptography, and they are used in many different encryption algorithms. There are two main types of encryption keys: public keys and private keys. Public keys are used to encrypt a message, and they can be shared publicly. Private keys are used to decrypt a message, and they are kept secret by the owner.

Ethereum

Ethereum is an open-source, decentralized platform that runs smart contracts: applications that run exactly as programmed without any possibility of downtime, censorship, fraud or third-party interference. These apps run on a custom built blockchain, an enormously powerful shared global infrastructure that can move value around and represent the ownership of property. This enables developers to create markets, store registries of debts or promises, move funds in accordance with instructions given long in the past (like a will or a futures contract) and many other things that have not been invented yet, all without a middleman or counterparty risk. The project was bootstrapped via an ether presale in August 2014 by fans all around the world. It is developed by the Ethereum Foundation, a Swiss non-profit, with contributions from great minds across the globe.

Ethereum Request for Comment (ERC)

An Ethereum Request for Comment (ERC) is a proposal for a new feature, improvement, or standard for the Ethereum blockchain (like BIP for Bitcoin). It is a way for anyone who has an idea for how to improve Ethereum to submit their proposal to the community for discussion and review. ERCs are typically submitted by Ethereum developers, but anyone can submit a proposal. The process of reviewing and implementing ERCs is designed to be open and transparent, and it is overseen by a group of volunteers known as the Ethereum Improvement Proposals Working Group (EIP WG). ERCs can cover a wide range of topics, including changes to the Ethereum protocol, new features for the software, and improvements to the user experience. You can find ERCs here: https://eips.ethereum.org/erc.

ERC-20 token

An ERC-20 token is a type of digital asset that is built on the Ethereum blockchain. It is a standardized way of creating and issuing tokens, which are digital assets that can be traded on the Ethereum network. ERC-20 tokens follow a specific set of rules, which makes it easy for developers to create and manage them, and for exchanges to support them. This has led to the widespread adoption of ERC-20 tokens, and there are now thousands of different tokens that follow the ERC-20 standard. ERC-20 tokens are commonly used to raise funds through initial coin offerings (ICOs), and they are also used to represent assets, such as digital collectibles and game items. The ERC-20 standard may be found here: https://ethereum.org/en/developers/docs/standards/tokens/erc-20/.

ERC-721 token

An ERC-721 token is a type of digital asset that is built on the Ethereum blockchain. It is a standardized way of creating and issuing non-fungible tokens, which are digital assets that are unique and cannot be replicated. Unlike ERC-20 tokens, which are interchangeable and divisible, ERC-721 tokens are each unique and have their own distinct characteristics. ERC-721 tokens are commonly used to represent unique assets, such as digital collectibles, art, and game items. They are also used to create decentralized marketplaces, where users can buy and sell unique assets. ERC-721 tokens were first introduced in 2017, and they have gained popularity due to their ability to represent a wide range of unique digital assets. The ERC-721 standard may be found here: https://ethereum.org/en/developers/docs/standards/tokens/erc-721/.

Hardware Wallet

A hardware wallet is a physical device that is used to store cryptocurrencies, such as Bitcoin and Ethereum. It is a type of cold storage, which means that it is not connected to the internet and is therefore considered to be more secure than online wallets. A hardware wallet stores the private keys for a cryptocurrency offline, in a secure environment that is protected by a PIN code and other security measures. This makes it difficult for hackers to steal the keys and access the funds. Hardware wallets are portable and easy to use, and they are considered to be one of the most secure ways to store cryptocurrencies. Some popular hardware wallets include the Ledger Nano and the Trezor.

Hash & Hash Functions

A hash is a fixed-size string of characters that is created by applying a mathematical algorithm, known as a hash function, to a piece of data. The result of this process is a unique "fingerprint" for the data, which can be used to verify its integrity and authenticity. A hash function is a mathematical algorithm that is designed to take any input of data, of any size, and produce a fixed-size output, known as a hash. The same input will always produce the same output, and even a small change to the input will produce a completely different output. This makes hash functions useful for verifying the integrity of data, as any changes to the data will be immediately detectable by comparing the original and the new hash. Hash functions are used in many different applications, including blockchain technology and password security.

Hierarchical Deterministic Wallet

A hierarchical deterministic wallet, or HD wallet, is a type of cryptocurrency wallet that uses a system of keys to generate a large number of private and public keys from a single seed key. This is known as deterministic key generation, and it allows the wallet to be easily backed up and restored. An HD wallet also has a hierarchical structure, which means that the keys are organized into different levels or "chains" of keys. This allows the wallet to support multiple accounts and addresses, and it makes it easier to manage and organize the keys. HD wallets are commonly used for Bitcoin and other cryptocurrencies, and they are considered to be more secure and user-friendly than non-deterministic wallets. It is an industry standard described in BIP32 and BIP44.

Hot and Cold Wallets

Hot and cold wallets are two different types of cryptocurrency wallets, which are used to store and manage digital assets, such as Bitcoin and Ethereum. A hot wallet is a wallet that is connected to the internet, and it is used for more frequent transactions. A cold wallet, on the other hand, is a wallet that is not connected to the internet, and it is used for long-term storage of cryptocurrencies. Cold wallets are considered to be more secure than hot wallets, as they are less vulnerable to hacking and other online threats. Hot wallets are more convenient to use, but they are also more susceptible to security risks. Most people use a combination of hot and cold wallets, depending on their needs and the amount of cryptocurrency that they are holding.

Lightning Network

The Lightning Network is a layer 2 payment protocol that is built on top of the Bitcoin blockchain. It is a way of enabling fast and cheap transactions on the Bitcoin network, by using a network of payment channels that are off-chain, or outside of the main blockchain. The Lightning Network allows users to open a payment channel with one or more other users, and to make unlimited transactions between them without having to broadcast each transaction to the blockchain. This allows for faster and cheaper transactions, as the fees and the confirmation times are much lower than on the main blockchain. The Lightning Network also has the potential to enable new types of applications and use cases for Bitcoin, such as instant micropayments and cross-chain atomic swaps.

Merkle Tree (aka Hash Tree)

A Merkle tree, also known as a hash tree, is a type of data structure that is used in cryptography and blockchain technology. It is a tree-like data structure that allows for the efficient and secure verification of large amounts of data. A Merkle tree is constructed by taking a group of data items and calculating the hash, or the "fingerprint", of each item. These hashes are then grouped together to form new hashes, and this process is repeated until there is only one hash left, known as the root hash. This root hash serves as a unique "fingerprint" for the entire data set, and it can be used to verify the integrity of the data. Merkle trees are used in many different applications, including blockchain technology and file integrity verification.

Miniscript

Miniscript is a high-level programming language that is used to write Bitcoin smart contracts. It is a simplified version of the Bitcoin Script language, which is the native programming language of the Bitcoin network. Miniscript allows developers to write smart contracts in a more readable and easier-to-understand format, which makes it easier to reason about the behavior of the contracts. Miniscript also includes a number of features, such as type checking and static analysis, that make it easier to write correct and secure smart contracts. The use of Miniscript has grown in popularity in recent years, and it is now supported by many different Bitcoin wallets and other tools.

(MPC) Multi Party Computation

Multi-party computation, or MPC, is a type of cryptographic protocol that allows a group of parties to compute a function on their inputs, without revealing their inputs to each other. This allows the parties to securely compute a function on sensitive data, without revealing the data itself. MPC protocols are used in many different applications, including secure communication, privacy-preserving machine learning, and secure multiparty computation of smart contracts or a transaction signature. MPC protocols typically involve a mix of cryptographic techniques, such as secret sharing and zero-knowledge proofs, to enable secure computation without revealing the inputs to the other parties. MPC has the potential to revolutionize the way that sensitive information is processed and used, by enabling secure computation on sensitive data without revealing it to the parties involved.

Multi-Signature (aka Multisig)

Multi-signature, or multisig, is a type of digital signature scheme that allows more than one person to sign a document or a transaction. It is a way of creating a joint account or a shared wallet, where multiple people must sign a transaction before it can be broadcast to the network. Multi-signature is commonly used in cryptocurrency and blockchain applications, where it is used to create a shared wallet that requires the signatures of multiple people before a transaction can be executed. This can provide an added layer of security and accountability, as it ensures that multiple people must agree before a transaction can be made. It is also used to create joint accounts, where multiple people can spend from the same account, but where a certain number of signatures are required before a transaction can be executed.

National Institute of Standards and Technology (NIST)

The National Institute of Standards and Technology (NIST) is an agency of the U.S. Department of Commerce that is responsible for promoting innovation and industrial competitiveness. NIST conducts research and develops technology, standards, and guidelines in a wide range of areas, including information technology, manufacturing, and biotechnology. NIST is also a leading authority on cryptography and cybersecurity, and it develops and publishes standards and guidelines for the use of cryptography in government and industry. Some of NIST's most well-known publications include the Digital Signature Standard (DSS) and the Cryptographic Algorithm Validation Program (CAVP), which are widely used in the development of cryptographic systems.

Non-Fungible Token (NFT)

A non-fungible token, or NFT, is a type of digital asset that is unique and cannot be replicated. It is a way of representing a unique item, such as a digital collectible, a virtual property, or a piece of art, on the blockchain. Unlike other cryptocurrencies, such as Bitcoin and Ethereum, which are interchangeable and divisible, NFTs are each unique and have their own distinct characteristics. This makes them suitable for representing items that are unique and cannot be replicated, such as digital art or virtual real estate. NFTs are commonly created on blockchain platforms, such as Ethereum, and they are often used to create and manage decentralized marketplaces for unique digital assets. For more information, see Vault12's article about NFTs.

Output Descriptors

An output descriptor is a type of notation that is used to describe the conditions under which a cryptocurrency output can be spent. It is a way of specifying the rules and requirements that must be met in order to spend a particular output, such as the amount of the output, the type of script that is used, and the type of key that is required. Output descriptors are commonly used in Bitcoin and other cryptocurrencies, and they are supported by many different wallet software and other tools. Output descriptors are a useful way of representing the rules and conditions that apply to a particular output, and they can be used to automate the process of generating and signing transactions.

Partially Signed Bitcoin Transaction (PSBT)

A partially signed Bitcoin transaction, or PSBT, is a type of Bitcoin transaction that is only partially signed. It is a way of representing a Bitcoin transaction that is in the process of being signed by multiple parties. A PSBT contains all of the information that is needed to complete the transaction, such as the inputs and outputs, the scripts and other conditions that must be satisfied, and the signatures of some, but not all, of the parties involved. A PSBT is typically created by a wallet software, and it is then sent to one or more other parties for signing. Once all of the required signatures have been added, the PSBT can be finalized and broadcast to the Bitcoin network.

Passphrase (for Seed phrase)

The passphrase is an optional extension to the BIP39 Seed phrase standard, sometimes referred to as an "extra word" (although it does not need to take the form of a single word) and it can be used as an additive authentication feature beyond the standard 12-24-word seed phrase. Some wallets call this passphrase a mnemonic seed extension or 13th/25th word. If used, the passphrase should be securely backed up and stored, because like your seed phrase, if you forget or lose it, you will lose access to your cryptocurrency.

WARNING: Losing your passphrase would have the same effect as losing your seed, resulting in losing access to your crypto!

Seed phrase

A seed phrase, or seed recovery phrase, is a sequence of words that is used as a backup for a cryptocurrency wallet. It is a way of recovering access to a wallet in the event that the wallet's private keys are lost or stolen. It is defined by the BIP39 standard. A seed phrase is typically a series of 12-24 words, and it is generated by the wallet software when the wallet is first created. The seed phrase can be used to recreate the private keys for the wallet, which allows the user to access their funds. Seed phrases are a critical part of a wallet's security, and it is important to keep them safe and secure.

Private Key

Broadly, a private key is a secret piece of data that is used in cryptography, such as in the creation of digital signatures and encryption. It is a string of characters that is used to encrypt and decrypt messages and to prove the ownership of a particular piece of data, such as a cryptocurrency wallet. A private key is typically generated by a wallet or vault software, and it is kept secret by the owner. There are a variety of private key types that exist in cryptocurrency language: master private key - usually called “seed phrase”, and derived (from master) private keys that control only specific accounts within a wallet (see BIP32, BIP44 for details on differences). A private key is also mathematically related to the public key, which is a publicly-known value that can be used to verify the digital signatures that are created using the private key.

Random Number Generation (RNG)

Random number generation, or RNG, is the process of generating a unique sequence of numbers or symbols that are unpredictable and do not follow any pattern. Its aim is to achieve uniqueness. It is a fundamental concept in cryptography and security, as random numbers are used in many different applications, including encryption, password generation, and digital signatures. RNG algorithms are designed to produce numbers that are statistically random, which means that they are not biased or predictable, and thus guaranteed to be unique. This makes them suitable for use in cryptographic systems, where random numbers are used to create unique private keys, nonces, and other values that are essential for security. RNG algorithms are typically implemented in software, hardware, or a combination of both, and they are used in many different applications, including gaming, simulation, and cryptography.

Schnorr Signatures

Schnorr signatures are a modern type of digital signature scheme that is used in cryptography and blockchain technology. They are a way of creating a digital signature that is more efficient, secure, and flexible than other signature schemes. Schnorr signatures are based on a mathematical problem known as the Schnorr discrete logarithm problem, which is believed to be hard to solve. This makes them suitable for use in cryptographic systems, where they can be used to create digital signatures that are difficult to forge. Schnorr signatures have been proposed as an upgrade to the existing digital signature scheme used in Bitcoin, and they are also used in other cryptocurrencies and blockchain applications. Schnorr signatures provide the ability to merge multiple transactions, extending Bitcoin's capabilities and efficiency.

Segregated Witness (aka SegWit)

Segregated Witness, or SegWit, is a Bitcoin improvement proposal (BIP) that was created to address some of the scalability and performance issues of the Bitcoin network. It is a way of modifying the structure of Bitcoin transactions to allow for more efficient and secure processing. SegWit was activated on the Bitcoin network in August 2017, and it has since been adopted by many different wallets and other Bitcoin applications. SegWit changes the way that data is stored in a Bitcoin transaction, by separating the signature data from the rest of the transaction data. This allows for more efficient and secure processing of transactions, and it also enables new features, such as the Lightning Network and transaction malleability fix. SegWit is considered to be an important step forward for the Bitcoin network, as it increases the capacity and the efficiency of the network. Segwit Bitcoin addresses begin with 3 or bc1 and are recommended to use, refer to BIP49 and BIP48 standards to learn more.

Shamir's Secret Sharing / Key Split

Shamir's Secret Sharing, also known as key splitting, is a method of dividing a secret, such as a password or a private key, into multiple shares. The secret can then be reconstructed by combining a certain number of shares, known as the threshold. This allows for secure sharing of a secret among a group of people, as each person only has access to one share of the secret, and the secret cannot be reconstructed without the required number of shares. Shamir's Secret Sharing is named after its inventor, Adi Shamir, and it is a widely-used method for secure sharing of secrets. It is commonly used in cryptography, blockchain technology, and other applications where secure sharing of sensitive information is needed.

Sharding

Sharding is a method of splitting a large database or a network into smaller, more manageable units, known as shards. It is a way of distributing data and workloads across multiple shards, in order to improve the performance, scalability, and security of the system. Sharding is commonly used in database management and distributed systems, where it allows for more efficient and secure storage and processing of data. In a sharded system, each shard is a self-contained unit that contains a subset of the data and the functionality of the overall system. This allows for parallel and distributed processing of the data, which can improve the performance and the scalability of the system. Sharding is also used in blockchain technology, where it is used to improve the scalability and the security of distributed ledger systems.

Signature Aggregation

Signature aggregation is a method of combining multiple digital signatures into a single signature. It is a way of reducing the size and the cost of digital signature schemes, by allowing multiple parties to sign a message or a transaction using a single signature. Signature aggregation is commonly used in cryptography and blockchain technology, where it is used to improve the efficiency and the security of digital signature schemes. In signature aggregation, multiple parties can create their own signatures on a message or a transaction, and then the signatures can be combined into a single signature using a mathematical operation. This allows for more efficient and secure processing of transactions, as the size and the cost of the signature is reduced. Signature aggregation is an important research area in cryptography and blockchain technology, and it has many potential applications.

Smart Contract

A smart contract is a self-executing contract with the terms of the agreement between buyer and seller being directly written into lines of code. The code and the agreements contained therein exist across a distributed, decentralized blockchain network. Smart contracts allow for the automation of digital relationships, enabling the performance of credible transactions without third parties. These transactions are trackable and irreversible. Smart contracts were first proposed by Nick Szabo in 1994. The goal of smart contracts is to provide security that is superior to traditional contract law and to reduce other transaction costs associated with contracting.

Spending Policy

A spending policy is a set of rules and conditions that determine how a cryptocurrency wallet can be used to make transactions. It is a way of specifying the conditions under which a wallet can be used to spend funds, and it can be used to enforce certain constraints and requirements on the use of the wallet. Spending policies are commonly used in multisignature wallets, where they are used to specify the number of signatures that are required to spend funds, or to specify the types of transactions that are allowed. Spending policies are also used in other decentralized applications, such as in the management of funds for smart contracts, e.g. DAO treasuries, and in the creation of trustless escrow services.

TapRoot and TapScript

TapRoot and TapScript are the activated upgrades to the Bitcoin protocol that aim to improve the privacy, efficiency, and scalability of the network. TapRoot is a proposed change to the structure of Bitcoin transactions, which allows more efficient and secure processing of transactions. It would enable new features, such as script versioning and multisignature aggregation, which would make it possible to create more complex and flexible transactions. TapScript is a proposed extension to the Bitcoin Script language, which allows creation of more powerful and expressive scripts. These changes enabled new use cases for Bitcoin, such as smart contracts and confidential transactions, and they improve the overall performance and security of the network. The current status of Taproot implementation can be tracked at https://taprootactivation.com/.

Threshold Signature Schemes (TSS)

Threshold signature schemes are types of multi-party computation (MPC) that support the combination of partial signatures to produce a complete threshold signature that satisfies "k of n" approval threshold rules, and even more-complex spending policy rules.

A well-known form of threshold signature schemes is Multisig transactions, which achieve a prescribed level of approvers in order for a spend transaction to be approved.

Two-Factor Authentication (2FA), Multi-factor authentication

Two-factor authentication, or 2FA, is a type of authentication that requires two different factors in order to verify the identity of a user. It is a security measure that is designed to provide an additional layer of protection against unauthorized access to accounts and systems. Two-factor authentication setup might consist of three possible factors: something they know (such as a password), something they have (such as a security token or a smartphone), and something they are (such as a biometric characteristic, such as a fingerprint or a face scan). This makes it more difficult for an attacker to gain access to an account, as they would need to possess multiple factors in order to authenticate. Two-factor authentication is commonly used in online services, such as email and social media, and banking. Multi-factor authentication is a similar concept, but it refers to the use of three or more factors in the authentication process.

An example of a popular application that can generate single-use codes to prove identification of a user/device is Authy.

Unspent Transaction Output (UTXO)

An unspent transaction output, or UTXO, is a type of record that is used in Bitcoin and other cryptocurrencies to track the ownership and the availability of funds. It is a way of representing the output of a transaction, and it is used to determine whether a particular output can be spent in a future transaction. UTXOs are a fundamental concept in Bitcoin and other cryptocurrencies, as they are used to track the flow of funds on the blockchain. UTXOs are created when a transaction is broadcast to the network, and they are consumed when they are used as inputs in a subsequent transaction. UTXOs are stored in a database, known as the UTXO set, which is maintained by the nodes on the network. The UTXO set is used to validate transactions, and it is an essential part of the Bitcoin protocol.

Wallet

A wallet is a software program or a hardware device that is used to store, manage, and transact with digital currencies, such as Bitcoin and Ethereum. It is a way of keeping track of the user's funds, and it allows for the creation and the signing of transactions. Wallets typically consist of a private key, which is a secret piece of data that is used to sign transactions, and a public key, which is a publicly-known value that is used to verify the signatures. Wallets can be managed by the user, or they can be managed by a third-party service, such as an exchange or a custodial provider. Different types of wallets have different features and trade-offs, and they are suitable for different purposes. Some common types of wallets include software wallets, hardware wallets, and paper wallets. For more details, see the Vault12 article about cryptocurrency wallets.

Wallet Address

A wallet address is a unique identifier for a cryptocurrency wallet. It is a string of characters that is used to receive and send funds, and it is similar to a bank account number or an email address. A wallet address is generated by the wallet software, and it is typically a long and complex string of characters that is derived from the wallet's public key. A wallet address can be shared with others, and it can be used to receive funds from other wallets. Different cryptocurrencies have different formats for wallet addresses, and they may use different algorithms to generate the addresses. Wallet addresses are an essential part of the cryptocurrency ecosystem, and they are used to track the flow of funds on the blockchain.

Zero-Knowledge Proof (ZKP)

A zero-knowledge proof, or ZKP, is a method of proving the knowledge of a secret without revealing the secret itself. It is a way of demonstrating that a person knows a certain piece of information, without revealing what that information is. Zero-knowledge proofs are a fundamental concept in cryptography and blockchain technology, and they are used to enable private and secure interactions between parties. In a zero-knowledge proof, a person, known as the prover, can prove to another person, known as the verifier, that they know a certain secret, without revealing the secret itself. This is done using a mathematical protocol that allows the prover to convince the verifier that they know the secret, without revealing any information about the secret. Zero-knowledge proofs are an active area of research in cryptography and blockchain technology, and they have many potential applications.

How To Back Up Your Crypto Wallet

Backing Up Your Crypto Wallet With Vault12 Guard Preserves Your Personal Crypto Security

Crypto can be difficult to store securely, but backing up your crypto wallet is essential so you can recover funds if your crypto wallet is ever lost, stolen, or damaged. A proper crypto wallet backup is also important for inheritance purposes so your assets live on, even after you die.

Why should you back up your crypto wallet?

