Bitcoin Seed Phrases: The Challenge of Mainstream Self-Custody Adoption

An underlying theme of this cycle has been to challenge preconceived notions about how people use Bitcoin around the world. New behaviors are emerging and other cultures are using the asset in a way that is breaking previously established molds.

A major trend emerging out of this chaotic environment is the resurgence of seedless security models, which take a radically different approach to securing Bitcoin private keys. Proponents argue that established security practices are failing to meet the expectations of an increasing number of users. Along with the maturation of custodial alternatives, the emergence of ETF products is creating concerns about the prospect that future users will onboard into more complex self-custodial solutions.

It is not the first time security specialists have pointed the finger at seed phrases when asked about the difficulties of Bitcoin self-custody crossing the chasm. Industry veteran Jameson Lopp has long debated the challenges of the security model, and remains outspoken about its pitfalls. His company, multi-signature wallet provider Casa, was formed, in part, to address the issues created by traditional backup methods.

In a conversation with Bitcoin Magazine, current Casa CEO Nick Neuman echoed his colleague’s concerns:

“We need to think more carefully about how we use them as an industry because the user experience of getting hit with a seed phrase the first time you set up a wallet is very difficult.”

The Perils Of Seed Phrases

Despite significant progress in the quality of Bitcoin products and applications, the landscape of self-custody remains perilous for those whose comfort with technology stops at their iPhones. Every other day, accounts emerge of various successful phishing attacks targeting victims’ funds by compromising their wallet’s seed phrases.

Earlier this January, popular hardware wallet provider Trezor announced they had reasons to believe sensitive customer information had been leaked due to a breach in the systems of a third-party service provider. In the following months, X users reported a new wave of phishing attempts hitting their inboxes.

Another reminder of the fragile state of the average person’s security practices came in 2022 following a security exploit that affected popular password manager LastPass.

Following a string of curious wallet-draining incidents affecting mobile and hardware wallet users alike, researchers eventually figured out that seed phrases stored on the service’s servers had been compromised. As of a couple of months ago, losses have been estimated to have reached over $250 million in various cryptocurrencies.

While popular Bitcoin influencers have banged the table for the adoption of more robust security systems involving hardware wallets, a large number of market participants have yet to warm up to this practice. Shehzan Maredia, founder of Bitcoin financial service company Lava, sees a significant divide between security product developers and a large section of the Bitcoin market.

“I’ve realized most people start questioning their ability to self-custody when you involve hardware wallet and seed phrases. Half of them will do a poor job of following instructions and the other half will simply prefer using custodians,” he remarked.

Security experts are adamant that private key material should remain offline at all times, but Maredia suggests secure enclaves present in modern mobile phones are sufficient to thwart the majority of attacks affecting users today.

“Looking at the common causes responsible for the loss of users’ funds, it’s rare to find examples of mobile keys being compromised.” Rather, he argues, it’s more likely users will do a poor job of securing their seed phrase backup or will give it away during a phishing attack.

Seedless Challenges And Opportunities

Bitcoin products have seen a lot of improvements since Casa pioneered the seedless wallet approach years ago but few so far have followed in the company’s tracks. While self-custodial applications are more robust than ever, some changes have introduced additional steps to an already significant learning curve. It’s worth questioning whether a nihilistic attitude towards security has pigeonholed the practice into rituals unpalatable to the average person.

Neuman remains optimistic. He suggests there has been an observable shift in the industry towards more realistic approaches, though he thinks Bitcoin products are lagging behind

“There are still quite a few like wallets that force you to [save your seed phrase] upfront. I think it’s kind of a risk management thing on their end, but it actually works against the goal of helping users feel comfortable holding their own keys.”

Regardless, the trend suggests the rest of the industry is coming around to the risks of users handling sensitive information. Recent technologies such as passkeys, implemented in Coinbase’s new “Smart Wallet,” offer interesting alternatives for this new generation of products. Passkeys are a new standard promoted by internet giants like Apple and Google, which aim to replace traditional passwords with cryptographic keys tied to