Proper crypto wallet backups protect you from threats ranging from criminal actors and accidents to natural disasters and damage. Once securely backed up, you can recover your assets in times of need.

A proper backup of your crypto wallet involves recording:

  • Each crypto wallet asset
  • Seed phrases and passphrases
  • Any supporting files for your assets

All crypto backup solutions should be physically secure, digitally secure, and resilient to degradation – but unfortunately, not all of them are.

What are some limitations of common crypto backup methods?

These are some common backup methods, but each has drawbacks:

  1. Back up to metal plates - This method sounds simple, but to do it right takes some planning, cost, and time.
  2. Back up to a local drive - This method is quick, but fraught with risks!
  3. Back up to the Cloud - This method is also quick, but it has significant risks related to the involvement of third parties.
  4. Back up to “brain wallet” - This method is slow, unreliable, and only justifiable in cases of extreme limitation or duress.
  5. Back up to paper - This method is extremely vulnerable and surprisingly subject to error.

How does Vault12 back up your crypto wallet?

The video demo below shows you how Vault12 Guard is used to back up a crypto wallet, making sure your assets live on, even after you pass:

YouTube

Vault12 Guard crypto backup is decentralized, resilient, and secure.

Vault12 Guard allows you to breathe easy, as it avoids the pitfalls of other backup methods:

  • Guard's backups are decentralized. There is no single point of failure, allowing you to recover even if your phone is lost or stolen.
  • Guard does not rely on Cloud servers. Your assets remain private from third parties and resilient to Cloud outages.
  • Guard implements post-quantum encryption - giving your assets the highest possible level of security.

Vault12 Guard is the most advanced yet simple crypto backup solution

Not only is Vault12 Guard secure and resilient, but it is also simple to use. It allows you to back up all types of wallets, as well as NFT-related files, to construct a full inventory of your crypto assets. This includes multi-wallet management, which Vault12 simplifies with an integrated backup and inheritance solution. When you need to restore your Vault, Vault12 makes the process easy by requesting access from your most-trusted Guardians.

Of all your choices for backing up a crypto wallet, Vault12 Guard uniquely backs up your crypto wallets in a manner that is physically secure, digitally secure, and passes the test of time.

View all articles

Inheritance Management

Managing digital assets like cryptocurrencies can be complex, especially when it comes to inheritance.

View all articles

$6 Trillion of Crypto Assets to Be Inherited by 2045

How will you manage your crypto inheritance?

Over the next two decades, up to $6 trillion in crypto could be inherited, as younger investors favor digital assets over traditional stocks and bonds. Learn how this shift is reshaping wealth transfer and the future of investing

Unprecedented Asset Transfer via Inheritance by 2045

A recent report, the 2024 Bank of America Private Bank Study on Wealthy Americans, reveals key trends related to inheritance, and particularly how younger generations view the future of wealth, including crypto and estate planning.

An astounding $84 trillion of wealth transfer is projected over the next 20 years from current generations to Gen X, Millenials and Gen Z. Renowned expert Matthew Sigil, head of digital assets research at Van Eck (a prominent issuer of Bitcoin ETFs) has estimated that of this amount, $6T in crypto assets will be passed on via inheritance.

This transfer will be successful only if care and attention are paid to crypto inheritance planning and management, and if the right approaches are in place to support the technical transfer of these funds. Crypto assets are technically different in a number of ways to traditional assets, so inheritance needs to be carefully choreographed between asset owners, Trust and Estate Lawyers, and intended crypto beneficiaries.

Despite the fact that important steps must be taken for the safe, secure, and private transfer of crypto assets, none of the participants in the crypto ecosystem have offered inheritance plans or services. The pioneer of crypto inheritance management since 2015 has been Vault12.

Vault12 has built and continues to innovate a comprehensive solution that is easy to use for non-technical participants, yet incorporates a highly secure architecture and technology that is designed to preserve your crypto wealth and ensure successful transfer to your heirs. Learn more at vault12.com.

The Bank of America Private Bank Study

This report by Bank of America Private Bank analyzes financial outlooks, investing habits, and estate planning practices of wealthy Americans. The study reveals a generational divide, with younger wealthy individuals exhibiting different investment preferences than older generations. Younger individuals tend to be more skeptical of traditional investment strategies, and favor alternatives like cryptocurrencies and private equity. The study highlights the challenges facing wealthy families as they navigate wealth transfer, including the emotional strain of inheritance and the increasing burden of serving as trustee or executor.

Takeaways

  • Great Wealth Transfer: Approximately $84 trillion is projected to transfer from seniors and baby boomers to Gen X, millennials, and their heirs by 2045.
  • Crypto Inheritance Surge:Matthew Sigel of VanEck Investments estimates that up to $6 trillion could enter the crypto market through inheritance in the next 20 years.
  • Investment Shifts: Millennials and Gen Xers will inherit $84 trillion, with a growing proportion of cryptocurrencies.
  • Young Investor Participation: To reach the $6 trillion estimate, young investors (ages 21-43) need to allocate 14% of their inherited wealth to crypto: about $300 billion annually.
  • Broader Investment Preferences: Many young investors view traditional stocks and bonds as insufficient for superior returns, preferring high-growth assets like cryptocurrencies.
  • Risk Appetite by Generation: Younger investors show a higher risk tolerance, with significant crypto allocations (14%-17%) compared to older investors, who remain conservative.
  • Crypto Exposure: Younger investors hold the highest average exposure to crypto, highlighting a shift in how the next generation approaches digital assets.

Sources:
2024 Bank of America Private Bank Study of Wealthy Americans

VanEck: $6 Trillion Could Pour Into Bitcoin, XRP and Crypto via Inheritances Over 20 Years

Crypto and Digital Asset Allocations

Younger generations ranked Real estate (31%), Crypto/digital assets (28%), Private Equity (26%), Personal company/brand (24%), Direct corporate investment (22%), Companies focused on positive impact (21%), and bonds (17%) ahead of US stocks (14%) as the greatest opportunity for growth.Older generations (age 44+) ranked US stocks as the best growth opportunity (41%), followed by Real estate (32%), Emerging market equities (25%), International equities (18%), Private Equity (15%), Direct corporate investment (15%), Bonds (12%) and Crypto/digital assets (4%).

Bank of America 2024 Private Bank Study on Wealthy Americans

Crypto, Inheritance, and Wealth Management in Younger Generations

The 2024 Bank of America Private Bank Study on Wealthy Americans focuses on several key trends related to inheritance, particularly how younger generations view the future of wealth, including crypto and estate planning.

1. Crypto and Digital Assets

Younger generations (ages 21-42) are more inclined to see digital assets like cryptocurrency as a key growth opportunity. Around 28% of younger respondents ranked crypto as a promising investment vehicle, significantly higher than older generations, where only 4% expressed the same confidence. This highlights the generational shift towards embracing newer financial instruments like blockchain and decentralized finance.

2. Inheritance and Estate Planning

Interpersonal family dynamics can create tension during wealth transfers. For both younger and older wealthy individuals, unequal distribution of assets and a lack of clear instructions or communication were common sources of strain. Younger generations are more focused on including hard assets like jewelry and heirlooms — which are frequently overlooked in formal planning — in their estate plans.

3. Generational Differences in Wealth Management

Younger heirs are more likely to pursue alternative investment strategies, such as private equity and digital tools, reflecting their broader interest in controlling their wealth. These individuals also prioritize sustainability and impact investing as part of their inheritance planning, distinguishing their approach from older generations.

These insights demonstrate the ongoing generational divide in attitudes toward wealth management and the evolving role of digital assets in estate planning.

Inheritance and Estate Planning "Strain Points"

Reasons for strain. 41% of younger, 65% of older and 59% of total respondents say the reason for strain is interpersonal family dynamics. 29% of younger, 41% of older and 38% of total respondents say it's the unequal distribution of assets. 36% of younger, 20% of older and 25% of total respondents say it's a lack of clear instructions and documentation. 32% of younger, 22% of older and 24% of total respondents say it's a lack of communication. 33% of younger, 12% of older and 18% of total respondents say it's a lack of trust/transparency in the executor/trustee.

Factors driving strain on inheritance-related issues

Bank of America 2024 Private Bank Study

What you need to know about Crypto Inheritance Planning

Unlike traditional assets, crypto assets need to be managed differently from an inheritance standpoint. In fact, the only similarity between traditional and digital assets is that you must maintain an update inventory of them. The main challenges associated with crypto inheritance are:

  1. Inventory of crypto assets: You must carefully maintain an inventory of crypto assets. This means backing up seed phrases and/or private keys of all crypto wallets, across all blockchains, and all types of devices or places where those wallets exist, e.g., mobile phones, hardware wallets, cloud, and paper backups. Any assets that are not documented in your backup are liable to be lost.
  2. Privacy of all information:You must ensure absolute privacy of the backup information. Anyone with access to private keys or seed phrases will be able to compromise the funds. This includes ensuring that any documentation left with your lawyers is strongly protected.
  3. Critical Points of Failure: You must eliminate personal devices and cloud services as critical points of failure. The most significant risk in inheritance is reliance on individual devices, which can be stolen, lost, or damaged. The second risk is the dependency on one or more cloud servers. We have seen what happens when business relationships between cloud partners face legal challenges, or cloud services are disrupted by malware or bad software updates.
  4. Technical Beneficiary awareness: As the varieties of crypto assets expand over time, staying aware of them becomes important. You will need to designate someone technically fluent in this area. They may not be the ultimate beneficiary; however, you will need to trust them to distribute the assets per your wishes.
  5. Trust & Estate Attorney: You must consult with experienced lawyers who are well versed in inheritance of crypto assets. A great resource is "A Practical Guide to Estate Administration and Crypto Assets" by Richard Marshall from Hill Dickinson LLP.

Why Choose Vault12 Guard for Crypto Inheritance Management?


Vault12 is the pioneer of crypto inheritance management, and Vault12 Guard is the first solution to offer a simple, direct, and secure way for all types of investors to ensure that all of their crypto assets can be accessed by future generations.

Consider that:

  • Traditional approaches to the inheritance of assets, when applied to digital assets, create complexity and risk.
  • Your portfolio of digital assets is continually changing — you cannot rely on doing an inventory once, or for that matter continuously, without assistance.
  • A simple and direct approach like Vault12 Guard reduces the uncertainty around assets not being available to the designated recipient. It also avoids having to approach and petition each service individually during probate to gain access.
Vault12 Guard offers you:
  1. Inventory of crypto assets: The first step in inheritance is backing up all your crypto wallets. Vault12 makes this as easy as possible - despite the appalling lack of usability in current hardware and software wallets. There will always be new crypto assets on new blockchains, and Vault12 can manage any crypto asset on any device, on any blockchain, now and in the future.
  2. Privacy of all information:Your crypto assets are protected via a Secure Element (Secure Enclave in iOS, and Strongbox on Google Android phones), and the encryption used is Quantum-safe. With this security, no one knows what assets are part of your Vault.
  3. No Critical Points of Failure: No assets are stored locally, no assets are stored in any cloud, and no assets are stored at Vault12. There are no devices to lose, no paper backups, and no need to manually give encrypted assets to a subset of people. The Vault12 system is decentralized, making it a difficult target for hackers — and in fact for any type of failure.
  4. Confidence in a Technical Beneficiary: With Vault12 you get to designate a trusted technical beneficiary. Should you change your mind, you can swap them out at any time.
  5. Flexibility in Trust & Estate Attorney: While regulations and guidelines for inheritance planning can vary from state to state and country to country, Vault12 Guard is designed to be independent of whatever legal framework you choose to govern the inheritance of your assets. Vault12 Guard is simply a transfer mechanism that ensures all your crypto assets are passed from your control to a designated technical beneficiary.

Key Product Features of Vault12 Guard

The Vault12 platform provides your crypto assets with the highest security and strong backup resilience. Vault12 Guard Inheritance enables you to designate a beneficiary (an executor, trustee, or other chosen beneficiary) who can inherit the entire portfolio of digital assets that you choose to store in your Vault. There is no need to update an inventory continually or to issue updated instructions.

  • Unified Digital Vault: Use Vault12 Guard Digital Vault to store digital assets, including cryptocurrency, financial login information, legal documents, medical records, and more.
  • Guardian Network: The Vault is protected by your network of Guardians: friends, family, and/or business associates — people that you know and trust.
  • Beneficiary Designation: Designate a beneficiary from your chosen Guardians. A declaration is then digitally signed, and can be emailed to other parties, such as lawyers.
  • Trigger-Based Access: As a Vault Owner, you can configure a legally-defined trigger such as incapacitation or death. When the trigger occurs, the beneficiary indicates they are ready to access the digital assets. Assets are unlocked and transferred to the beneficiary only when a designated number of Guardians approve the request.
  • Preemptive Veto Option: Should the beneficiary attempt to access the assets before they are intended to, the owner can veto the request before any of the Guardians receive an approval request.
To learn more about Vault12, please visit vault12.com.

.

2024 Bank of America Private Bank Study, focusing on inheritance trends and the role of digital assets. They symbolize generational wealth transfer, incorporating elements like cryptocurrency and estate planning.

How Vault12 Guard Helps You Manage Your Crypto Inheritance

Managing digital assets like cryptocurrencies can be complex, especially when it comes to inheritance—but it doesn’t have to be. Vault12 Guard ensures that your digital inheritance is securely managed, and that only the right people—your chosen Guardians—can approve your beneficiary’s access at the right time.

Implement Your Inheritance Plan

Vault12 encourages you to create a carefully considered inheritance plan that covers all of your digital assets. Once your inheritance plan is set, Vault12 Guard will help you manage access to these assets and ensure everything is handled as you intended.

A Comprehensive Digital Vault

Vault12 Guard isn’t just for backing up crypto wallets. It’s a comprehensive solution for backing up all types of digital assets and storing sensitive information:

  • Seed phrases from any type of wallet and even private keys including Bitcoin, Ethereum, and other cryptocurrencies. Vault12 Guard allows you to select from a pre-determined list of wallets or add your own.
  • Non-fungible tokens (NFTs).
  • Digitized copies of legal documents, medical records, or any other personal records.
  • PINs and instructions for accessing devices and password managers.

Vault12 keeps everything safe and organized in one digital vault.

Backed up and Protected By Trusted Guardians

Your digital assets are protected by your most trusted people: your chosen Guardians, who can use Vault12 Guard for free.

In the event that you lose a device like your mobile phone that holds crypto wallets, Vault12 Guard offers you and your Guardians a straightforward process to restore your assets.

In the case of inheritance, your Guardians must approve the beneficiary’s request to access your Digital Vault.

Manage your Digital Inheritance with Vault12 Guard

Vault12 Guard is available on iOS, Android, MacOS, and Windows. For detailed guidance on setting up your digital inheritance with Vault12 Guard, including step-by-step app screenshots, check out our guide here.

Here’s a brief overview of the essential steps after you download the app:

  1. Set Up Your Vault: Implement your digital inheritance plan by adding your digital assets and designating Guardians (including your beneficiary).
  2. Manage: Use Vault12 Guard to do the heavy lifting:
    1. provide truly high-security storage for your data
    2. add or remove wallet seed phrases and other digital assets
    3. add or replace Guardians, and verify their “active” status
    4. securely transfer access to your Digital Vault with your Guardians’ approval.

Regular Asset Reviews

As with all assets, it’s a good idea to periodically review your digital assets to check for legal or regulatory changes that may affect your holdings, related technology or product updates, and current market value. Adjust your digital inheritance management strategies as needed.

Check in with your Guardians, too, to confirm their continued readiness to help guard your digital assets.

Vault12 Guard makes managing and inheriting digital assets simple and secure. Whether you’re new to cryptocurrency or looking to safeguard your digital legacy, Vault12 provides an easy-to-use solution for modern estate planning and inheritance.

How Vault12 Guard Helps You Manage Your Crypto Inheritance

Crypto Inheritance Planning vs. Traditional Estate Planning

Both types of planning work hand in hand to protect your digital and traditional assets

Crypto Inheritance Planning is a specialized subset of general estate planning that deals with the unique challenges of digital assets such as crypto wallets, cryptocurrencies, NFTs, and other blockchain-related assets. As you invest more in these assets, planning for what happens to them when the time comes is just as important as planning for traditional assets.


Why Crypto Inheritance Needs Special Attention

Crypto assets don’t work the same way as traditional financial assets when it comes to inheritance, nor are they like physical assets.

  • Traditional financial investments usually include a beneficiary as part of the financial institution account: institutional processes will manage inheritance distribution.
  • Physical assets might be located on your property (or even at a marina, stable, or airport), and are often registered or insured in your name, leaving a clear “paper trail” of ownership. Generally, your beneficiaries are aware that you have them, and they will be easily discoverable when you eventually pass. These assets will be sold or distributed among your beneficiaries according to your wishes as expressed in your will.
  • Crypto assets are generally not discoverable by others unless you make a specific effort to make them so. This is why making an inventory of your crypto assets and setting up a plan to redistribute them as part of your inheritance plan is so critical.

For each asset type, you should consult with experts to consider legal and tax issues relative to transferring ownership of the assets when needed.

For crypto assets, you also need to consider the security of your digital holdings while you are still alive, and a safe mechanism for transferring access to your crypto wallet after you pass. This is where Vault12 Guard can help you.

Legal and Tax Considerations

Crypto inheritance is affected by many of the same jurisdictional issues that affect traditional inheritance, such as laws surrounding wills, probate, and executors. Depending on your area, rules on taxes and transfers can affect how your crypto assets are inherited. This is why it’s crucial to consult legal, financial, and tax professionals who understand both traditional and crypto-specific inheritance planning. They can help you navigate those rules and make sure that your plan is both effective and legally compliant.

Security Before and During Inheritance

You already know that you need to keep your guard up to protect your crypto investments while you are alive. There are risks seemingly around every corner! One of the unique risks to cryptocurrency holdings is that you should not trust anyone or any institution with seed phrases to your crypto wallets while you are alive. Also, due to several types of threats, your privacy is of utmost importance - you don’t want many people to know that you have crypto holdings.

How can you keep your seed phrases secret from everyone, yet still make them securely available to your beneficiary after you pass? Vault12 Guard solves that problem.

What to Consider in Your Crypto Inheritance Plan

Be sure to cover these steps when adding digital assets to your estate planning:

1. Consult inheritance experts: Choose an estate planner or inheritance professional who knows crypto. They can guide you through the following:

    a) Tax implications of digital asset transfers.

    b) Legal frameworks that govern the inheritance process for digital assets, including how trusts and sales of these assets might affect beneficiaries.

2. Consider your need to secure and protect your private keys and/or seed phrases: These are the gateway to your assets, so keep them secure.

3. Consider your need to document your digital assets: When you implement your inheritance plan, you will need to create a detailed inventory of all your assets including every wallet and other blockchain-related holdings. For NFTs, you will need to make sure both wallets and original media files are backed up.

4. Include a technically-minded beneficiary. Choose someone you trust who can manage the technical aspects of accessing and potentially transferring the assets in your wallets. You might have a simple scenario where you store a small number of wallet seed phrases (which might not require a particularly advanced technical beneficiary). But your crypto holdings might be complicated, or sprawl across multiple platforms. Each individual situation is unique.

Crypto inheritance planning is an essential part of securing your digital legacy which is better done sooner rather than later. By planning now, you’ll avoid costly mistakes, and gain peace of mind from knowing that your assets will be conveniently passed on as you intend without risk or confusion.

Inheritance planning with Vault12

Why does privacy matter?

Privacy is especially important for owners of digital assets - understand how to protect yours.


TL;DR

Keeping your crypto transactions private is important for your safety and confidentiality.

Be very careful who you share personal or financial information with.

Your personally-identifying information (PII) is a target for thieves.

"Know Your Customer" (KYC) information is collected by banks and many crypto-related service companies.

Public blockchain ledgers can be analyzed for clues about who controls which addresses.

HD wallets are recommended to generate a unique wallet address for each spend and receive transaction.

Privacy-enhancing wallets, strategies, and coins exist, but require at least an intermediate level of knowledge.

Bitcoin mixers offer an increasingly-popular way to gain privacy by combining together many users' unrelated transactions, then recording them on the blockchain as blended, more-anonymous transactions.

It is much easier to establish privacy of your crypto assets when you first buy them, rather than to make assets that are associated with you later look like they do not belong to you.

Privacy is important to crypto owners

It is easy for new crypto investors to overlook the importance of protecting their privacy when purchasing digital assets. At first, privacy may seem like a minor detail, since the initial purchase motivation may be just to "dip a toe into the crypto waters" with a nominal sum of money.

However, when you create an account on a crypto exchange, or start to use some other convenient "on-ramp" to crypto ownership, you are creating a digital footprint that can be attributed - by some party - to you. Once that footprint is established, you will likely be tempted to increase the size of your holdings by topping up your investment, or the value of your small investment might just skyrocket. Either way, an investment that you did not expect to be worth much suddenly could be worth a significant amount.

Although an increase in the value of your crypto holdings is great news, it reveals an important reason to be concerned about privacy from the very inception of your crypto journey: if anyone learns that you hold large sums of crypto, you are at risk of becoming a target of crime and theft. Privacy is important to cryptocurrency owners primarily because of the potentially high value that crypto holdings can have.

Privacy is also important because even for small crypto holdings, if your transactions are revealed to an audience that you did not intend, you could face potentially negative social impacts: you might use crypto to pay for sensitive products, financial accounts, or information subscriptions that you would rather not tell others about - in some cases, its discovery could make you a potential target for blackmail or harassment.

It is very difficult to restore privacy of crypto ownership after it has been attributed to you, and depending on how you choose to move existing digital assets, there may be profit-taking tax implications when you appear to be moving your crypto.

Smart crypto investors consider privacy before performing their very first transaction, no matter how you purchase your first digital assets.

Blockchain addresses can identify you

Anyone can track blockchain address transactions on public blockchain ledgers by analyzing transactions with a blockchain explorer such as Blockchain.info, etherscan.io, or solscan.io.

There are several ways that your crypto transactions could be identified as related: For example, if someone re-uses a blockchain address (like a single-address paper wallet), then all transactions that have been associated with that address can be identified as being linked to the same owner. Other types of transactions (like spending multiple tiny sums of crypto "dust" from different addresses at the same time) can also reveal connections between multiple addresses, showing that they are controlled by the same person or entity. Curious individuals, as well as professional companies specializing in blockchain analysis, puzzle together clues like these to gain more understanding and data about transactions.

Reused or associated addresses may reveal about the address owner:

  • what companies the person bought from
  • what causes they sent assets to
  • what income was received

Observers may not immediately know who controls a given address, but some day, they may see a clue that allows them to identify who the owner is. For example, if you reuse an address that you have shared with someone like a service provider, they could know who you are, and could watch other transactions that you perform at that address.

If someone can identify you personally as connected with a blockchain address that has received large sums of money, you could be targeted for blackmail, kidnapping, theft, or any number of threats.

People or organizations with a known Bitcoin receive address could also be blacklisted: for example, a payment-related organization like Paypal could decide that they do not want to support transactions sent to a given address.


HD wallets offer "fresh" addresses every time

A popular type of crypto wallet that helps you to preserve your crypto privacy is a Hierarchical Deterministic (HD) wallet. HD wallets are designed to give you as many spending and receiving wallet addresses as you want - a fresh one every time, completely avoiding blockchain address reuse.

To retain your privacy when spending or receiving crypto, you should allow your HD wallet to provide you with a new Send or Receive address every time you perform a transaction.

To create many unique addresses, an HD wallet uses the wallet seed phrase to generate a master key pair: an extended private key (XPRIV) and an extended public key (XPUB). Then it can create many individual private and public keys that are hierarchically below the master ones. If you want to know more about XPUB addresses, swanbitcoin offers a nice explanation.

Your XPRIV should obviously always be protected, since it can be used to sign transactions and spend your crypto! Your XPUB also should be kept secret, since it allows read-only access to all of the "receive" addresses in your wallet - an XPUB can be used to configure a "watch-only" wallet. In fact, the Vault12 Digital Vault has an "Address Explorer" feature that can use an XPUB to build a watch-only wallet for you.

What you can and should share with others is a unique, freshly-created send or receive address that your HD wallet will generate for you every time you want to spend or accept crypto. By using a new address for each transaction, the "outside world" does not know which transactions are associated with a given wallet - each of the transactions appears on the public ledger to be independent.

Diagram showing the secure exchange of dollars and bitcoin

An abstracted crypto transaction through a secure exchange

Limit who has your Personally-Identifying Information

Personally-Identifying Information (PII) is generally defined as any information or combination of information that could be used to identify you as an individual.

Common forms of PII include your name, government identification numbers (passport, drivers license, Social Security number, etc.), payment card numbers, birthday, physical address, email address, and telephone number. Even an IP address can be considered PII, although different countries have different privacy laws that vary on that point.

You should be very careful to only share your PII with reputable organizations, and only through secure, encrypted communication channels (like the main corporate https web site of the firms that you have chosen to work with). PII is a prime target of digital thieves. If your personal information were acquired by bad actors, it would be abused for fraudulent purposes, and then likely resold on the black market.

To protect your PII, be particularly wary of links in emails, since they are a common source of cleverly-crafted phishing attacks that target your PII. It is much safer to open your web browser and directly navigate to a reputable company's web site than to click on a link in an email, even if the email looks legitimate to you. Educate yourself and learn how to recognize and avoid being tricked by phishing attacks.

It is not directly related to crypto, but Facebook's ongoing challenges with leaked PII data demonstrate the high appetite for PII abuse - and keep in mind that PII attained from any source could be used to try to target crypto investors.

Exchanges, hardware wallet vendors, and all sorts of crypto-related firms are under constant attack as hackers try to steal PII. The hardware wallet vendor Ledger succumbed to one such high-profile attack in 2020, for which they had to issue a public apology.

Crypto exchanges know your Personally-Identifying Information 

Cryptocurrency has a veneer of anonymity, but due to connections with financial accounts that are used to exchange currency for cryptocurrency in "on-ramp" crypto purchases and "off-ramp" crypto sales, your identity is often able to be associated with your crypto transactions. By default, your personally-identifying information is known to exchanges and to other crypto-related service providers with which you establish accounts. Pay attention to what information is solicited from you when you register for any services.

We are accustomed to trusting reputable organizations with our PII, and usually they do a good job of protecting it. But we should be conservative with our judgement of which organizations we give our information to, and should be aware that when we sign up to use a crypto exchange or other crypto-related service provider, they, as well as government regulatory entities, have the ability to associate our identity with crypto wallet addresses that we use.

Exchanges use "KYC" information for Anti-Money Laundering

You may wonder why you have to give your personal information to crypto exchanges.

Financial institutions and many crypto exchanges support governments in their enforcement of anti-money laundering (AML) regulations. When large sums of money or other assets are moved, governments have the right to scrutinize transactions to ensure that no money laundering or other criminal activity is underway. The acronym KYC stands for "Know Your Customer," and it is standard for banks and other financial institutions to require KYC information.

If you buy your crypto through a KYC-compliant exchange, you give up some privacy. However, if you do not buy your crypto through a KYC-compliant "on-ramp," governments tend to perceive transactions as less legitimate, since they do not know as much about the participants - as a result, there may be even more scrutiny of non-KYC transactions.

As crypto regulations evolve, there are personal choices to be made about tradeoffs with respect to privacy and perceived legitimacy. There is no "right" level of anonymity for your transactions, but you should be conscious of the level of privacy that you choose, and you should be conservative about which institutions and individuals you expose your information to.

Your currency-to-cryptocurrency transactions (crypto "on-ramps"), and your cryptocurrency-to-currency transactions (crypto "off-ramps") are some of the most important financial events that you will conduct. Be informed and cautious in which organizations you trust with an awareness of these transactions.

Privacy regulations offer limited protection

Different countries and municipal regions have varying privacy protection laws that offer you legal rights to control who can access or use your personally-identifying information, for what purposes, and for how long. Some of these laws include the European General Data Protection Regulation (GDPR), the U.S. Gramm-Leach-Bliley Act, the California Right to Financial Privacy Act, and the California Consumer Privacy Act.

However, you still have to provide your KYC information to major crypto exchanges if you want to do business with them, and it is still up to you to be conscious not to leave clues about your spending patterns on public-facing blockchain ledgers.

Additionally, there are significant privacy risks that regulations can not protect you from: unplanned problems such as cyber attacks, institutional misconfigurations, or insider leaks from exchanges.

You can acquire crypto anonymously

If you would like to maximize your crypto privacy, there are ways that you can acquire crypto that do not rely on KYC-compliant exchanges:

  • Peer-to-peer trading platforms, which may use an escrow service to guarantee trouble-free payments.
  • Crypto ATMs (although some require identification, and if you use a credit or debit card at them, you have lost any anonymity).
  • Earning transaction fees as a crypto miner.
  • Earning freelance income from customers who pay you in crypto. (Usually they would know who you are, but perhaps you provide services pseudonymously.)

You can spend crypto anonymously

The crypto world offers technology known as "mixers," or tumblers, which increase privacy by combining crypto coins from many sources and redistributing them in such a way that it is impossible to say which coins came from which origin. Similarly, a Bitcoin privacy improvement called CoinJoin increases privacy by producing multi-party transactions, rather than having all involved transactions identify which party performed transactions with which other party - in this way, it blurs the visible line of who actually transacted with whom for how much.

For Ethereum, there is a smart contract called Tornado that makes it harder to identify which tokens are being sent from which addresses. However, technologies such as Tornado are complex to use, and work best in the hands of "power users" who understand the nuances of timing and other techniques of obfuscation for their transactions. Additionally, the United States Treasury's Office for Foreign Assets Control has prohibited U.S. entities from using Tornado Cash.

Crypto wallets like Wasabi and Samourai are easier to use, and offer tumbling features that can help users leverage mixing technologies.

Regulators do not particularly like these forms of privacy protection, but they are becoming more widely used nonetheless by users seeking to keep their privacy as robust as possible.

Crypto wallets that prioritize privacy

A few crypto wallets specialize in providing features that support you in protecting your privacy. These wallets tend to have fast-changing feature sets as they implement new technologies like mixers.

Some high-privacy wallets are best for intermediate to advanced users. Privacy features are a little more complex to use than "default" transactions. Your wallet's documentation is the best place to learn more about the specific privacy features that are available to you.

To help you understand all of the choices among crypto wallets, Bitcoin.org offers you a handy interactive tool to compare features among many privacy-conscious wallets. (Keep the criterion checkbox "Privacy" checked.)

Running your own Bitcoin node offers extra privacy 

If you run your own Bitcoin full node, you send your pending Bitcoin transactions to your own server to perform required checks against consensus rules, instead of sending them to a random node for those checks (which would reveal information about which transactions were requested from your IP address). Similarly, if your crypto wallet makes a request for your past transactions, your own full node could fulfill that request, rather than transmitting it to a random node for the information.

There are many guides about how to set up your own node to increase your privacy. Some wallet vendors provide instructions for how to run full nodes that integrate well with their products. Bitcoin.org offers a wealth of additional general information about how to get started with full nodes.

If you don't run your own full node, it is a good idea to use a VPN to obfuscate your IP address when you run crypto-related applications like your crypto wallet software.

"Privacy coins" may offer extra privacy  

Privacy Coins are cryptocurrencies that are designed to keep transactional details private through various identity-cloaking mechanisms such as one-time addresses, ring signatures, and confidential transactions. There is much more to be considered than privacy when choosing which cryptocurrencies to invest in, but privacy features are a valid consideration.

Bitcoin used with CoinJoin can be considered to be a form of privacy coin. Altcoins that are making a name for themselves as privacy coins are Monero, Grin, Zcash, and Dash (which uses PrivateSend, an implementation of CoinJoin).

Privacy Best Practices

Privacy best practices include:

  • Be conservative about which institutions you share your PII with.
  • Keep quiet about your personal crypto holdings and use.
  • Avoid blockchain address re-use.

Privacy advanced practices include:

  • Run your own node.
  • Purchase and sell crypto through anonymous platforms (brokered or peer-to-peer).
  • Use coin-mixing wallet features.

Diving deep into crypto privacy

Crypto investors who want an extremely high level of privacy need to stay on top of multiple fast-changing technologies and services. No set of references will remain current or comprehensive for long, but these sites offer a wealth of further detail about options to secure the highest levels of privacy for your coins:

Backup and Inheritance for Bitcoin Runes

Understanding Runes: how to protect your ownership and future inheritance.


What are Inscriptions, Ordinals, and Runes?

We recently shared the story about how in 2023, the Ordinals protocol was added to the Bitcoin network. Users began to use Ordinals to inscribe unique data (NFT "inscriptions") directly onto Bitcoin satoshis, and soon thereafter, Ordinals inscriptions enabled the creation of fungible BRC-20 tokens on the Bitcoin blockchain. Inscription-based Bitcoin NFTs and BRC-20 tokens expanded the Bitcoin landscape to encompass both fungible and non-fungible tokens. BRC-20 tokens became fairly popular, achieving a market cap exceeding $2 billion.

Then in September 2023, just as Ordinals was reaching peak popularity, the same developer behind Ordinals, Casey Rodarmor, proposed another new protocol for tokens on Bitcoin: Runes. Runes introduces a fresh token standard for Bitcoin, streamlining the process of creating fungible tokens and enhancing efficiency for users. The motivation behind Runes was to improve upon BRC-20.

Runes launched at the same time as the April 20, 2024 Bitcoin halving event, at network block 840,000.

What makes Runes better than BRC-20?

Runes aligns more closely than BRC-20 with the Bitcoin community’s values and unwritten rules, like protocol simplicity, independence of off-chain data, and using unspent transaction outputs (UTXOs) as a state model. Runes also uses a smaller blockchain footprint, thus avoiding the perception that it is filling up the Bitcoin blockchain with “garbage” data.

In contrast to the complexity of BRC-20, the simple rules of Runes tokens allow the tokens to be included in many wallets, requiring only relatively minor modifications by wallet developers.

If you are interested in learning more about how the Runes protocol works, you can read more about it in the Ordinals documentation.

Why do Runes have such long names?

Runes have a unique, forward-looking characteristic of ticker naming: shorter names for individual Runes will be unlocked (allowed) over time. This rule is intended to prevent a rush of front-running and "squatting" more attractive, shorter names. At first, only Rune names of thirteen or more characters are unlocked, which is why (depending on when you read this article) you might only see Runes with long names avaliable for mint and sale. An example of an early Rune name is "UNCOMMONGOODS." How quickly are shorter names unlocked? Runes was unlocked at block 840,000, and after that, the completion of every 17,500 blocks (which takes about four months) unlocks the next-smaller length of Rune name availability.

What will Runes be used for?

Initially, we will inevitably see a lot of meme Runes traded, since they are so simple to create. There are more "serious" Runes projects in the works, but it’s hard to predict which will be successful, and when more value-added Runes-based projects will be available.

What are some popular Bitcoin Rune projects?

You can follow along with which Runes projects are new and most popular at several online Runes explorers, including Ordiscan.

How can you mint, buy, and sell Runes?

Platforms like Ordinalbots can make the process of "etching" and minting Runes simple. "Etching" sets the properties of Runes, and “minting” creates new ones that may then be transferred.

Trading platforms like Magic Eden already support Runes purchases and sales. OKX is another.

Always do your own research and/or consult with a professional if you're unsure about anything.

How do you use a wallet to back up and protect your Runes?

Runes-capable wallets operate like other crypto wallets. To buy some Runes and back them up:

  • Create an account, secure your seed phrase backup, and deposit funds into your choice of Runes-capable wallet.
  • Create or purchase Bitcoin Runes on your platform of choice.
  • Use a Runes-compatible Receive address in your wallet to receive the Bitcoin Runes from the marketplace or trading platform you've chosen.
Back up the recovery phrase for your Runes wallet in the same way as you would for any other wallet. If you were to lose access to your wallet without backing up the recovery phrase, you would lose your Runes and anything else in that wallet.

How do you ensure inheritance of Bitcoin Runes?

You must protect your long-term storage and the inheritance of Bitcoin Runes in the same way as you would any other Web3 digital asset.

Web3 asset inheritance is different from the relatively straightforward steps for a traditional inheritance, where you go to the bank or the broker, you tell them that someone has passed on or is incapacitated, and you are given access to those assets. In contrast, with Web3 assets, you, the owner, are responsible for the security and safekeeping of those assets. If you haven't recorded all of the details about your assets and communicated them to the people who will be the beneficiaries, your assets will likely be lost. Even if you did record the details correctly, there are still a lot of ways for heirs to go wrong with complex technical things during the succession process.

Take the risk out of your web3 and Bitcoin asset wallet backups by storing your wallet seed phrases in a specialized digital vault.

How can Vault12 Guard protect your Bitcoin Runes?

Image of Vault12 Guard app on mobile phone

Our latest technology release Vault12 Guard is a mobile app designed for ordinary people who are collectors, Web3 creators, and crypto enthusiasts buying cryptocurrency. Vault12 Guard is designed to make it as simple as possible to back up all of your digital assets and then assign a beneficiary who can receive those assets in the event of incapacitation or death.

With Vault12 Guard, it's very simple to back things up for your own wallet recovery. It's very simple to activate Inheritance. And it's very simple for your heirs to retrieve those assets when needed. Download the app from any of the app stores (iOS or Android), install it, and create a digital vault. You can immediately start adding assets, which will be stored locally on your phone device for full, distributed, decentralized backup and inheritance.

With Vault12 Guard, you can add and assign your own vault Heirs and Guardians. These are people that you know: they could be business partners, family members, or friends who will guard your vault. Your Guardians will grant access to your Web3 assets on the event of your passing.

You can learn more about Crypto Inheritance here, or jump right into learning how to quickly set up your vault to bring longevity and resilience to your digital assets journey.

View all articles

Backup

Vault12 Guard provides inheritance, and secure decentralized backup of seed phrases and/or private keys, giving Bitcoin (BTC), Ethereum (ETH).

View all articles

Crypto Key Management

Keep your keys safe, but available to restore your wallet when needed.


TL;DR (concentrated takeaways)

Crypto key management involves understanding and protecting your crypto wallet keys.

Key management also includes protecting the various mechanisms (like passwords) that can provide access to your crypto wallet keys.

Consider all of the accounts and mechanisms that are used to gain access to your keys both in your wallet(s) and in all backup locations.

In the event of a possible wallet compromise, sweep your crypto to a new wallet. Practice this so that you understand the process and could do it quickly.

In case you need to restore your wallet on a new device, you should carefully practice restoring your wallet from its seed phrase.

Also practice restoring any digital assets such as NFTs.

Any time you change your wallet seed phrase or how your keys are stored, update your seed backup or corresponding notes.

What is Key Management? 

Congratulations to those of you who manage your own crypto wallet. You probably already know that being in custody of your own crypto gives you some important crypto key management responsibilities, and we will discuss some of the most important aspects below.

In a nutshell, key management is the set of protections that you use to store and protect your crypto keys from theft and loss, so that only you have the ability to authorize crypto transactions or to restore your crypto wallet.

Recall that when you set up your wallet, you had to create a randomized seed phrase (maybe you also chose to set a BIP39 passphrase option). Your wallet used these to generate a master private and public keypair. Any detail that would allow someone to gain access to your keys (your seed phrase, crypto wallet, or passwords to anything that could expose your seed phrase or the keys) is very important to keep secret. Your keys (via the seed phrase) should be stored only in your crypto wallet and in any backups that you have consciously chosen to make and protect as part of your key management strategy.

Because you have choices in the crypto wallets that you use, the devices which you use to access them, and the number and form of backups that you make, exact key management strategies will vary for different people. However, the goals, concepts, and protection strategies are the same. Let's go over what you need to know in order to safely protect and manage your keys.

If you have significant crypto investments, it is widely and strongly recommended that you manage your own crypto wallet and keys. ("Not your keys, not your coins!") Therefore, we assume in this article that you are managing your own wallet.

Your keys are in your crypto wallet and in your backups. 

Your wallet holds your seed phrase: you initially either used your wallet to generate a seed phrase for you, or you imported a seed phrase that you had previously created. Your wallet also holds generated keys: it uses your extended public key to check your account balances, and your extended private key (and any child keys used for specific crypto coin accounts) to sign transactions. (Your wallet may or may not also store your optional BIP39 passphrase, depending on its model and configuration.)

The wallet backup that you hopefully created when you set up your wallet should contain all of the information needed to restore your wallets: this includes the seed phrase at a minimum, and possibly more information. If you set a BIP39 passphrase, your backup should include that, too (possibly in a second location if you are not using a distributed, encrypted backup solution like Vault 12's Digital Vault).

Because your seed phrase and optional passphrase can be used to reconstruct your master keypair (and thus all of your crypto assets), it is critical that you protect not just your actual crypto wallet, but also your seed phrase backups, and everything that protects these backups.

Your keys are guarded by various secrets that protect your wallets and backups.

Depending on your setup, other passwords and secrets that may be needed in order to access your keys include:

  • A physical vault combination in which you keep your hardware wallet or seed phrase backups.
  • A laptop or cellphone username/password login, and a software wallet password.
  • Encryption passwords used to encrypt your seed phrase or passphrase before storing on a cloud drive.
  • The location and password to your password vault software.
  • The location and filename(s) of encrypted seed phrase or passphrase backups.
  • 2-factor authentication reset codes.
Because any of these could be used to gain access to your crypto keys, depending on how you decided to back your seed phrase up, they all become potential elements of your crypto key management strategy. Some of them could be single points of failure (if lost, you would lose access to your crypto), depending on your backup strategy.

You should understand the entire set of passwords, PINs, vault codes, and any other secrets that would be necessary to access your crypto. Understand which of them are single points of failure. Ensure that each is strong. If you are using a password manager, understand how you are backing up the master password to your password manager. Ensure that each secret is backed up using good password management practices, and that there is some way for a trusted person to access your crypto using the backups of your secrets if you become incapacitated or unavailable.

Management of the broader, complete set of secrets that are used for all varieties of digital activities is known as "Secrets Management." This article describes management of only the secrets that are related to protection of one's cryptocurrency wallet encryption keys.

Protecting the keys in your crypto wallet from theft and loss.

Whether you use hardware, desktop, or mobile devices, always use strong passwords and keep all software up to date.

Hardware wallets are by design more secure than software wallets. Hardware wallets usually hold your keys in a high-security physical chip like a Secure Enclave or similar, and have strong safeguards to prevent a bad actor from using the device directly or extracting the keys if they gain physical access. These safeguards often include initial tamper-evident packaging, a password and/or PIN, protections that temporarily or permanently lock or erase the device if too many incorrect guesses are made, and short-lived timeout locks requiring frequent re-authentication.

Software wallets vary a lot; there are an incredible number of them of varying quality. Because of how much they vary, it is hard to make generalizations, but they are usually protected by passwords and additional system-level protections related to memory, caching, etc. Because of the large variety of applications that are run on desktop and mobile devices, and the fact that they are connected to the internet as a hot wallet, the potential "attack surface" of desktop and mobile wallets is large, and unfortunately, malware on laptops and cellphones is common. It is generally agreed that software wallets are not secure enough to protect high-value crypto holdings - but many people do use software wallets to hold small amounts of crypto for day-to-day transactions.

Some advice about protecting crypto wallets on your mobile device: mobile apps can leverage system-level security features like isolated, encrypted file systems and network transfer mechanisms that are stronger than desktop operating systems commonly offer. However, mobile devices are more frequently lost and stolen due to their portability. If you use a crypto wallet on your smartphone, do your homework and ensure that you are using a well-known, well-reviewed wallet installed on a modern device that has a secure chip for storing your keys. Also enable mobile device security mechanisms offered by your provider such as remotely disabling your phone, or remotely finding your phone if lost.

Regardless of the level of security that your wallet offers, good key management requires that you provide your hardware and software wallets (and any backups) with the best security that you can by keeping them locked up or otherwise limited in who can physically access them.

Protecting the seed phrase in your backups from theft and loss. 

Remember that your seed phrase can be imported into a new wallet to regenerate your crypto keys, so even though your seed phrase takes a different form than your actual keys, protecting your seed phrase is equivalent to protecting your keys.

Much of the same advice just offered for keeping your crypto wallet protected also applies to your seed phrase backups - but the scope of key management for your backups expands if your backup scheme becomes complex.

As an example of easy and effective key management for simple backups, if you were to store two copies of a seed phrase in physical vaults in two different locations, your protection of those backups is straightforward: you would only need to limit physical access to the vaults, and safely protect the code(s) to the safes. (You could even choose to safely store the vault codes in your Vault12 Digital Vault!)

Another example of an easy and effective key management strategy would be for you to use the Vault12 Digital Vault to back up your seed phrase - you would just need to keep the Digital Vault mobile app device software updated (likely automatic), and ensure that your mobile device is configured with strong authentication (choose a PIN that's hard to guess, and consider using Face ID or fingerprint as a second authentication factor). Of course, you would also need to update your Digital Vault seed phrase backup if you ever change your seed phrase by configuring a new wallet.

If you choose to store your seed phrase backup in any form that relies on your laptop/desktop, external digital drive, or Cloud storage, however, key management becomes much more complex:

If your laptop or desktop computer stores your seed phrase, you need to not only limit who has access to it, and keep all of its software up to date, but also have a plan for how to restore your system in the event of disk failure or software corruption. Your system backup should be in a different location in case of natural disaster, and you would need to protect that system backup too.

If you stored your seed phrase backup in some sort of encrypted, Cloud-based container, you would need to document and protect each mechanism involved ... including authentication information to whatever device(s) or account(s) or tools are needed to retrieve the key. Depending on your choices, that could include a Cloud platform account, a password manager, an encryption key, 2-factor device authentication passwords or recovery codes, and possibly more. Such complex backup schemes contain not only increased chances of error, but ultimately, you still need to write down, remember, or somehow record one or more passwords in order to gain access to the password manager that would hold more pieces of the puzzle that ultimately leads you to your seed phrase backup. Ultimately, too much complexity introduces management risks that counteract security. If your recovery steps are complex, they would call for a well-documented backup/recovery plan for your complex array of secrets, and you would need to keep that plan in a safe, secret place!

Should you routinely change (rotate) all of your secrets?

It becomes necessary to change passwords or seed phrases any time they are potentially exposed or compromised (including loss, unauthorized access, or if a published software or hardware vulnerability affects them).

Does this mean that you have to change your crypto seed phrase from time to time? Not necessarily. The frequency of password or key changes should be driven by the chance (the risk) of their exposure.

On one end of the spectrum, for crypto that you keep in "cold storage," and for which you have followed all of the guidance for generating a highly-randomized seed, keeping your seed phrase away from internet-connected environments, and maintaining high privacy about your crypto ownership, there is little to gain in "rotating" your keys regularly, since a good, random seed phrase will never be brute-force guessed, and there is little risk of anyone gaining access to your offline key or backup storage. This cold storage is akin to "set it and forget it."

On the other end of the spectrum, it makes sense to change some passwords regularly. For example, if you regularly access a software service from a variety of different devices, then the frequency of your use of that password on internet-connected devices raises the chances that it could become compromised at some point in time. This service could be a social media account, banking application, email, or a password manager - it could even be one of your laptop operating system accounts. Think about it: if you use a password over and over again, perhaps from different browsers or different devices over time, and never change that password, chances are good that eventually, it will be captured by malware, observation, or a camera, or possibly hacked. This is why many online services force you to change your password occasionally.

Examples of passwords that you may want to change occasionally just because of the sheer number of times and contexts in which you use it are:

  • The password or PIN to your mobile device
  • The password to your desktop or laptop computer
  • The password to hot wallets or crypto exchange accounts

Events that should cause you to immediately change your secrets.

There are circumstances in which you should immediately change passwords or rotate keys:

  • If you lose physical control of your hardware wallet or backup - or suspect that you may have - you should "sweep" your crypto into a new wallet with freshly-generated keys. (Perhaps your home was broken into, or you accidentally packed a hardware wallet in checked baggage when travelling.)
  • If an unusual and unplanned event like medical incapacitation, incarceration, device repair, etc. forces you to temporarily trust someone with any secrets to your accounts, devices, or vaults, you should change those secrets as soon as you can afterwards.
  • Broken family situations can also lead to a practical need to change passwords.
  • If malware is detected on your mobile device or desktop/laptop, you should distrust all accounts, passwords, and software that were used on that device. It would be prudent to restore your software wallet on a new and trusted device by importing the seed phrase, and then from there, sweep the funds to a freshly-created wallet with a new seed phrase / new keys. Don't trust anything that you have ever typed on any potentially-infected machine. Even though malware protection software may report that it can "clean" malware from devices, it is safer to completely reinstall a device that has been infected with malware. Once you are working in a "clean" environment, change all of the passwords to accounts that you may have used on the infected machine - if your malware-infected machine had a keystroke logger installed, a hacker may have a record of everything that you had typed on that machine.
  • If there was a software vulnerability reported in a tool that you used to interact with your crypto (a software wallet, a browser extension, etc.), you may also want to sweep your crypto to a new wallet. Not all software vulnerabilities are practically exploitable, but if you want to be on the safe side and you are not sure how much to worry, you will gain peace of mind by either researching enough to understand whether you should sweep your crypto due to that vulnerability, or sweeping it "just in case."

Know your wallet's backup and restore steps. 

One of the most essential tests that you can perform in crypto key management is to restore your wallet from your seed phrase backup. Knowing that you can quickly and easily restore your crypto wallet gives you peace of mind, and allows you to act quickly if it is ever necessary to perform a restore on a new device, and then a sweep to a new wallet.

Read your wallet's documentation to be confident that you understand all of the recommended steps.

Your crypto wallet may also hold NFTs or other digital assets. If you have digital asset files, you can store them in your Vault12 Digital Vault. Practice restoring them, too, for more peace of mind.

Practice sweeping your crypto to a new wallet.

You can practice sweeping funds to a new wallet anytime - you should become familiar with the process, whether you are just practicing by sweeping a small amount of crypto, or whether you choose to sweep the entire wallet account balance.

Remember that if you have a multi-currency wallet, you will likely need to perform one transaction for each type of digital asset - sweeping multi-account wallet balances may take a few steps. Also remember that it may take a few minutes for each blockchain transaction to be validated and completed, and for the swept funds to appear in your new wallet.

Additionally, every time you move crypto, it may appear to any applicable financial or tax regulators as if it is a spend transaction. Have some way of accounting over time for which funds you moved to a different wallet of your own, so that you can keep track of which of your transactions are spend transactions versus "sweep" transactions. If you are willing to give up some of your privacy to a third party, there are crypto portfolio trackers like Cointracker.io that can do this for you.

Practice restoring your wallet from your Digital Vault.

Restoring your wallet from your Vault12 Digital Vault is easy ... but it too, should be practiced, with participation from your trusted Guardians, so that when you want to restore your wallet, it is a simple, well-understood, and successful process for all. In addition to being easy to restore, the Vault12 Digital Vault is secure and fault-tolerant.

When you restore your crypto from the Vault12 Digital Vault, pay close attention to any nonstandard instructions that you may have captured in Note files. If you are not available to help your beneficiaries restore your assets from your vault, they will need to be able to understand any Notes that you wrote.

When you change your wallet configuration, update your backups.

Remember that if you change your seed phrase, rotate your keys, or change any of the passwords related to your wallets or seed phrase, you must update your seed phrase backup, or your backup restore notes in such a way that your wallet restore instructions continue to be effective. It would be wise to perform a wallet restore test on a regular, scheduled basis, such as once per year, just to keep it fresh in your mind and the mind of your beneficiaries.

Composite of digital keys

How to securely destroy your paper seed phrase backup.

You should remove all traces of temporary seed phrase backups.


TL;DR (concentrated takeaways)

You should not keep any temporary paper copies of your crypto wallet seed phrase.

The Vault12 Digital Vault is perfect for permanently and safely storing your seed phrase backup.

Disposing of your temporary paper seed phrase is easy, but the details are very important.

You could dispose of it by burning it in your kitchen, and then flushing the ashes.

You could dispose of it by erasing, shredding, and then flushing the pieces.

Remember that your wallet seed phrase allows access to your crypto

By now, you know that your crypto wallet seed phrase is the most important thing to protect in order to guard your crypto assets. You have read about the need to use randomness to generate your seed phrase, and then how important it is to back it up to ensure that it is not lost or stolen. In this article, we will assume that you have already decided on which wallet to use, how to generate your seed phrase, and how to back it up. With your wallet set up and your seed phrase safely and permanently backed up, now you find yourself with a piece of paper that holds a "spare copy" of your seed phrase scrawled on it. How should you dispose of that precious piece of paper?

Why would you have a paper copy of your seed phrase? 

You probably ended up with that piece of paper containing your seed phrase as a result of your seed phrase generation and/or wallet setup steps. Until you are sure that your wallet configuration is complete, and your permanent seed phrase backup is complete, you likely wrote down your seed phrase on paper along the way.

If you generated your seed words incrementally with dice, you likely calculated them one by one, capturing each one on paper after it was chosen.

Similarly, if you let a crypto wallet choose your seed phrase for you, you likely wrote it down in order to confirm the words back to the wallet during the configuration process. In any case, you probably did not transcribe each word directly into permanent storage the instant that it was generated - you wrote it down offline, on paper, in order to have a copy to use to help you complete the steps of saving it to its permanent storage medium. Then you saved your seed phrase to a permanent medium such as your Vault12 Digital Vault, a steel card, or a limited-access, backed-up encrypted file. You might even have chosen to use two of those forms of secure, permanent backup.

Congratulations! But now you also have this extra piece of paper that you don't need - and it would be silly to leave it lying around waiting to be stolen, or to just throw it into your trash can.

Planning to destroy your temporary seed phrase copy

You need a foolproof way to destroy the now-unnecessary, temporary paper copy of your wallet seed phase, such that it can never be reconstructed. Here are some things to keep in mind as you plan to destroy it:

  • Don't put the task off. If you do not keep the temporary copy in a high-security safe until it is destroyed, every moment that it remains readable holds some risk that you could misplace it, or that it could be otherwise accessed. Properly disposing of it is not hard to do, and it does not take long - finish the task.
  • Meanwhile, be aware of cameras that could record the seed phase from the paper. Your smartphone, laptop, tablet, or security camera could all capture an image of your seed phrase without your realizing it. We have all become so accustomed to cameras around us all of the time, especially when they are part of our home security system, that we lose our awareness of what is being recorded. Don't take the chance of accidental image capture.
  • If you wrote down the seed phrase on a pad of paper, ensure that the page below the one that you wrote on does not have impressions that could be used to detect and reconstruct the words. Tap into your spy novel knowledge to imagine that possibility! If necessary, destroy the page underneath as well to remove all traces.
  • Be absolutely sure that you did not make any errors in backing up your seed phrase to permanent storage.

Now you are ready.

Illustration of person burning a paper seed phrase

Option #1: Destroy your seed phrase copy with fire and water

For all activities related to fire, you should of course carefully take appropriate safety precautions.

It is possible to burn your seed phrase outdoors, but we recommend doing it indoors, since indoor space is more controllable. (Outdoors, you may be more conspicuous, the paper could blow away partially-burned, or worst of all, you could accidentally start a larger fire.)

Indoors, you have a ready-made seed phrase burning area: your kitchen stove. When you are ready:

  • Just in case, know where your fire extinguisher is located!
  • Survey the area around the stove to ensure that there is nothing flammable.
  • Turn on the ventilation fan near your stove to prevent setting off the smoke detector.
  • Have a lighter handy.
  • Put a metal pan that you will use to contain the burning paper onto the stove.
  • Fold your seed phrase paper in half so that it makes a V-shaped "tent."
  • Place the folded paper into the pan, pointy side up (as an upside-down "V") - this will allow oxygen to circulate underneath it for a complete burn.
  • Carefully light the paper on fire, and wait for the flame to completely consume it.
  • Wait for the paper to cool. Crumble the ashes.
  • Flush the ashes down the toilet to avoid any chance of reassembly.

Option #2: Destroy your seed phrase copy by shredding and flushing

To destroy your paper seed phrase without fire:

  • First, if the words are written with pencil, completely erase them.
  • Shred the paper into extremely small pieces, such that even if any letters could still be read, no more than one letter would be shown on any piece. (This could be done using your hands, scissors, or a shredding machine.)
  • Flush the shredded pieces down the toilet to avoid any chance of their reassembly.

Your Vault12 Digital Vault is secure and convenient for your seed phrase backup

It is a good feeling to know that your seed phrase is safe and secure without having to keep paper copies lying around. Your Vault12 Digital Vault is the perfect place to store your sensitive digital assets including your seed phrase. Congratulations on being an informed, responsible holder of your own crypto assets.

Photo of shredded paper

How to Secure your BitClout Account Seed Phrase with Vault12 Guard

BitClout is a new social network that uses a unique seed phrase as your account login. Learn how to back up your BitClout seed securely and protect your account.


TL;DR

BitClout is a new social network that uses a seed phrase as your account login and and your cryptocurrency wallet. If you lose the seed phrase, you will lose all your coins and the ability to login to your account ever again.

When you create a BitClout account, your seed phrase is pre-generated for you by BitClout. However, you can replace it with your own custom seed phrase.

You will need to back up your seed phrase straight away. Since the seed phrase represents not only your account but also the balances in your BitClout Wallet, you should robustly and securely store it with a protective solution like Vault12's Guard.

Welcome to BitClout Security

BitClout is a new social network, built entirely on the blockchain, that enables you to speculate on people and their posts. The BitClout blockchain uses its own native cryptocurrency, called BitClout, which is used to operate the platform and purchase creator coins. Bitcoin, BitClout, and Creator coins are all stored in the BitClout wallet.

To secure your account, which represents your own reputation, your balance of BitClout coins, and the collection of all creator coins that you have invested in, a seed phrase is used. Unlike crypto wallets that "hide" the seed phrase in their apps to make the experience of using the wallet "simpler," BitClout makes you use the seed phrase to directly log in to the platform, and to log out.

 

Image of BitClout prompt for seed phrase

Seed phrase required to logout

 

Your seed phrase represents not only the credentials to your account, but also becomes the sole way to manage your reputation and to manage your balances. You must back up your seed phrase to use BitClout, and you must protect your seed phrase, otherwise a 3rd party could gain access to your account.

BitClout gives you two ways to specify a seed phrase based on the BIP39 standard:

  1. Default - Use a pre-generated seed phrase that is shown to you when you first log in.
  2. Advanced - Create your own custom BIP39 seed phrase. By using alternate techniques to generate your seed phrase, you can better control your security risk.

Let's see how you can set up your security robustly:

Image of Bitclout Sign Up page showing default seed phrase

Log in with your seed phrase

How to back up your BitClout Seed Phrase?

When you first create or retrieve your BitClout account, you are immediately presented with your seed phrase and asked to store it. As with crypto wallets, the default for many people is to write it down on paper, but be warned that this is not a good long-term approach due to the risks associated with paper backups.

Instead, we recommend that you back up your seed phrase in a Guard Digital Vault.

Image of Bitclout's option to add Passphrase to seed phrase

Create a custom BitClout Seed Phrase

How to create your own Custom BitClout Seed Phrase?

The more advanced option, when you first create a BitClout account is to generate your own BIP39 seed phrase. Why would you generate a seed phrase externally? Because relying on software to generate a seed phrase means relying on someone else's implementation of security concepts such as entropy and randomness that are critical to producing seed phrases that are non-replicable and non-derivable.

We recommend that you generate a BIP39 compliant seed phrase using Vault12's Guard app.

How to back up your BitClout Seed in a Guard Digital Vault?

A Digital Vault has the advantage of being focused on a single purpose - securely storing digital assets for long-term use. While there are many types of digital vaults available for cryptocurrency storage, it is better to use something that is independent of any one blockchain, and can store any type of digital asset.

Here we will use Guard to demonstrate how a BitClout Seed Phrase can be backed up and how digital assets can also be stored in a Vault.

Step 1: Create and configure a Digital Vault

Step 2: Add your BitClout Seed phrase - this can be done in multiple ways - (a) Enter a Note in the format of a seed phrase or (b) you can enter a Note in free format text. See steps below:

After you have created a Vault, from the Guard app's Home screen, add an asset to your vault by tapping on "Add a Web3 Wallet."

  

Guard app main Welcome screen

How to add a BitClout Seed Phase to your Digital Vault?

Alternatively, you could start from the app's "My Vault" screen, by tapping the Add an Asset button, or the [ + ] button in the upper right corner, and then choosing Web3 Wallet.

  

Guard app "My Vault" screen (empty vault)

Choose your Wallet type

On the next screen, you will be able to choose the wallet vendor you use (or plan to use). By identifying the wallet vendor, it is easy for you to distinguish multiple seed phrases and private keys that you may accumulate in your Vault in the future.

In case of BitClout you can just enter manually "BitClout" in the search field and press Continue.

   

Guard app Add a BitClout Wallet screen

Choose a display format for your Seed Phrase backup

Now, you need to select the format in which you want to store your seed phrase: word-by-word, or free-text format. The "Enter each word" option presents the words in your seed phrase as a formatted list. The "Free-form text" option allows you to enter your seed words in whatever way you choose.
There are also Advanced options in case you want to securely generate a new seed with the Vault12 Guard app, or import your seed backup as a file or as a photo of your paper backup.

   

Guard app selection of seed phrase format

Carefully enter your Seed Phrase into your Vault

​Carefully enter your Seed Phrase into your Vault, word by word, in order, until all words have been entered. You can copy/paste the whole seed phrase if your wallet provides such an option. Be sure to double-check your entry against what you see in your wallet. (You may even want to triple-check! )

  

Guard app Enter your seed phrase screen

Name your Asset, and store it in your Vault

Once you have entered all of the words and clicked the "Done" and "Continue" buttons, you will have the option to give your Wallet's Asset a unique name (otherwise it will be stored with the name of the Wallet vendor chosen before).

Also, if you already set up the Guardians for your Vault, there will be a choice between creating an Asset Backup using your Guardians only, or "Guardian Backup + local copy" of the Asset too. Having a local copy might be convenient in case you need regular and prompt access to this seed phrase, however choosing "Guardian Backup only" is more appropriate for cold storage and higher security.
Finally, press the "Add to Vault" button, to store the Asset.

   

Guard app "Save your asset" screen

Your Vault distributes a Backup of your Asset to your Guardians

After you tap "Add to Vault," the app will bring you to the main "My Vault" screen, showing you the newly added Asset. You can check the status of the backup by tapping on the Asset.

After the seed phrase is stored in your Vault, it will be encrypted, split, and distributed to your Guardians. In case you choose not to store a local copy, the asset will be locked after distribution to Guardians is complete. Feel free to learn more details and nuances about how your seed is backed up here: "Back up your Seed Phrase or add an asset using Vault12 Guard app".

Retrieving your BitClout Seed phrase from your Vault

To gain access to your BitClout seed phrase, select the asset in your Vault and tap the unlock option. This process is described in more detail here: "How to restore your Digital Vault."

Image of interconnected network

How to Secure your BitClout Account Seed Phrase

BitClout is a new social network that uses a unique seed phrase as your account login. Learn how to back up your BitClout seed securely and protect your account.


TL;DR

BitClout is a new social network that uses a seed phrase as your account login and and your cryptocurrency wallet. If you lose the seed phrase, you will lose all your coins and the ability to login to your account ever again.

When you create a BitClout account, your seed phrase is pre-generated for you by BitClout. However, you can replace it with your own custom seed phrase.

You will need to back up your seed phrase straight away. Since the seed phrase represents not only your account but also the balances in your BitClout Wallet, you will need to robustly and securely store it.

In addition to the usual techniques of backing up a seed phrase, you can securely store your seed phrase in a Digital Vault.

Welcome to BitClout Security

BitClout is a new social network, built entirely on the blockchain, that enables you to speculate on people and their posts. The BitClout blockchain uses its own native cryptocurrency, called BitClout, which is used to operate the platform and purchase creator coins. Bitcoin, BitClout, and Creator coins are all stored in the BitClout wallet.

To secure your account, which represents your own reputation, your balance of BitClout coins, and the collection of all creator coins that you have invested in, a seed phrase is used. Unlike crypto wallets that often "hide" the seed phrase in their apps to make the experience of using the wallet "simpler", BitClout makes you use the seed phrase to directly log in to the platform, and in fact to log out.

Seed phrase required to logout

Your seed phrase represents not only the credentials to your account, but also becomes the only way to manage your reputation and to manage your balances. You must back up your seed phrase to use BitClout and you must protect your seed phrase otherwise a 3rd party will be able to access your account.

BitClout gives you two ways to specify a seed phrase based on the BIP39 standard:

  1. Default - Pre-generated seed phrase that appears when you first log in.
  2. Advanced - Create your own custom BIP39 seed phrase. By using alternate techniques to generate your seed phrase you can better control your security risk.

Let's see how you can set up your security robustly:

Log in with your seed phrase

How to back up your BitClout Seed Phrase?

When you first create or retrieve your BitClout account, you are immediately presented with your seed phrase and asked to store it. As with crypto wallets, the default is to write it down on paper, be warned this is not a good long-term approach due to the risks associated with paper backups.

Instead here are some seed phrase backup options to explore:

  1. Back up to Digital Vault.
  2. Crypto Steel.
  3. Encrypted local drive or USB.
  4. Cloud storage.
  5. Brain Wallet.
  6. Paper.
For a more in-depth explanation, see our article on "How to back up a seed phrase".

Create a custom BitClout Seed Phrase

Creating a Custom BitClout Seed Phrase

The more advanced option, when you first create a BitClout account is to generate your own BIP39 seed phrase. Why would you generate a seed phrase externally? Because relying on software to generate a seed phrase means relying on someone else's interpretation and implementation of security concepts such as entropy and randomness that are critical to establishing non-replicable or non-derivable seed phrases. Using techniques that are completely offline like dice, will always give you a more robust security posture than relying on an electronic or software-based approach.

Here are some common ways in which seed phrases can be generated.

  1. Seed Generation with Vault12
  2. Calculator
  3. Dice
  4. Crypto Wallets
  5. Hardware Wallets

For more in-depth details see our article on "How to generate a seed phrase".

Backing up your BitClout Seed in a Digital Vault

A Digital Vault has the advantage of being focused on a singular purpose - that of securely storing digital assets for long-term use. While there are many types of digital vaults available for cryptocurrency storage, it is better to use something that is independent of anyone's blockchain and can store any type of digital asset.

Here we will use Vault12 to demonstrate how a BitClout Seed Phrase can be backed up and how digital assets can also be stored in a Vault.

Step 1: Create and configure a Digital Vault

Step 2: Add your BitClout Seed phrase - this can be done in multiple ways - (a) Enter a Note in the format of a seed phrase or (b) you can enter a Note in free format text - see steps below:

Open your Vault and click on "Add an Asset".

1. Choose "Add Asset" to secure your BitClout seed phrase

2. Choose "Note" to paste in BitClout seed phrase

3. Paste BitClout seed phrase from BitClout

4. Click to save asset

5. Await Guardian confirmations

6. Your BitClout seed phrase is now securely stored in your digital vault

Retrieving your BitClout Seed phrase from your Vault

To gain access to your BitClout seed phrase, select the asset in your Vault and take the unlock option.

1. Select BitClout seed phrase in Vault

2. Press "unlock Asset" to begin process

3. Await confirmation from Guardians

4. Once confirmed, your BitClout seed phrase is available to view

5. Display BitClout seed phrase

How to Secure, Back Up, and Protect NFTs

Today, NFTs are enabling creators to revolutionize art, but they also enable additional use cases, including support for many types of unique physical and digital goods, such as concert tickets and identity documents.

TL;DR

An NFT or "niftie" is a token that is associated with a specific physical or digital asset that has a unique form and value. In contrast, cryptocurrencies such as BTC, ETH or other altcoins are interchangeable with others of the same type (1 BTC = any other BTC).

NFTs can be linked to physical assets, e.g., a diamond, a piece of physical, or a digital asset like an online concert ticket or digital art.

NFTs can be tracked on the Blockchain as they are transferred or sold to other people. In addition, NFTs can be programmed so that when they are sold on the secondary market, a portion of the proceeds can automatically be sent to the creator, thus creating a new motivational value chain for the creator economy.

NFT functionality is still in its infancy, but has the potential to change how assets are traded.

You should protect the NFTs you own by securely backing up the wallet that is holding the keys to your NFTs. It is especially important for creators, who might be associated with myriads of NFTs they authored, and thus all proof of ownership revolves around protecting creator's keys.

What is an NFT?

NFTs, or Non-Fungible Tokens, also known as "nifties", are digital assets tracked on a blockchain like any other token. The term "non-fungible" means that each token is unique. In practical terms, an NFT and its trading history can be tracked on the blockchain, and unlike Bitcoin - where each BTC is valued the same as any other BTC - NFTs can have different values depending on their attributes and on their unique market demand.

NFTs come in all shapes and sizes, but they have two key linked properties:

  1. They are linked to actual assets - physical or digital. Effectively, NFTs express the immutable right of possession, and this right is cryptographically fixed in a blockchain as an advanced digital version of a 'certificate of ownership'.
  2. Tracked on the blockchain so that ownership history is always verifiable. This means that not only digital items can be tracked, but physical items also can also be tokenized and represented as an NFT.
This opens a wide range of use cases for NFTs. Beyond the hype:

Art - both digital and physical art can be tokenized, traded, and tracked via the Blockchain. In March 2021, a JPG image produced by digital artist "Beeple" fetched $69 million in an auction run by Christie's. Other high-profile artists, musicians, and creators are creating new art, as well as tokenizing their historical catalogs.

Plane Tickets - in fact, tickets of all kinds can be issued, tracked, transferred, or even bought and sold, possibly with a percentage of the ticket price going back to the original issuers.

Baseball cards and other collectibles, including limited edition items, can be registered, traded and collected.

Real-world physical assets like diamonds or real estate can also be tokenized, and then traded. As long as there is clear provenance (a known source, or history of ownership) for the physical items, once registered as an NFT, they can easily be traded on a global market.

Looking towards the future of NFTs, there are incredible possibilities for how Smart Contracts will increase the utility of NFTs even more by supplementing them with real-world, dynamic data. Consider the possibilities for NFTs beyond serving as a record of the chain of custody and ownership: GPS location data can indicate the physical location of an NFT-tokenized object; real-time or virtual sports team game outcomes can offer additional token "rewards" to NFT owners; economic data could be used to automatically modify interest rates used for NFT-tokenized mortgage agreements. A dynamic NFT becomes a trackable asset that can be used to participate in various contractual relationships besides just collectible trading.

How are NFTs different from Cryptocurrency?

Most NFTs live on the Ethereum blockchain, although some other blockchains offer NFT support. Unlike cryptocurrency coins like Ether, which are interchangeable with other coins of the same type (fungible), NFTs are unique - like snowflakes - so what is being tracked on the blockchain for any given NFT captures its unique properties, as well as its trading history.

How do I create an NFT?

To create an NFT, first, choose a blockchain network - Ethereum has the widest range of NFTs today, but other blockchains that support NFTs include Finance Smart Chain, Flow by Dapper Labs, Tron, Polkadot, Tezos, Cosmos, and WAX, to name a few. Your choice of NFT blockchain network will determine which exchanges and which crypto wallets can interoperate with your NFT.

If you choose to use Ethereum for your NFT, you will need a crypto wallet that supports the ERC-721 standard, such as MetaMask, Trust Wallet, Coinbase Wallet, or Rainbow. In addition, you will need some funds in Ether (ETH). All Ethereum transactions will cost a transaction processing or "gas" fee.

The platforms that enable you to create NFTs include OpenSea, Rarible, and Mintable. To use these NFT platforms, connect your crypto wallet to the platform, click the "Create" button, and upload your digital art, or other NFT formats add contract terms and details, once your NFT is signed with your wallet, your NFT is ready to go and can be listed. 

How do I buy an NFT?

There are lots of sources to buy NFTs, and more are coming online every day. The most popular platforms include:


Livestream of the first-ever authenticated Banksy art burning.

How do I secure, protect and backup my NFTs?

NFTs are registered on the blockchain and linked to your wallet address, so backing up your claim to a purchased NFT includes the same process as backing up a wallet's seed phrase.

If you own the actual digital art source file itself (regardless of its format), you can also back this up in a Digital Vault, ensuring that your copy of the art is also protected from accidental deletion or loss. Especially important for NFT art that may pass through many hands e.g. auction houses, and also for insurance purposes.

Read on for step by step instructions:

Backing Up from an NFT Platform

Once a creator or developer has created an asset it needs to be "minted" on an NFT platform, this is the process of registering it on the blockchain and activating the smart contract that governs the NFT e.g. what percentage of future sales are credited back to the creator. Once minted it can be made available for purchase. Buyers will purchase directly from the NFT platform using their crypto wallet.

NFT Platforms support wallets in different ways, some wallets can display NFT records, others cannot - it's still early days - in this example, we will use Opensea.io a leading NFT platform, and the Metamask mobile wallet.

Screenshot of NFT minted inside OpenSea

Opensea.io

Metamask wallet

Metamask mobile wallet

With NFTs (as with cryptocurrency) it is in fact the wallet seed phrase that becomes the most important item to back up and secure. If you are not familiar with the concept of the seed phrase, it is essential to pay some attention and understand it for successful and safe management of your NFTs.

Step 1: Reveal the seed phrase in the wallet so that it can be backed up.

Metamask wallet

1. Settings

Metamask wallet settings

2. Security & Privacy

Metamask wallet security settings

3. Reveal seed phrase

Meta msk wallet seed phrase

4. Seed phrase displayed

Backing up your Crypto Wallet

Once you have access to the seed phrase you can back it up in many different ways - see our articles on MetaMask as well as seed phrase back up to learn more about the options available to you.

1. Back up to Digital Vault.
2. Crypto Steel.
3. Encrypted local drive or USB.
4. Cloud storage.
5. Brain Wallet.
6. Paper.
Note: backing up a seed phrase to paper is not recommended - read "Paper" article to understand why other options will be more secure and more robust.

The following steps for owners of NFTs, as well as creators, utilize a Digital Vault as the mechanism to store seed phrases as well as the original asset.

Owners: Using a Digital Vault to back up NFTs

A Digital Vault has the advantage of being focused on a singular purpose - that of securely storing digital assets for long term use. While there are many types of digital vaults available for cryptocurrency storage, for NFTs it is better to use something that is independent of any one blockchain and can store any type of digital asset.

Here we will use Vault12 to demonstrate how an NFT can be backed up and how digital assets can also be stored in a Vault.

Step 1: Create and configure a Digital Vault

Step 2: Add your NFT Wallet Seed phrase - this can be done in multiple ways - (a) Enter a Note in the format of a seed phrase or (b) you can enter a Note in free format text - see steps below:

Open your Vault and click on "Add an Asset".

Vault12 app

1. Note

Vault12 - add seed phrase

2. Create Note

Vault12 app

3. Type in seed phrase from wallet and name this asset

Vault12 asset added

4. Asset is locked

Unlocking NFT assets from a Digital Vault

When you need to access the seed phrase associated with your NFT wallet, select the asset in your Vault and press unlock.

Vault12 app

1. Unlock Asset

Vault12 app

2. Confirm unlock request

Vault12 app

3. Once your Guardians have confirmed your unlock request, the asset will be unlocked

Vault12 app

4. Asset now available

Vault12 app

5. View asset - seed phrase of NFT wallet

Creators: Using a Digital Vault to back up NFTs and original artwork

Keeping secure the seed phrase(s) associated with NFTs is especially important for creators, for whom it might be associated with myriads of NFTs they authored, and thus all further proceedings in future is strictly realized via the proof of ownership of the author's keys.

For creators, in addition to backing up wallets that contain their NFT collections, there is also the option to back up the original artwork itself - this could be an image, video or some other file format.

To add artwork to your Vault, simply take the "Add Asset" option in your Vault.

Vault12 app

1. Add asset via the File option

Vault12 app

2. Select file from your directory

Vault12 app

3. Name the asset

Vault12 app

4. There asset will be encrypted and distributed to your Guardians for protection

Unlock and access Creator assets

To gain access to your asset or artwork, select the asset in your Vault and take the unlock option.

Vault12 app

1. Select an asset and press Unlock

Vault12 app

2. Once Guardians have confirmed your request - the asset will be unlocked

Vault12 app

3. Display the asset

The NFT market is new and evolving, there have already been hacking attempts on two platforms where owners and creators had their accounts drained. Please make sure that you are using well-known and trusted wallets to associate with your collection of NFTs. Follow the guidelines laid out to make sure you are able to robustly secure and back up your NFTs - whether you bought them or if you created them.

View all articles

Get Started Now.

Vault12 Guard is now available from the iOS and Android App stores.
Download Vault12 on App StoreDownload Vault12 on Google Play

How-Tos

Articles on crypto security how to's e.g how to secure, back up, and inherit all your cryptoassets such as Bitcoin, Ethereum, crypto, private keys, seed phrases, NFTs, digital art, DAOs, and DeFi tokens.

View all articles

Start here. All about Cryptocurrency Security

Learn about how the risks of holding cryptocurrency are different than those of traditional investments, and how to move ahead with confidence and safety.

Excited to launch 🚀 a new universal resource - all about cryptocurrency security.

Welcome to the exciting journey of owning Cryptocurrency. Start here to learn the basics about risks in the crypto landscape, and where to turn to learn more about how to keep your cryptocurrency secure.

Vault12: Keep Your Cryptocurrency Secure | Wasim Ahmad, Chief Crypto Officer

TL;DR

Crypto wallets are very easy to start using in an insecure fashion.

You need to understand what a seed phrase is.

You need to understand why your seed phrase backup is the most important part of keeping your crypto safe.

The right choices about crypto security are personal and unique to each individual.

Vault12 "Learn" articles offer you understanding and insights no matter your level of experience with crypto.

What can I expect to find in this set of "Secure My Crypto" articles?

We created this site for our friends and family who are new to cryptocurrency, and who want to learn more about how to secure their crypto funds. We hope that the next 500 million future crypto investors will also use the information presented here to make the right choices to protect their digital assets.

The world of crypto is very different from that of traditional finance - the risks of loss, theft, accidents, or even simply forgetting your access information can result in an irrecoverable loss of funds. We want to arm people with the knowledge to make the right decisions to protect themselves.

Crypto wallets are essential to have, and surprisingly easy to use - they allow you to start buying crypto quickly. BUT in order to get you to the buying stage, many "how-to" websites and wallet vendors gloss over options that you have for how to make secure choices along the way. Our guides offer the right security advice at the right time as you set up your wallet.

There are a couple of core concepts that you will need to understand about your crypto wallet along the way: What is a seed phrase? And what are the ways to back it up? (Paper is only one way, and not the most robust - yet it is often the default or the only option described).

If you are an experienced crypto enthusiast, and you want pointers on some advanced approaches to security, you may find that definitive guides simply don't exist on the internet - at least not in an accessible way. Technical tidbits from a mish-mash of timeframes and sources can be found buried deep inside forums, but it is challenging to string them together in a meaningful or reliable way. Our optional advanced articles point the way forward to explore complex topics like how to generate a seed phrase using a pair of 20-sided dice.

In publishing both introductory and advanced articles, we've brought the foundations of crypto security together as an easily-digestible collection so that you can be confident and ready to participate in this brave new world.

Can I responsibly manage my own crypto and digital assets?

If you lose your keys, you can call a locksmith to open your door or car. (There are about 26,000 locksmiths in the U.S., so clearly, there is a need for this type of service!) However, if you lose the private keys or seed phrase associated with your crypto wallet, you are out of luck. Bitcoin, as well as all other major cryptocurrencies that came after it, is built upon public-key cryptography, a cryptographic system that uses pairs of keys. Public keys are used to identify blockchain addresses, which are publicly viewable, and private keys are kept secret and used for authentication and encryption. This encryption is so effective that if you lose your private keys, you would not be able to authenticate that you are the owner of the funds stored at the blockchain address, and you wouldn't be able to move or sell your cryptocurrency - your funds would effectively be "gone."
The biggest difference between the traditional financial system and the world of cryptocurrency is that with crypto, you are responsible for controlling the security of your funds - not the bank, and not the government. Because of individual variation in assets, preferences, and risks, there is no single set of security options that is right for everyone. This means that you need to choose the right layers of security to use for your situation. This site will give you the practical knowledge about security essentials that you need and will explain some of the tradeoffs that exist so that you can make the best choices for yourself.

We discuss the risks associated with holding cryptocurrency in our article "Why should I care about Security?" These risks include:

What else do I need to understand about digital wallets?

There are a couple of basic concepts about wallets that you will need to know or learn, especially those related to seed phrases and how to back them up. Nine out of ten crypto wallets will tell you, or strongly imply, that you should write down your seed phrase on paper. As convenient as this is, it's not the most robust approach for protecting such critical information.

With seed phrase backups and other wallet setup choices, only you can decide the right approach for choosing and setting up your crypto wallet and other digital assets, but usually the right answer lies in using multiple layers of security. The right answer for you will come from understanding the options and making informed choices.

How can I learn more about Web 3 crypto assets?

The articles below explain how crypto assets are used and protected, and contain more links that you can follow to dip your toes further into the world of Web3 tokens and assets.

Start here. All about Cryptocurrency Security

How to access your Recovery Phrase or asset stored in Vault12.

If you need to access your Seed Phrase or other assets from your Vault, this article shows how you can ask your Guardians to unlock them to grant you access.

There are many ways to generate and back up seed phrases, and a superb choice is to use Vault12 Guard.

If you used Vault12 Guard to back up your seed phrase, this guide describes how you can access that seed phrase by unlocking your asset.



To access a seed phrase that you have stored in your Vault, you will follow these steps:

  1. Confirm that your seed phrase is backed up in your Vault, and that your Guardians are active.
  2. In the Vault12 Guard app, request that the asset be Unlocked.
  3. Wait for Guardians to confirm your request.
  4. View the asset.

1. How to confirm your Digital Vault setup?

In order to access your seed phrase or backup code that has been stored in your Vault, first check that you have a working Vault in your Vault12 Guard app, and that your Guardians are available. In general, it is a recommended practice to do a Vault "health check" regularly.

If you don't have a Vault because you changed phones, then you can recover your entire Vault - see instructions for Vault recovery. After recovery, your Vault and its stored assets will again exist on your phone, and you can proceed with these instructions to unlock the stored seed phrase or other asset.

If you have not created a Digital Vault and assigned Guardians to protect it, please follow these instructions (since you did not have a Digital Vault, the new Vault created will be empty).

Are your Guardians active?

Once you have confirmed that your assets are stored in the Vault installed on your phone, ensure that your Vault Guardians are available. You can do this by switching to the "My Guardian" tab from the bottom navigation pane. If all of your Guardians are shown as active, you can proceed to request an Unlock.

If not enough of your Guardians are shown as active, you may want to call your inactive Guardians in advance and ask them to open the Vault12 Guard app on their phone, to refresh the encrypted connection between your apps.

  

Image of Guardians with active status

2. How to use Guard to request that your asset be Unlocked?

First, jump to the Vault section of your Guard app by using the bottom navigation pane.

On the "My Vault" screen, you will see your asset inventory, with the current state of each asset shown below its name. As you can see, there may be a variety of different states for the same asset:

  • Blue icon - asset has a local copy on the device
  • Grey icon - asset only saved with Guardians
  • Recovering badge - the asset is requested for Unlock, and Guardians' responses are pending.
  • Recovered badge - the asset was unlocked by Guardians, and a local copy is temporarily available.
  • Sent to Guardians badge - the newly-created asset is in the process of backup and distribution to Guardians.

   

Image of asset inventory in Guard

 

To Unlock an asset, choose the asset that you wish to unlock from the inventory list, and tap to open the Asset Details screen.

Then click on the "Recover from Guardians" button.

In the image above, there are two assets in a locked state (with grey icons). Let's unlock one of them (Metamask-wallet.txt) for illustrative purposes.

 

Image of Asset Details for metamask-wallet.txt

How do Guardians confirm recovery requests?

When the "Recover from Guardians" button is pressed, all of your Guardians will be notified with your Vault unlock request.

You have significant privacy even from your Guardians, since none of your Guardians can see which assets you are accessing. Your Guardians only see that you requested them to identify you, and they are asked to confirm that you made such a request.

  

Image of an asset unlock request to a Guardian

Guardian's in-app notification of your request

 

As the Vault owner, to see the progress of Guardians' responses, and of your overall recovery request, tap "View Status" in your Vault app.

  

Image showing recovery request status

How do Guardians approve your recovery of the asset?

Here you can see all the details of the Guardians' confirmations progress and the recovery:

  • The total number of Guardians requested (by default 3)
  • Number of confirmations you need to receive from Guardians to recover (by default 2)
  • Guardians' names, and status of their responses.
Remember that even though your Guardians will receive a notification in their Guard app with your request, it is expected that you will contact them directly through your preferred means of communication so that they can validate that you are of sound mind, with free will, and in a safe place to access your valuable digital assets. (Unless, of course, it is your own secondary device that you set up as your Guardian.)

 

Image showing asset recovery in progress

How to view the recovered seed phrase?

As soon as you have been positively identified by the required number of Guardians, and they confirmed your restore request, your asset will be recovered and available for you to view. You can then tap on "View Recovered Asset" to interact with it. Be careful not to expose your asset unintentionally to observers or cameras!

Do not hesitate to learn more about how to maintain your crypto safely and easily at SecureMyCrypto.org.

 

Image showing "Recovered Asset Available" status

 

Image showing recovered seed phrase

.

How to access your Recovery Phrase or asset stored in Vault12.

How to back up a Seed Phrase

There are many ways to back up a seed phrase. This article summarizes for you the advantages and disadvantages of each method.

A seed phrase, or recovery phrase, is a sequence of words that a cryptocurrency wallet uses to access your cryptocurrency holdings. Securely backing up your seed phrase is a very important step, because knowledge of the seed phrase effectively serves as ownership of funds.

Cryptocurrency wallet documentation often offers limited advice about best practices to securely back up your seed phrase. A common recommendation made by wallet providers is to write down your seed phrase on paper and then store it in a safe place — but in itself, this is not sufficient protection.

For example, the official documentation on managing a Coinbase Wallet highlights the importance of securing your seed phrase but lacks detailed guidance, particularly on security options. We offer comprehensive guides on how to protect a Coinbase seed phrase, a Trust Wallet seed phrase, and other crypto seed phrases to keep your digital assets secure.

Keep reading...Show less
Futuristic vault

How to generate a Seed Phrase.

Here are five ways to generate a seed phrase, with an in-depth discussion on the importance of randomness in ensuring security.

Your seed phrase is the very foundation of a modern digital wallet, and it is no exaggeration to say that seed phrases are at the heart of the cryptocurrency universe generally. But what is it? A seed phrase is a mnemonic code consisting of 12-24 words used to create or recover your crypto wallet. You may have heard it referred to as a backup phrase, recovery phrase, or mnemonic sentence.

Where do they come from? This article explains some common ways to generate seed phrases.

Key Points on How To Generate A Seed Phrase

When you have your own crypto wallet, you have a few choices for how to generate your seed phrase:

  • The Vault12 Guard app can generate a secure seed phrase for you.
  • You could let your digital wallet generate a seed phrase for you.
  • Or for very high security, you could "roll your own" seed phrase with dice or a calculator as offline methods.

It is extremely important that your seed phrase be randomly generated, so that it cannot be guessed or reverse-engineered.

1. How to generate a seed phrase with Vault12

Vault12 can help you to easily create an encrypted and distributed digital vault. The Vault12 Guard app secures all sorts of digital assets including cryptocurrency seed phrases, and can also generate your seed phrase for you. You can be absolutely sure that your seed phrase is generated safely and automatically backed up in a secure manner. To learn more about it, please read our guide.

2. How to generate a seed phrase with a calculator

Generating a seed phrase by using a calculator is done offline, which requires a bit of extra effort but eliminates the risk of some classes of potential online attacks. This introduces a small number of new risks, however: instead of using one device to generate your seed phrase, you'll need to use two devices: the calculator and an air-gapped computer. To create a seed phrase this way, you'll need a calculator that has a RANDOM function (for generating entropy). Learn more about generating a seed phrase using an offline calculator here.

3. How to generate a seed phrase with dice

A humble pair of dice can be used for a non-digital and completely offline method of seed phrase generation. To do this, you'll need dice, a pen and paper, and the BIP39 word list. This method is not for the faint-hearted - be prepared to do some math! You can use a single die if you want, but it is recommended to use multiple dice. You'll be creating entropy by generating a large set of random numbers by using the dice. Learn how to generate a seed phrase with dice here.

4. How to generate a seed phrase with software crypto wallets

With very few exceptions, most modern wallets will create your seed phrase for you when you create your wallet. This process is usually automatic, with limited options for setting the parameters of your seed phrase. For most users this one-time approach is sufficient, and it won't be thought of again.

Please take a look at the article, "Using crypto wallets to generate seed phrases" to get an overview of how seed generation is done inside wallets during the set up phase.

Optionally refer to our Crypto Wallet Guides for step-by-step instructions on how specific wallets accomplish this.

Please keep in mind, that in any potentially high net-worth use case, generating seed phrases manually on your own - especially offline - is an excellent choice since it offers much higher security and greater control over the process.

5. How to generate a seed phrase with hardware wallets

Hardware wallets provide an extra level of security compared to software wallets, and provide methods to generate a seed phrase locally (within the wallet itself). Hardware wallets strike an excellent compromise between usability and high security. Feel free to check out Vault12's "How-to" wallet guides to bring you through the steps needed to securely generate and back up seed phrases using hardware wallets.

Here are some hardware wallets that we recommend:

What goes on behind the scenes of generating a seed phrase?

In a nutshell, the process of generating a seed phrase starts with generating random data, called entropy. The entropy is then run through a hashing function - specifically SHA256 - to generate a checksum. Part of the checksum is then added to the random data. The resulting output is then split into chunks of 11 bits, where each 11-bit chunk maps to a single word on the BIP39 word list.

Confused about anything in the above paragraph? Don't worry, each step will be explained in an easy to understand format below. You can also get a higher-level understanding of seed phrase construction by checking out the article "What is BIP39?".

How much entropy should your seed phrase have? 

Generating a seed phrase HAS to begin with a RANDOM SOURCE OF DATA, otherwise an attacker could possibly steal funds by guessing or regenerating your seed phrase. Entropy is a measure of how random a set of data is.

Which offers more randomness: rolling 1 die, or rolling 2 dice? Since 2 dice have more possible outcomes, the randomness is higher. It is the same for your seed phrase. The more words that are in your seed phrase, the higher the entropy.

To successfully generate a seed phrase, the entropy generated has to fit certain parameters. The random data must be between 128 bits and 256 bits of entropy, and divisible by 32.

128 bits of entropy maps to a 12 word seed phrase

160 bits of entropy maps to a 15 word seed phrase

192 bits of entropy maps to an 18 word seed phrase

224 bits of entropy maps to a 21 word seed phrase

256 bits of entropy maps to a 24 word seed phrase

How are SHA256 and BIP39 word lists used to generate a seed phrase?

A hash function is a computer program that takes an input of data and returns a verifiable result, called a checksum. The input can be any source of data. Running the same hash function again on the same input data will always return the same checksum as the result.

For example, running your randomized source data of 128 bits of entropy through a hash function will always return the same result, so it can be used as a checksum. If the source data changes, you will get a different result from the hash function.

In this step, the random source data is run through the SHA256 hash function. The first X digits of the checksum are then added to the random source data/entropy, where X is equal to: (amount of bits of entropy / 32).

256 bits of entropy (256/32 = 8) - add the first 8 bits of the checksum to the random data

224 bits of entropy (224/32 = 7) - add the first 7 bits of the checksum to the random data

192 bits of entropy (192/32 = 6) - add the first 6 bits of the checksum to the random data

160 bits of entropy (160/32 = 5) - add the first 5 bits of the checksum to the random data

128 bits of entropy 128/32 = 4) - add the first 4 bits of the checksum to the random data

It's important to note that BIP39 generates the seed phrase from binary code, which is made up of 0's and 1's. However, the SHA256 hash function returns the checksum as a sequence of numbers and letters, called a hexadecimal. So in order to get the seed phrase, you have to convert the checksum from hexadecimal format to binary format.

Here's the next step: We slice the result into 11-bit chunks of data. Each 11-bit chunk of data will map to a word from the BIP39 word list

You have seen the word "bit" used a few times in this article. A bit represents 0's and 1's. It is the smallest representation of data we have, and it is expressed in a language our computers understand.

Your original source of random data (or entropy) plus the SHA256 checksum is divisible by 11. The BIP39 word list contains 2048 words, and each word on the list maps to 11 bits of data. In this next step, you break your entropy+checksum combo into sequential chunks of 11 bits.

It is important that you slice the 11-bit chunks in sequential order. This means going from left to right, every 11 bits is grouped together. Every 11 bits represents a word in your seed phrase, and the order of the words has to be correct.

The next step is to convert your 11-bit sequence into decimal format. This will give you a number that maps to the BIP39 word list. Now, in the correct order, map each 11-bit sequence to the matching word in the BIP39 word list. Finally, this is your seed phrase!

It's important to highlight that some word lists for BIP39 might start with 1. In code, the first number is always 0. This means that 2048 words are listed as 0-2047, not 1-2048. If your BIP39 word list starts with 1 instead of 0, you will need to subtract 1 from the word list numbers to get the correct word.

What are some different ways to perform Random Number Generation (RNG)?

Going back to generating your initial source of randomness: Once you generate the needed entropy, the remaining process of getting the seed phrase is simply math and cryptography. In practice, this means that when generating a seed phrase, the initial source of entropy is both the most important step, and also the step in which you have the most control over the result.

There are many ways to generate entropy: flipping a coin, rolling dice, dealing a deck of cards, recording ambient sound, and many more. The goal here is to get as close to true randomness as possible. If you are using a process that is not sufficiently random, an attacker could possibly recreate your seed phrase.

In the following sections of this article, we will cover different approaches for how to generate entropy, and thus generate your seed phrase.

What are the security considerations of generating your own seed phrase?

Taking control over the generation of your seed phrase provides an opportunity to increase the entropy of your seed phrase, thus increasing the security of your entire wallet. This does not come without risks - a single mistake can result in a less secure wallet, or even lost funds.

When generating your own seed phrase, security must be top-of-mind throughout the whole process. The most crucial part of generating your seed phrase rests with the generation of entropy, which is the first step of generating your seed phrase.

Your seed phrase can have 12, 15, 18, 21, or 24 words. Remember that the more words in your seed phrase, the higher the entropy, which results in higher security. A correctly generated 24-word seed phrase will ALWAYS produce a wallet that is more secure than a 12-word seed phrase. Many wallets today only produce 12-word seed phrases in their built-in wallet creation workflow - and given today's technology, 12-word seed phrases are still very secure. But a key concept here is 'correctly generated.' The only parameter that can be changed is the source of entropy. This is very important because if the source of entropy is corrupted, an attacker could potentially regenerate your wallet and steal your funds.

Generating entropy can be done manually or with a computer. Both methods have pros and cons, but when generating entropy, care must be taken to ensure that the process is done correctly and is free from outside manipulation or observation.

One example of manually generating entropy would be flipping a coin. But if an attacker gives you a coin that is weighted slightly in favor of heads, your initial source of entropy will have been corrupted.

When using a computer to generate entropy, the attack vectors (or corruption attempts) could be both over the internet and physically in-person. The computer being used should not be connected to the internet, as that could offer an opportunity for attackers to compromise the process. However, even if the device was ever connected to the internet, it could allow the possibility for this process to be compromised.

Part of being in a security mindset means limiting opportunities available for bad actors. A device not connected to the internet is considered to be air-gapped, and an attacker generally would have to be physically present at the device to be successful at manipulating its entropy generation capabilities.

Lastly, if you don't have a spare device that you can airgap, don't worry - you could use a "live" Linux environment. Many Linux operating systems are able to be run off of a portable USB stick or flash drive. These are called `live` distributions and they're released with verification signatures, so you can easily verify that the operating system has not been tampered with. We recommend Tails OS - a portable OS that protects against surveillance and censorship. To run the operating system, just plug in the flash drive and boot it up. When you're done, simply remove the flash drive and return to your normal operating system. This very temporary lifecycle of a "live" Linux distribution reduces the window of opportunity for even the cleverest bad actor to access and compromise it.

Back up your Recovery Phrase or add an asset using Vault12.

If you already have a Guard Digital Vault and a Seed Phrase, these steps show how to store your Seed Phrase as an Asset.

There are many ways to back up a seed phrase, and here we will show you how you can use the Vault12 Guard app to back up a seed phrase from your preferred wallet.

To back up a seed phrase using the Vault12 Guard app, you will need to complete the following steps:

  1. Using the Guard app, create and set up a Digital Vault.
  2. Add an Asset to your Vault, e.g., "Add Web3 Wallet."
  3. Using the Web3 Wallet, generate your Seed Phrase.
  4. Using the Guard app, save the Seed Phrase or backup code into your Vault.

Confirm your Digital Vault setup

In order to back up a seed phrase, you must have a working Digital Vault. If you have not created a Digital Vault and assigned Guardians to protect it, you can easily do that by following these instructions first.

After you have created a Vault, from the Guard app's Home screen, add an asset to your vault by tapping on "Add a Web3 Wallet."

 

Vault app main Welcome screen

Add an Asset to your Digital Vault

Alternatively, you could start from the app's "My Vault" screen, by tapping the Add an Asset button, or the [ + ] button in the upper right corner, and then choosing Web3 Wallet.

 

Vault app "My Vault" screen (empty vault)

Choose your Wallet type

On the next screen, you will be able to choose the wallet vendor you are backing up from (or which you plan to use). By identifying the wallet vendor, it is easy for you to distinguish multiple seed phrases and private keys that you may accumulate in your Vault in the future.

When you select a wallet type, you can choose from all major vendors of software and hardware wallets.

 

Vault app "Add a Web3 Wallet" screen

Choose a display format for your Seed Phrase backup

Now, you need to select the format in which you want to store your seed phrase - word-by-word or free-text format. The 'Enter each word" option presents the words in your seed phrase as a formatted list. The "Free-form text" option allows you to enter your seed words in whatever way you choose.
There are also Advanced options in case you want to securely generate a new seed with the Vault12 Guard app, or import your seed backup as a file or as a photo of your paper backup.

 

Vault app "Add seed phrase" screen

Prepare to add a Seed Phrase to your Vault 

Create or open your Web3 wallet, and display your seed phrase. Often, right after you set up your wallet, it will ask you to back up your Seed Phrase - this is the best time to add it to your Vault. Confirm how many words your seed phrase contains (for example, 12), and select that option in the Vault12 app.

 

Example 12-word recovery phrase in a wallet

 

Wallet configuration screen with 12, 18, 24 word options

Carefully enter your Seed Phrase into your Vault

Carefully enter your Seed Phrase into your Vault, word by word, in order, until all words have been entered. You can copy/paste the whole seed phrase if your wallet provides such an option. Be sure to double-check your entry against what you see in your wallet. (You may even want to triple-check! )

"Enter each word" option

Wallet recovery phrase entry screen word-by-word"Enter each word" option

"Free-form text" option

Wallet recovery phrase entry screen freeform"Free-form text" option

Name your Asset, and store it in your Vault

Once you have entered all of the words and clicked the "Done" and "Continue" buttons, you have the option to give your Wallet's Asset a unique name (otherwise it will be stored with the name of the Wallet vendor chosen before).

Also, if you already set up the Guardians for your Vault, there will be a choice between creating an Asset Backup using your Guardians only, or "Guardian Backup + local copy" of the Asset too. Having a local copy might be convenient in case you need regular and prompt access to this seed phrase, however choosing "Guardian Backup only" is more appropriate for cold storage and higher security needs.
Finally, press the "Add to Vault" button, to store the Asset.

 

Vault app "Save your Asset" screen

Your Vault distributes a Backup of your Asset to your Guardians

After you tap "Add to Vault," the app will bring you to the main "My Vault" screen, showing you the newly added Asset. You can check the status of the backup by tapping on the Asset.

After the seed phrase is stored in your Vault, it will be encrypted, split, and distributed to your Guardians (if you already set up the Guardians for your Vault). In case you choose not to store a local copy, the asset will be locked after distribution to Guardians is complete.

"My Vault" with added Asset

Vault app showing list of Assets"My Vault" with added Asset

Asset Details: Backup status

Vault app showing Asset detail"Asset Details" and backup distribution status

Access and unlock Seed Phrase Asset

By default, your Asset will remain locked. To unlock and access your Seed Phrase, check out this article.

Once unlocked, your Asset's Seed Phrase will be temporarily displayed so that you can enter it into a new wallet.

Note: The asset will automatically lock after 2 hours.

View all articles

Wallet Guides

Articles on crypto security how to's e.g how to secure, back up, and inherit all your cryptoassets such as Bitcoin, Ethereum, crypto, private keys, seed phrases, NFTs, digital art, DAOs, and DeFi tokens. Start here to learn the basics about security risks in Web3, and where to learn more about keeping your cryptoassets secure.

View all articles

Ledger Stax and Ledger Nano X Wallets: Which is right for you?

The right wallet for you depends on your design preferences and price sensitivity

When choosing hardware wallets, many crypto users base their decisions on day-to-day asset management needs and perceived device security. However, savvy crypto users first consider a wallet's ability to handle long-term security scenarios. Long-term security includes expected essentials like backup and recovery tools, and also often-overlooked features related to secure and fault-proof third-party recovery. You can think of third-party recovery as your ability to allow crypto assets to be inherited by successors. Successful crypto users require a comprehensive security strategy for the full life cycle of crypto assets. This article will help you achieve that.

Let's jump into helping you understand the pros and cons of the Ledger Stax and Ledger Nano X hardware wallets for day-to-day activities, as well as their potential to safeguard the long-term security and longevity of your assets.

Overview

The Ledger Stax and Ledger Nano X both provide a wide variety of reliable security features and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios. However, several differences are clear:

Ledger Stax

  • Mobile-Centric Usability: Designed with mobility in mind, the Ledger Stax features wireless connectivity options like Bluetooth and NFC, making it highly compatible with mobile platforms. Stax also has a longer battery life (up to 10 hours versus Nano X's 5).
  • Premium Design: Its unconventionally large display enhances readability, though it comes with slightly slower responsiveness.
  • Price Point: Positioned as a premium product, its cost reflects its advanced features and sleek design.

Ledger Nano X

  • Mobile-Centric Usability: Offers Bluetooth connectivity — works with or without a cable, at least with smartphones.
  • Design: A bit more compact than Stax. User input is via buttons, not touchscreen.
  • Price Point: Not so overpriced.

In terms of crypto asset longevity features, such as backup, recovery, and crypto inheritance, both devices provide industry-standard and proprietary options with certain trade-offs, as well as compatibility with third-party solutions like Vault12 Guard for succession planning scenarios.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Approach to comparison

When choosing the best hardware wallet for cryptocurrency security, you may wonder:

  • Which is better, the Ledger Stax or the Ledger Nano X?
  • How easy to use are these wallets?
  • How do their security features compare?
  • Do these wallets have vulnerabilities, and have they been hacked?
  • What happens if your wallet is lost or stolen?
  • How do these wallets accomodate user errors, and complex scenarios like inheritance of crypto assets?

This article compares important characteristics for these two popular wallets. We’ll break down the strengths and weaknesses of each, focusing on security, ease of use, and backup and recovery methods.

By the end of this comparison, you’ll clearly understand which wallet is right for you, as well as how to recover your crypto assets in case of accidents.

What happens if your wallet is lost or stolen?

Wise wallet owners recognize the critical importance of crypto recovery before they find themselves in an unexpected bind! That's why it's important to understand the fundamental topic of crypto asset longevity, including features such as backup, recovery, and inheritance for crypto assets. These considerations are central to long-term planning.

Technical security is paramount, but in the world of crypto, the degree to which backup and recovery solutions are foolproof for users is at least equally important. Here are the backup and recovery options for these two wallets:

Ledger Stax

Ledger Nano X

Backup & Recovery methods

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Optional paid subscription

Ledger Recover, a centralized 3rd-party cloud service, highly criticized by the crypto community. Clouds are not safe — especially when operated by multiple 3rd parties.

Ledger Recover, a centralized 3rd-party cloud service, highly criticized by the crypto community. Clouds are not safe — especially when operated by multiple 3rd parties.

How do these wallets handle Crypto Inheritance?

Crypto Inheritance Features

Currently, most hardware wallets, including the Ledger Stax and Ledger Nano X, lack any features for establishing and managing crypto inheritance. This gap presents a challenge for users who want to be sure that their crypto assets can be transferred to their heirs.

Ledger Stax

Ledger Nano X

Backup

- Written only
- Optional 3rd party KYC-based cloud

- Written only

- Optional 3rd party KYC-based cloud

Inheritance

No

No

Decentralized backup with Vault12

Yes

Yes

Inheritance Management with Vault12

Yes

Yes

Backup and recovery differentiators

Ledger Stax and Ledger Nano X both have similar recovery service Disadvantages:

  • The optional Ledger Recover backup service is a paid service provided by three corporations that each hold parts of the user’s seed phrase in a Cloud. This introduces risks, as the seed phrase could potentially be accessed via subpoena; or business partners could terminate agreements or become involved in lawsuits that result in locked data or resources (like, for example, Gemini and Genesis). These scenarios contain multiple potential points of failure, and should be taken into account.
  • Very important detail: The terms of the optional Ledger Recover service do not mention support for inheritance, meaning any unfortunate accident related to the user will make crypto assets unrecoverable for his or her successors. Ledger itself suggests using 3rd-party crypto inheritance services for those purposes.

Ledger Stax and Ledger Nano X both have similar recovery service Advantages:

  • People have different preferences. If a user is comfortable trusting a bank with their assets, they may also feel confident using Ledger Recover for securing their seed phrase backup (even though Ledger is not providing the entire cloud backup solution).
Image of user holding a mobile phone and using Ledger Stax as FIDO U2F security keyUser holding a mobile phone and using Ledger Stax as FIDO U2F security key

How easy are these crypto wallets to use?

Let's compare the key aspects of both wallets side by side, and then summarize what really stands out for user convenience:

Ledger Stax

Ledger Nano X

Display

3,7” black and white E Ink,
672 x 400 pixels

1” Monochrome OLED,
128 x 64 pixels

Input interface

Touchscreen

2 click buttons

Cable

USB-C

USB-C

Wireless

Bluetooth,
NFC

Bluetooth

Companion Apps

macOS, Windows, Linux, Android, iOS

macOS, Windows, Linux, Android, iOS

3rd party wallets and dapps support

50+

50+

Password manager & 2FA

FIDO2 2FA & Passkeys,
Password Manager

FIDO2 2FA & Passkeys,Password Manager

Product size & weight

85 x 54 x 6 mm / 45g

72 x 19 x 12 mm / 34g

Convenience features

Battery (Up to 10 hours in use)

Battery (Up to 5 hours in use)

Number of supported coins

5,500+

5,500+

Price

$399

$149

Crypto wallet user experience differences

Ledger Nano X with Smartphone UXLedger Nano X with Smartphone UX

Ledger Stax UX Disadvantages:

  • The display has a noticeable response delay due to the "E Ink" touchscreen technology, and could be irritating.
  • Not all apps are ported to Stax yet. Even the native Passwords app still has no release date identified as of this article's publish date, so check in advance whether your favorite network/coin is supported.
  • Extremely expensive. The value in Stax is more about design, rather than practical aspects.

Ledger Stax UX Advantages:

  • Huge informative display and "Clear Signing" allows you to review and confirm all transaction details directly on Ledger Stax and in a human-readable language before they are signed and sent. This enhances security and ensures that you see exactly what you are approving in a secure and tamper-proof manner.
  • Offers Bluetooth connectivity as well as NFC — works with or without a cable, at least with smartphones.
  • Wide support for third-party wallets and dapps, allowing the Ledger Stax to sign transactions directly in MetaMask, Uniswap, and other platforms without relying on Ledger Live software. This is a huge advantage for DeFi users.

Ledger Nano X Disadvantages:

  • The display is literally the size of a coin: very uncomfortable to use.
  • Requires two-handed operation, making it difficult to use with a phone simultaneously — contrary to some misleading ads.
  • The buttons are stiff, making operations cumbersome.
  • No NFC.

Ledger Nano X Advantages:

  • A bit more compact than Stax while also offering Bluetooth connectivity — works with or without a cable, at least with smartphones.
  • Wide support for third-party wallets and dapps, allowing the Ledger Nano X to sign transactions directly in MetaMask, Uniswap, and other platforms without relying on Ledger Live software. This is a huge advantage for DeFi users.
  • Not so overpriced.

How do these wallets' security features compare?

Now, we dive deeper into the core specification of every hardware wallet: security features.

Ledger StaxLedger Nano X
PIN-code 4 - 8 digits 4 - 8 digits
BIP39 Passphrase Yes Yes
Open-source Partial Partial
Secure Element Yes Yes
Multisignature Yes Yes

Crypto wallet security feature differentiators

Ledger Stax and Ledger Nano X both have similar security feature Disadvantages:

  • Critical components like the Secure Element and its operating system are closed-source. This raises concerns, especially after the controversial introduction of the Ledger Recover backup service, which challenged the previous assumption that the Secure Element could never transmit the recovery seed phrase outside the hardware wallet.

Ledger Stax and Ledger Nano X both have similar security feature Advantages:

  • Includes a Secure Element, giving Ledger devices a strong reputation for withstanding physical attacks. This is important for users who prefer not to complicate their security with BIP39 passphrases, prioritizing ease of use.
  • Clear Signing is also a security feature.

Have there been vulnerabilities or hacks of these wallets?

There have been some vulnerabilities and hacks associated with Ledger products in the past — let's consider their "hack history." While relatively secure, most crypto wallets — even hardware wallets — can not provide perfect security, and are routinely subject to malware, supply chain, and firmware vulnerabilities. Here are some recent notable incidents:


Ledger Vulnerabilities:

  1. The Connect Kit Attack (2023): The Connect Kit breach was discovered by the security teams of Ledger.
  2. Ledger User Data Breach (2020): A major data breach exposed the personal information of thousands of customers, leading to phishing attacks.
  3. Another User Data Breach (2021): Ledger announced on Twitter that it has been targeted by rogue Shopify team members who exported over 200 merchants’ customer databases.
  4. Ledger Live (2020): Users were exposed to basic double spending attacks, amplified double spending attacks, and DoS attacks without user consent.
  5. Potential Supply Chain Attack Vulnerability (2020): Kraken Security Labs Identifies Supply Chain Attacks Against Ledger Wallets.

No software is perfect, and no wallet is ideal. However, some designs have been compromised more than others.

Summary of Ledger Stax and Ledger Nano X Comparison

The Ledger Stax and Ledger Nano X both provide a respectable set of security measures, and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios.

The Ledger Stax is more mobile-friendly, and offers a balance of security and convenience features at a very premium price. It offers an unconventionally large display with delayed response, with the advantage of wireless connectivity options like Bluetooth.

On the other hand, the Ledger Nano X, at a lower price point, is still mobile-friendly and offers a balance of security and convenience features. It offers a small display and uncomfortable input, but still has the advantages of a Secure Element and wireless connectivity options like Bluetooth.

The decision between the two will likely hinge on individual preferences for the target user interface with screen, and should take into account the planned frequency of use.

Whichever you choose, remember to add crypto inheritance to your choice of wallet to ensure the long-term safety of your digital assets. Both the Ledger Stax and Ledger Nano X are compatible with Vault12 Guard Inheritance planning.


Vault12 Guard: a decentralized solution for Crypto Inheritance

Vault12 is the pioneer in Crypto Inheritance Management, and delivers an easy-to-use and securemethod for assigning a legacy contact to your crypto wallets. This enables you to pass on your wallet seed phrases and private keys for all types of digital assets to future generations. Vault12 Guard is designed for everyday people, yet strong enough for Crypto OGs.

Vault12 Guard has a uniquely-secure design. Utilizing advanced encryption and decentralized storage, it ensures that crypto assets are not only safe but also transferable under predefined conditions, filling a critical need unmet by most traditional hardware wallets. Vault12 Guard applies a hybrid approach of software fused with the hardware-based Secure Element of phone devices (The Secure Enclave for iOS devices, and Strongbox for Google devices). Vault12 Guard's decentralized design reduces possible points of failure. Nothing is stored on cloud servers or Vault12 servers, and no assets are stored on local devices, making them less of a target.

From a user perspective, the Vault12 Guard app asks users to appoint one or more people (or mobile devices) as Guardians. The designated Guardians are entrusted to protect the user's comprehensive collection of wallet seed phrases and private keys, which are safely stored within a decentralized digital Vault. Its simple, user-friendly workflow removes the necessity for regularly revising wallet inventories or modifying instructions for your lawyers — a process that otherwise could lead to privacy breaches.

Both the Ledger Stax and Ledger Nano X are compatible with Vault12 Guard Inheritance. This addresses the seed phrase backup dilemma for any hardware wallet. It also makes less-secure backup methods, such as paper or steel plates, unnecessary.

Comparison of Ledger Stax and Ledger Nano X

How to choose between the Ledger Stax and Trezor Safe 5 Wallets

The right wallet for you depends on your mobility needs, design preferences, and price sensitivity

When choosing hardware wallets, many crypto users base their decisions on day-to-day asset management needs and perceived device security. However, savvy crypto users first consider a wallet's ability to handle long-term security scenarios. Long-term security includes expected essentials like backup and recovery tools, and also often-overlooked features related to secure and fault-proof third-party recovery. You can think of third-party recovery as your ability to allow crypto assets to be inherited by successors. Successful crypto users require a comprehensive security strategy for the full life cycle of crypto assets. This article will help you achieve that.

Let's jump into helping you understand the pros and cons of the Ledger Stax and Trezor Safe 5 hardware wallets for day-to-day activities, as well as their potential to safeguard the long-term security and longevity of your assets.



Overview

The Ledger Stax and Trezor Safe 5 both provide a wide variety of reliable security features and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios. However, several differences are clear:

Ledger Stax

  • Mobile-Centric Usability: Designed with mobility in mind, the Ledger Stax features wireless connectivity options like Bluetooth, making it highly compatible with mobile platforms.
  • Premium Design: Its unconventionally large display enhances readability, though it comes with slightly slower responsiveness.
  • Price Point: Positioned as a premium product, its cost reflects its advanced features and sleek design.

Trezor Safe 5

  • Open-Source Transparency: Built on an NDA-free framework (full disclosure), Trezor Safe 5 emphasizes trust through transparency, appealing to users who value open-source security.
  • Simplified Connectivity: Limited to USB connections, it offers reliable functionality for desktop and Android users only.
  • Affordable Access: At a much lower price point, it delivers solid security and usability without the premium cost.

In terms of crypto asset longevity features, such as backup, recovery, and crypto inheritance, both devices provide industry-standard and proprietary options with certain trade-offs, as well as compatibility with third-party solutions like Vault12 Guard for succession planning scenarios.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Approach to comparison

When choosing the best hardware wallet for cryptocurrency security, you may wonder:

  • Which is better, the Ledger Stax or the Trezor Safe 5?
  • How easy to use are these wallets?
  • How do their security features compare?
  • Do these wallets have vulnerabilities, and have they been hacked?
  • What happens if your wallet is lost or stolen?
  • How do these wallets accomodate user errors, and complex scenarios like inheritance of crypto assets?

This article compares important characteristics for these two popular wallets. We’ll break down the strengths and weaknesses of each, focusing on security, ease of use, and backup and recovery methods.

By the end of this comparison, you’ll clearly understand which wallet is right for you, as well as how to recover your crypto assets in case of accidents.

What happens if your wallet is lost or stolen?

Wise wallet owners recognize the critical importance of crypto recovery before they find themselves in an unexpected bind! That's why it's important to understand the fundamental topic of crypto asset longevity, including features such as backup, recovery, and inheritance for crypto assets. These considerations are central to long-term planning.

Technical security is paramount, but in the world of crypto, the degree to which backup and recovery solutions are foolproof for users is at least equally important. Here are the backup and recovery options for these two wallets:

Ledger Stax

Trezor Safe 5

Backup & Recovery methods

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Optional paid subscription

Ledger Recover, a centralized 3rd-party cloud service, highly criticized by the crypto community. Clouds are not safe — especially when operated by multiple 3rd parties.

No.

How do these wallets handle Crypto Inheritance?

Crypto Inheritance Features

Currently, most hardware wallets, including the Ledger Stax and Trezor Safe 5, lack any features for establishing and managing crypto inheritance. This gap presents a challenge for users who want to be sure that their crypto assets can be transferred to their heirs.

Ledger Stax

Trezor Safe 5

Backup

- Written only
- Optional 3rd party KYC-based cloud

- Written only

- Manual sharing of shards

Inheritance

No

No

Decentralized backup with Vault12

Yes

Yes

Inheritance Management with Vault12

Yes

Yes

Backup and recovery differentiators

Ledger Stax Recovery Disadvantages:

  • The optional Ledger Recover backup service is a paid service provided by three corporations that each hold parts of the user’s seed phrase in a Cloud. This introduces risks, as the seed phrase could potentially be accessed via subpoena; or business partners could terminate agreements or become involved in lawsuits that result in locked data or resources (like, for example, Gemini and Genesis). These scenarios contain multiple potential points of failure, and should be taken into account.
  • Very important detail: The terms of the optional Ledger Recover service do not mention support for inheritance, meaning any unfortunate accident related to the user will make crypto assets unrecoverable for his or her successors. Ledger itself suggests using 3rd-party crypto inheritance services for those purposes.

Ledger Stax Recovery Advantages:

  • People have different preferences. If a user is comfortable trusting a bank with their assets, they may also feel confident using Ledger Recover for securing their seed phrase backup (even though Ledger is not providing the entire Cloud backup solution).

Trezor Safe 5 Recovery Disadvantages:

  • Trezor has a Multishare backup service, but it is fully manual, and challenging to maintain. The user is responsible for generating, distributing, and keeping track of the encrypted shards.

Trezor Safe 5 Recovery Advantages:

  • Trezor offers the Multishare backup option for those who are able and willing to set it up.

How easy are these crypto wallets to use?

Image of user holding a mobile phone and using Ledger Stax as FIDO U2F security key

User holding a mobile phone and using Ledger Stax as FIDO U2F security key

Let's compare the key aspects of both wallets side by side, and then summarize what really stands out for user convenience:

Ledger Stax

Trezor Safe 5

Display

3,7” black and white E Ink,
672 x 400 pixels

1.54" Color LCD,
240 x 240 pixels

Input interface

Touchscreen

Touchscreen, Haptic feedback

Cable

USB-C

USB, MicroSD card slot

Wireless

Bluetooth 5.2

No

Companion Apps

macOS, Windows, Linux, Android, iOS

macOS, Windows, Linux, Android
iOS (View-only)

3rd party wallets and dapps support

50+

9+

Password manager & 2FA

FIDO2 2FA & Passkeys,
Password Manager

FIDO2 2FA

Product size & weight

85 x 54 x 6 mm / 45g

66 x 40 x 8 mm / 23g

Convenience features

Battery (Up to 10 hours in use)

Magnetic dock

Number of supported coins

5,500+

1,600+

Price

$399

$165

 

Image of Trezor Safe 5 wallet and desktop software

Trezor Safe 5 wallet and desktop software

Crypto wallet user experience differences

Ledger Stax UX Disadvantages:

  • The display has a noticeable response delay due to the "E Ink" touchscreen technology, and could be irritating.
  • Not all apps are ported to Stax yet. Even the native Passwords app still has no release date identified as of this article's publish date, so check in advance whether your favorite network/coin is supported.
  • Extremely expensive. The value in Stax is more about design, rather than practical aspects.

Ledger Stax UX Advantages:

  • Huge informative display and "Clear Signing" allows you to review and confirm all transaction details directly on Ledger Stax and in a human-readable language before they are signed and sent. This enhances security and ensures that you see exactly what you are approving in a secure and tamper-proof manner.
  • Offers Bluetooth connectivity — works with or without a cable, at least with smartphones.
  • Wide support for third-party wallets and dapps, allowing the Ledger Stax to sign transactions directly in MetaMask, Uniswap, and other platforms without relying on Ledger Live software. This is a huge advantage for DeFi users.

Trezor Safe 5 UX Disadvantages:

  • No wireless connectivity: you always have to use a cable.
  • iOS integration is view-only: you can watch your balance, but can't send transactions from iOS apps.

Trezor Safe 5 UX Advantages:

  • The display is easy to read and convenient to use on a regular basis.
  • The touchscreen and input are very well-thought-out experiences on Trezor Safe 5 — you can use them without any discomfort.

How do these wallets' security features compare?

Now, we dive deeper into the core specification of every hardware wallet: security features.

Ledger StaxTrezor Safe 5
PIN-code 4 - 8 digits up to 50 digits
BIP39 Passphrase Yes Yes
Open-source Partial Full
Secure Element Yes Yes, and it's NDA-free
Multisignature Yes Yes

Crypto wallet security feature differentiators

Image of Trezor Safe 5 with a void sticker on it - security seal of genuineness

Trezor Safe 5 with a void sticker on it - security seal of genuineness

Ledger Stax Security Disadvantages:

  • Critical components like the Secure Element and its operating system are closed-source. This raises concerns, especially after the controversial introduction of the Ledger Recover backup service, which challenged the previous assumption that the Secure Element could never transmit the recovery seed phrase outside the hardware wallet.

Ledger Stax Security Advantages:

  • Includes a Secure Element, giving Ledger devices a strong reputation for withstanding physical attacks. This is important for users who prefer not to complicate their security with BIP39 passphrases, instead prioritizing ease of use.
  • Clear Signing is also a security feature.

Trezor Safe 5 Security Disadvantages:

  • Trezor does not fully rely on open-source software and hardware, but mitigates this limitation architecturally, so that the seed phrase is not touched by any closed-source software on the device.

Trezor Safe 5 Security Advantages:

  • Along with this new flagship product, Trezor introduces Secure Element chips, raising the security bar. More importantly, its Secure Elements are "NDA-free," which is good: the chips are not bound by Non-Disclosure Agreements (NDAs) that could restrict Trezor from publicly discussing any security flaws.
  • The Secure Element is responsible for verifying device authenticity via secure boot protection, and for storing a part of the secret that is used to decrypt the recovery seed (but it never actually knows what your recovery seed is).
  • Allows for longer PIN codes, which might appeal to particularly cautious users.

Have there been vulnerabilities or hacks of these wallets?

Given that both of these products under review are very new, we will examine their manufacturers' histories of hacks. There have been vulnerabilities and hacks associated with both the Ledger and Trezor products.

While relatively secure, most crypto wallets — even hardware wallets — can not provide perfect security, and are routinely subject to malware, supply chain, and firmware vulnerabilities. Here are some recent notable incidents:

Ledger Vulnerabilities:

  1. The Connect Kit Attack (2023): The Connect Kit breach was discovered by the security teams of Ledger.
  2. Ledger User Data Breach (2020): A major data breach exposed the personal information of thousands of customers, leading to phishing attacks.
  3. Another User Data Breach (2021): Ledger announced on Twitter that it has been targeted by rogue Shopify team members who exported over 200 merchants’ customer databases.
  4. Ledger Live (2020): Users were exposed to basic double spending attacks, amplified double spending attacks, and DoS attacks without user consent.
  5. Potential Supply Chain Attack Vulnerability (2020): Kraken Security Labs Identifies Supply Chain Attacks Against Ledger Wallets.

Trezor Vulnerabilities:

  1. Ability to Physically Hack Trezor T Wallet (2023): Crypto Security Firm Unciphered Claims Ability to Physically Hack Trezor T Wallet
  2. Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets (2019): Ledger’s Attack Lab has found five vulnerabilities in hardware wallets of its direct competitor Trezor.
  3. Kraken Identifies Critical Flaw in Trezor Hardware Wallets (2020): Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T.
No software is perfect, and no wallet is ideal. However, some designs have been compromised more than others.

Summary of Ledger Stax and Trezor Safe 5 Comparison

The Ledger Stax and Trezor Safe 5 both provide a respectable set of security measures, and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios.

The Ledger Stax is more mobile-friendly, and offers a balance of security and convenience features at a very premium price. It offers an unconventionally-large display with delayed response, with the advantage of wireless connectivity options like Bluetooth.

On the other hand, the Trezor Safe 5, at a much lower price, boasts a more open-source and NDA-free framework, a reasonably-sized display with colors, and a touchscreen interface for enhanced user interaction. However, it has fewer convenience features: it works only with USB connections, and is missing iOS integration.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Whichever you choose, remember to add crypto inheritance to your choice of wallet to ensure the long-term safety of your digital assets. Both the Ledger Stax and Trezor Safe 5 are compatible with Vault12 Guard Inheritance planning.


Vault12 Guard: a decentralized solution for Crypto Inheritance

Vault12 is the pioneer in Crypto Inheritance Management, and delivers an easy-to-use and securemethod for assigning a legacy contact to your crypto wallets. This enables you to pass on your wallet seed phrases and private keys for all types of digital assets to future generations. Vault12 Guard is designed for everyday people, yet strong enough for Crypto OGs.

Vault12 Guard has a uniquely-secure design. Utilizing advanced encryption and decentralized storage, it ensures that crypto assets are not only safe but also transferable under predefined conditions, filling a critical need unmet by most traditional hardware wallets. Vault12 Guard applies a hybrid approach of software fused with the hardware-based Secure Element of phone devices (The Secure Enclave for iOS devices, and Strongbox for Google devices). Vault12 Guard's decentralized design minimizes possible points of failure. Nothing is stored on Cloud servers or Vault12 servers, and no assets are stored on local devices, making them less of a target.

From a user perspective, the Vault12 Guard app asks users to appoint one or more people (or mobile devices) as Guardians. The designated Guardians are entrusted to protect the user's comprehensive collection of wallet seed phrases and private keys, which are safely stored within a decentralized digital Vault. Its simple, user-friendly workflow removes the necessity for regularly revising wallet inventories or modifying instructions for your lawyers — a process that otherwise could lead to privacy breaches.

Both the Ledger Stax and Trezor Safe 5 are compatible with Vault12 Guard Inheritance. This addresses the seed phrase backup dilemma for any hardware wallet. It also makes less-secure backup methods, such as paper or steel plates, unnecessary.

Comparison of Ledger Stax and Trezor Safe 5

Which is better, the Ledger Nano X or Trezor Model T Wallet?

The right wallet for you depends on your mobile and interoperability needs

When choosing hardware wallets, many crypto users base their decisions on day-to-day asset management needs and perceived device security. However, savvy crypto users first consider a wallet's ability to handle long-term security scenarios. Long-term security includes expected essentials like backup and recovery tools, and also often-overlooked features related to secure and fault-proof third-party recovery. You can think of third-party recovery as your ability to allow crypto assets to be inherited by successors. Successful crypto users require a comprehensive security strategy for the full life cycle of crypto assets. This article will help you achieve that.

Let's jump into helping you understand the pros and cons of the Ledger Nano X and Trezor Model T for day-to-day activities, as well as their potential to safeguard the long-term security and longevity of your assets.

Overview

The Ledger Nano X and Trezor Model T both provide a wide variety of reliable security features and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios. However, several differences are clear:

Ledger Nano X

  • Mobile-Centric Usability: Offers Bluetooth connectivity — works with or without a cable, at least with smartphones.
  • General Usability: Wider interoperability with wallets, coins, and apps.
  • Design: Compact. User input is via buttons, not touchscreen.
  • Price Point: About the same.

Trezor Model T

  • Mobile-Centric Usability: No Bluetooth connectivity. iOS app is view-only.
  • General Usability: Smaller set of wallets, coins, and apps.
  • Design: The touchscreen and input are very well-thought-out experiences.
  • Price Point: About the same.
In terms of crypto asset longevity features, such as backup, recovery, and crypto inheritance, both devices provide industry-standard and proprietary options with certain trade-offs, as well as compatibility with third-party solutions like Vault12 Guard for succession planning scenarios.


The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Approach to comparison

When choosing the best hardware wallet for cryptocurrency security, you may wonder:

  • Which is better, the Ledger Nano X or the Trezor Model T?
  • How easy to use are these wallets?
  • How do their security features compare?
  • Do these wallets have vulnerabilities, and have they been hacked?
  • What happens if your wallet is lost or stolen?
  • How do these wallets accomodate user errors, and complex scenarios like inheritance of crypto assets?

This article compares important characteristics for these two popular wallets. We’ll break down the strengths and weaknesses of each, focusing on security, ease of use, and backup and recovery methods.

By the end of this comparison, you’ll clearly understand which wallet is right for you, as well as how to recover your crypto assets in case of accidents.

What happens if your wallet is lost or stolen?

Wise wallet owners recognize the critical importance of crypto recovery before they find themselves in an unexpected bind! That's why it's important to understand the fundamental topic of crypto asset longevity, including features such as backup, recovery, and inheritance for crypto assets. These considerations are central to long-term planning.

Technical security is paramount, but in the world of crypto, the degree to which backup and recovery solutions are foolproof for users is at least equally important. Here are the backup and recovery options for these two wallets:


Ledger Nano X

Trezor Model T

Backup & Recovery methods

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Optional paid subscription

Ledger Recover, a centralized 3rd-party cloud service, highly criticized by the crypto community. Clouds are not safe — especially when operated by multiple 3rd parties.

No.

How do these wallets handle Crypto Inheritance?

Crypto Inheritance Features

Currently, most hardware wallets, including the Ledger Nano X and Trezor Model T, lack any features for establishing and managing crypto inheritance. This gap presents a challenge for users who want to be sure that their crypto assets can be transferred to their heirs.

Ledger Nano X

Trezor Model T

Backup

- Written only
- Optional 3rd party KYC-based cloud

- Written only

- Manual sharing of shards

Inheritance

No

No

Decentralized backup with Vault12

Yes

Yes

Inheritance Management with Vault12

Yes

Yes

Backup and recovery differentiators

Ledger Nano X Recover service Disadvantages:

  • The optional Ledger Recover backup service is a paid service provided by three corporations that each hold parts of the user’s seed phrase in a Cloud. This introduces risks, as the seed phrase could potentially be accessed via subpoena; or business partners could terminate agreements or become involved in lawsuits that result in locked data or resources (like, for example, Gemini and Genesis). These scenarios contain multiple potential points of failure, and should be taken into account.
  • Very important detail: The terms of the optional Ledger Recover service do not mention support for inheritance, meaning any unfortunate accident related to the user will make crypto assets unrecoverable for his or her successors. Ledger itself suggests using 3rd-party crypto inheritance services for those purposes.

Ledger Nano X Recover service Advantages:

  • People have different preferences. If a user is comfortable trusting a bank with their assets, they may also feel confident using Ledger Recover for securing their seed phrase backup (even though Ledger is not providing the entire cloud backup solution).

Trezor Model T backup Disadvantages:

  • Trezor has a Multishare backup service, but it is fully manual, and challenging to maintain. The user is responsible for generating, distributing, and keeping track of the encrypted shards.

Trezor Model T backup Advantages:

  • Trezor does offer a Multishare backup option for those who are able and willing to set it up.

How easy are these crypto wallets to use?

Let's compare the key aspects of both wallets side by side, and then summarize what really stands out for user convenience:

Ledger Nano X

Trezor Model T

Display

1” Monochrome OLED,
128 x 64 pixels

1.54" Color LCD,
240 x 240 pixels

Input interface

2 click buttons

Touchscreen

Cable

USB-C

USB, MicroSD card slot

Wireless

Bluetooth

No

Companion Apps

macOS, Windows, Linux, Android, iOS

macOS, Windows, Linux, Android
iOS (View only)

3rd party wallets and dapps support

50+

9+

Password manager & 2FA

FIDO2 2FA & Passkeys, Password Manager

FIDO2 2FA

Product size & weight

72 x 19 x 12 mm / 34g

64 x 39 x 10 mm / 22g

Convenience features

Battery (Up to 5 hours in use)

Magnetic dock

Number of supported coins

5,500+

1,600+

Price

$149

$149

Crypto wallet user experience (UX) differences

Ledger Nano X with Smartphone UX

Ledger Nano X with Smartphone UX

Ledger Nano X Disadvantages:

  • The display is literally the size of a coin: very uncomfortable to use.
  • Requires two-handed operation, making it difficult to use with a phone simultaneously — contrary to some misleading ads.
  • The buttons are stiff, making operations cumbersome.

Ledger Nano X Advantages:

  • Offers Bluetooth connectivity — works with or without a cable, at least with smartphones.
  • Wide support for third-party wallets and dapps, allowing the Ledger Nano X to sign transactions directly in MetaMask, Uniswap, and other platforms without relying on Ledger Live software. This is a huge advantage for DeFi users.

Trezor Model T Disadvantages:

  • No wireless connectivity: you always have to use a cable.
  • iOS is a balance view-only app, so you can't send transactions from iOS.

Trezor Model T Advantages:

  • The display is much more convenient to work with on a regular basis, and easy to read.
  • The touchscreen and input are very well-thought-out experiences on Trezor Model T — you can use it without any discomfort.

How do these wallets' security features compare?

Now, we dive deeper into the core specification of every hardware wallet: security features.

Ledger Nano XTrezor Model T
PIN-code 4 - 8 digits up to 50 digits
BIP39 Passphrase Yes Yes
Open-source Partial Full
Secure Element Yes No
Multisignature Yes Yes

Crypto wallet security feature differentiators

Ledger Nano X security Disadvantages:

  • Critical components like the Secure Element and its operating system are closed-source. This raises concerns, especially after the controversial introduction of the Ledger Recover backup service, which challenged the previous assumption that the Secure Element could never transmit the recovery seed phrase outside the hardware wallet.

Ledger Nano X security Advantages:

  • Includes a Secure Element, giving Ledger devices a strong reputation for withstanding physical attacks. This is important for users who prefer not to complicate their security with BIP39 passphrases, prioritizing ease of use.

Trezor Model T security Disadvantages:

  • Lacks a Secure Element, making it resistant to physical attacks only if a BIP39 passphrase is used. This is a significant drawback in both convenience and its ability to be fault-proof.

Trezor Model T security Advantages:

  • Fully open-source software and hardware. This minimizes third-party risks, and avoids any need to rely on trust.
  • Allows for longer PIN codes, which might appeal to particularly cautious users.

Have there been vulnerabilities or hacks of these wallets?

There have been vulnerabilities and hacks associated with both the Ledger Nano X and Trezor Model T.

While relatively secure, most crypto wallets — even hardware wallets — can not provide perfect security, and are routinely subject to malware, supply chain, and firmware vulnerabilities. Here are some recent notable incidents:

Ledger Nano X Vulnerabilities:

  1. The Connect Kit Attack (2023): The Connect Kit breach was discovered by the security teams of Ledger.
  2. Ledger User Data Breach (2020): A major data breach exposed the personal information of thousands of customers, leading to phishing attacks.
  3. Another User Data Breach (2021): Ledger announced on Twitter that it has been targeted by rogue Shopify team members who exported over 200 merchants’ customer databases.
  4. Ledger Live (2020): Users were exposed to basic double spending attacks, amplified double spending attacks, and DoS attacks without user consent.
  5. Potential Supply Chain Attack Vulnerability (2020): Kraken Security Labs Identifies Supply Chain Attacks Against Ledger Nano X Wallets.

Trezor Model T Vulnerabilities:

  1. Ability to Physically Hack Trezor T Wallet (2023): Crypto Security Firm Unciphered Claims Ability to Physically Hack Trezor T Wallet
  2. Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets (2019): Ledger’s Attack Lab has found five vulnerabilities in hardware wallets of its direct competitor Trezor.
  3. Kraken Identifies Critical Flaw in Trezor Hardware Wallets (2020): Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One andTrezor Model T.
No software is perfect, and no wallet is ideal. However, some designs have been compromised more than others.

Summary of Ledger Nano X and Trezor Model T Comparison

The Ledger Nano X and Trezor Model T both provide a respectable set of security measures, and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios.

The Ledger Nano X is more mobile-friendly, and offers a balance of security and convenience features. It offers a small display and uncomfortable input, but with the advantages of a Secure Element and wireless connectivity options like Bluetooth.

On the other hand, the Trezor Model T, at the same price, boasts a fully open-source framework, larger display with colors, and touchscreen interface for enhanced user interaction, but with reduced security and convenience from not having a Secure Element and working only with USB connections.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Whichever you choose, remember to add crypto inheritance to your choice of wallet to ensure the long-term safety of your digital assets.


Vault12 Guard: a decentralized solution for Crypto Inheritance

Vault12 is the pioneer in Crypto Inheritance Management, and delivers an easy-to-use and securemethod for assigning a legacy contact to your crypto wallets. This enables you to pass on your wallet seed phrases and private keys for all types of digital assets to future generations. Vault12 Guard is designed for everyday people, yet strong enough for Crypto OGs.

Vault12 Guard has a uniquely-secure design. Utilizing advanced encryption and decentralized storage, it ensures that crypto assets are not only safe but also transferable under predefined conditions, filling a critical need unmet by most traditional hardware wallets. Vault12 Guard applies a hybrid approach of software fused with the hardware-based Secure Element of phone devices (The Secure Enclave for iOS devices, and Strongbox for Google devices). Vault12 Guard's decentralized design reduces possible points of failure. Nothing is stored on cloud servers or Vault12 servers, and no assets are stored on local devices, making them less of a target.

From a user perspective, the Vault12 Guard app asks users to appoint one or more people (or mobile devices) as Guardians. The designated Guardians are entrusted to protect the user's comprehensive collection of wallet seed phrases and private keys, which are safely stored within a decentralized digital Vault. Its simple, user-friendly workflow removes the necessity for regularly revising wallet inventories or modifying instructions for your lawyers — a process that otherwise could lead to privacy breaches.

Both the Ledger Nano X and Trezor Model T are compatible with Vault12 Guard Inheritance. This addresses the seed phrase backup dilemma for any hardware wallet. It also makes less-secure backup methods, such as paper or steel plates, unnecessary.

Comparison of Ledger Nano X and Trezor Model T

MetaMask browser extension

Browser extension, Version 1.0.10

Welcome to this guide on securely setting up a MetaMask wallet. This guide focuses on the security choices you can make when setting up your MetaMask wallet; if you are looking for the official setup guide, please click here.

MetaMask is your entry point to the world of Ethereum - a blockchain platform designed for running apps and smart contracts.

This guide is focused on the MetaMask browser extension. Read our iOS and Android guides.

Keep reading...Show less

Ledger Stax and Trezor Model T: two strong wallets compared

The right wallet for you depends on your usage patterns and design preferences

When choosing hardware wallets, many crypto users base their decisions on day-to-day asset management needs and perceived device security. However, savvy crypto users first consider a wallet's ability to handle long-term security scenarios. Long-term security includes expected essentials like backup and recovery tools, and also often-overlooked features related to secure and fault-proof third-party recovery. You can think of third-party recovery as your ability to allow crypto assets to be inherited by successors. Successful crypto users require a comprehensive security strategy for the full life cycle of crypto assets. This article will help you achieve that.

Let's jump into helping you understand the pros and cons of the Ledger Stax and Trezor Model T for day-to-day activities, as well as their potential to safeguard the long-term security and longevity of your assets.

Overview

The Ledger Stax and Trezor Model T both provide a wide variety of reliable security features and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios. However, several differences are clear:

Ledger Stax

  • Mobile-Centric Usability: Designed with mobility in mind, the
  • Ledger Stax features wireless connectivity options like Bluetooth and
  • NFC, making it highly compatible with mobile platforms.
  • Premium Design: Its unconventionally large display enhances readability, though it comes with slower responsiveness included.
  • Price Point: Positioned as a premium product, its cost reflects its advanced features and sleek design

Trezor Model T

  • Mobile-Centric Usability: No Bluetooth connectivity. iOS app is view-only.
  • General Usability: Smaller set of wallets, coins, and apps.
  • Design: The touchscreen and input are very well-thought-out experiences.
  • Price Point: More affordable.

In terms of crypto asset longevity features, such as backup, recovery, and crypto inheritance, both devices provide industry-standard and proprietary options with certain trade-offs, as well as compatibility with third-party solutions like Vault12 Guard for succession planning scenarios.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Approach to comparison

When choosing the best hardware wallet for cryptocurrency security, you may wonder:

  • Which is better, the Ledger Stax or the Trezor Model T?
  • How easy to use are these wallets?
  • How do their security features compare?
  • Do these wallets have vulnerabilities, and have they been hacked?
  • What happens if your wallet is lost or stolen?
  • How do these wallets accomodate user errors, and complex scenarios like inheritance of crypto assets?

This article compares important characteristics for these two popular wallets. We’ll break down the strengths and weaknesses of each, focusing on security, ease of use, and backup and recovery methods.

By the end of this comparison, you’ll clearly understand which wallet is right for you, as well as how to recover your crypto assets in case of accidents.

What happens if your wallet is lost or stolen?

Wise wallet owners recognize the critical importance of crypto recovery before they find themselves in an unexpected bind! That's why it's important to understand the fundamental topic of crypto asset longevity, including features such as backup, recovery, and inheritance for crypto assets. These considerations are central to long-term planning.

Technical security is paramount, but in the world of crypto, the degree to which backup and recovery solutions are foolproof for users is at least equally important. Here are the backup and recovery options for these two wallets:

Ledger Stax

Trezor Model T

Backup & Recovery methods

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Recommends Recovery Seed Phrase be written on paper, or engraved onto metallic plates.

Optional paid subscription

Ledger Recover, a centralized 3rd-party cloud service, highly criticized by the crypto community. Clouds are not safe — especially when operated by multiple 3rd parties.

No.

How do these wallets handle Crypto Inheritance?

Crypto Inheritance Features

Currently, most hardware wallets, including the Ledger Stax and Trezor Model T, lack any features for establishing and managing crypto inheritance. This gap presents a challenge for users who want to be sure that their crypto assets can be transferred to their heirs.

Ledger Stax

Trezor Model T

Backup

- Written only
- Optional 3rd party KYC-based cloud

- Written only

- Manual sharing of shards

Inheritance

No

No

Decentralized backup with Vault12

Yes

Yes

Inheritance Management with Vault12

Yes

Yes

Backup and recovery differentiators

Ledger Stax Recovery service Disadvantages:

  • The optional Ledger Recover backup service is a paid service provided by three corporations that each hold parts of the user’s seed phrase in a Cloud. This introduces risks, as the seed phrase could potentially be accessed via subpoena; business partners could terminate agreements or become involved in lawsuits that result in locked data or resources (like, for example, Gemini and Genesis); and there are multiple potential points of failure.
  • Very important detail: The terms of the optional Ledger Recover service do not mention support for inheritance, meaning any unfortunate accident related to the user will make crypto assets unrecoverable for his or her successors. Ledger itself suggests using 3rd-party crypto inheritance services for those purposes.

Ledger Stax Recovery service Advantages:

  • People have different preferences. If a user is comfortable trusting a bank with their assets, they may also feel confident using Ledger Recover for securing their seed phrase backup (even though Ledger is not providing the complete cloud backup solution).

Trezor Model T backup Disadvantages:

  • Trezor has a Multishare backup service, but it is fully manual, and challenging to maintain. The user is responsible for generating, distributing, and keeping track of the encrypted shards.

Trezor Model T backup Advantages:

  • Trezor does offer a Multishare backup option for those who are able and willing to set it up.

How easy are these crypto wallets to use?

Let's compare the key aspects of both wallets side by side, and then summarize what really stands out for user convenience:

Ledger Stax

Trezor Model T

Display

3,7” black and white E Ink,
672 x 400 pixels

1.54" Color LCD,
240 x 240 pixels

Input interface

Touchscreen

Touchscreen

Cable

USB-C

USB, MicroSD card slot

Wireless

Bluetooth 5.2,
NFC

No

Companion Apps

macOS, Windows, Linux, Android, iOS

macOS, Windows, Linux, Android
iOS (View-only)

3rd party wallets and dapps support

50+

9+

Password manager & 2FA

FIDO2 2FA & Passkeys,
Password Manager

FIDO2 2FA

Product size & weight

85 x 54 x 6 mm / 45g

64 x 39 x 10 mm / 22g

Convenience features

Battery (10 hours of use),
Magnetic dock

Magnetic dock

Number of supported coins

5,500+

1,600+

Price

$399

$149

Crypto wallet user experience differences

User holding a mobile phone and using Ledger Stax as FIDO U2F security key

User holding a mobile phone and using Ledger Stax as FIDO U2F security key

Ledger Stax Disadvantages:

  • The display has a noticeable response delay due to the "E Ink" touchscreen technology, and could be irritating.
  • Not all apps are ported to Stax yet. Even the native Passwords app still has no release date identified as of this article's publish date, so check in advance whether your favorite network/coin is supported.
  • Extremely expensive. The value in Stax is more about design, rather than practical aspects.

Ledger Stax Advantages:

  • Huge informative display and "Clear Signing" allows you to review and confirm all transaction details directly on Ledger Stax and in a human-readable language before they are signed and sent. This enhances security and ensures that you see exactly what you are approving in a secure and tamper-proof manner.
  • Offers Bluetooth connectivity as well as NFC — works with or without a cable, at least with smartphones.
  • Wide support for third-party wallets and dapps, allowing the Ledger Stax to sign transactions directly in MetaMask, Uniswap, and other platforms without relying on Ledger Live software. This is a huge advantage for DeFi users.

Trezor Model T Disadvantages:

  • No wireless connectivity: you always have to use a cable.
  • iOS is a balance view-only app, so you can't send transactions from iOS.

Trezor Model T Advantages:

  • The display is much more convenient to work with on a regular basis, and easy to read.
  • The touchscreen and input are very well-thought-out experiences on Trezor Model T — you can use it without any discomfort.

How do these wallets' security features compare?

Now, we dive deeper into the core specification of every hardware wallet: security features.

Ledger StaxTrezor Model T
PIN-code 4 - 8 digits up to 50 digits
BIP39 Passphrase Yes Yes
Open-source Partial Full
Secure Element Yes No
Multisignature Yes Yes

Crypto wallet security feature differentiators

Ledger Stax security Disadvantages:

  • Critical components like the Secure Element and its operating system are closed-source. This has raised concerns, especially after the controversial introduction of the Ledger Recover backup service, which challenged the assumption that the Secure Element could never transmit the recovery seed phrase outside the hardware wallet.

Ledger Stax security Advantages:

  • Includes a Secure Element, giving Ledger devices a strong reputation for withstanding physical attacks. This is important for users who prefer not to complicate their security with BIP39 passphrases, prioritizing ease of use.
  • Clear Signing is also a security feature.

Trezor Model T security Disadvantages:

  • Lacks a Secure Element, making it resistant to physical attacks only if a BIP39 passphrase is used. This is a significant drawback in both convenience and its ability to be fault-proof.

Trezor Model T security Advantages:

  • Fully open-source software and hardware. This minimizes third-party risks, and avoids any need to rely on trust.
  • Allows for longer PIN codes, which might appeal to particularly cautious users.

Have there been vulnerabilities or hacks of these wallets?

There have been vulnerabilities and hacks associated with both the Ledger and Trezor products, however given Stax is very new we will cover it's manufacturer's hacks history.

Far from delivering uncompromised security, these wallets are routinely subject to malware, supply chain, and firmware vulnerabilities. Here are some recent notable incidents:

Ledger Vulnerabilities:

  1. The Connect Kit Attack (2023): The Connect Kit breach was discovered by the security teams of Ledger.
  2. Ledger User Data Breach (2020): A major data breach exposed the personal information of thousands of customers, leading to phishing attacks.
  3. Another User Data Breach (2021): Ledger announced on Twitter that it has been targeted by rogue Shopify team members who exported over 200 merchants’ customer databases.
  4. Ledger Live (2020): Users were exposed to basic double spending attacks, amplified double spending attacks, and DoS attacks without user consent.
  5. Potential Supply Chain Attack Vulnerability (2020): Kraken Security Labs Identifies Supply Chain Attacks Against Ledger Wallets.

Trezor Model T Vulnerabilities:

  1. Ability to Physically Hack Trezor T Wallet (2023): Crypto Security Firm Unciphered Claims Ability to Physically Hack Trezor T Wallet
  2. Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets (2019): Ledger’s Attack Lab has found five vulnerabilities in hardware wallets of its direct competitor Trezor.
  3. Kraken Identifies Critical Flaw in Trezor Hardware Wallets (2020): Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T.
No software is perfect, and no wallet is ideal. However, some designs have been compromised more than others.

Summary of Ledger Stax and Trezor Model T Comparison

The Ledger Stax and Trezor Model T both provide a respectable set of security measures, and support a broad spectrum of cryptocurrencies, making them suitable for diverse crypto portfolios.

The Ledger Stax is very mobile-friendly, and offers a balance of security and convenience features at a very premium price. It offers a big, but unconventional display and with delayed input, but with the advantages of a Secure Element and wireless connectivity options like Bluetooth.

On the other hand, the Trezor Model T, at a much lower price, boasts a fully open-source framework, larger display with colors, and touchscreen interface for enhanced user interaction, but with reduced security and convenience from not having a Secure Element and working only with USB connections the offer sounds non-attractive.

The decision between the two will likely hinge on individual preferences for the target platform (mobile or desktop), and should take into account the planned frequency of use.

Whichever you choose, remember to add crypto inheritance to your choice of wallet to ensure the long-term safety of your digital assets.


Vault12 Guard: a decentralized solution for Crypto Inheritance

Vault12 is the pioneer in Crypto Inheritance Management, and delivers an easy-to-use and securemethod for assigning a legacy contact to your crypto wallets. This enables you to pass on your wallet seed phrases and private keys for all types of digital assets to future generations. Vault12 Guard is designed for everyday people, yet strong enough for Crypto OGs.

Vault12 Guard has a uniquely-secure design. Utilizing advanced encryption and decentralized storage, it ensures that crypto assets are not only safe but also transferable under predefined conditions, filling a critical need unmet by most traditional hardware wallets. Vault12 Guard applies a hybrid approach of software fused with the hardware-based Secure Element of phone devices (The Secure Enclave for iOS devices, and Strongbox for Google devices). Vault12 Guard's decentralized design reduces possible points of failure. Nothing is stored on cloud servers or Vault12 servers, and no assets are stored on local devices, making them less of a target.

From a user perspective, the Vault12 Guard app asks users to appoint one or more people (or mobile devices) as Guardians. The designated Guardians are entrusted to protect the user's comprehensive collection of wallet seed phrases and private keys, which are safely stored within a decentralized digital Vault. Its simple, user-friendly workflow removes the necessity for regularly revising wallet inventories or modifying instructions for your lawyers — a process that otherwise could lead to privacy breaches.

Both the Ledger Stax and Trezor Model T are compatible with Vault12 Guard Inheritance. This addresses the seed phrase backup dilemma for any hardware wallet. It also makes less-secure backup methods, such as paper or steel plates, unnecessary.

View all articles

Advanced

Managing digital assets like cryptocurrencies can be complex, especially when it comes to inheritance.

View all articles

What Is a Self-Sovereign Identity?

Personal control over our online personas has given rise to the philosophy of self-sovereign identity (SSI). In essence, a person who has an SSI has sole ownership of their digital and analog identities and controls how their data is viewed or shared.

Man carrying credit card with identity

Anonymity vs. Pseudonymity In Crypto

Learn the difference between anonymity and pseudonymity and their implications for crypto.

Eyeball replacing head of laptop user

How Secure Enclave gives you Instant Access to your Digital Assets with Hot Storage Vault

Vault12 Guard's Instant Access Hot Storage enables secure local storage of digital assets such as crypto and NFTs with immediate on-device retrieval, and safeguards them from loss by backing them up in your digital Vault.

Hero photo of a phone with sensitive information

Shamir's Secret Sharing (SSS) White paper

Shamir, A. (1979). "How to Share a Secret,"

Generate a Seed Phrase using Dice.

Detailed steps to generate your seed phrase using 20-sided dice to ensure randomness.

View all articles
Decorative Background

Get Started Now.

Vault12 Guard is now available from the iOS and Android App stores.
Download Vault12 on App StoreDownload Vault12 on Google Play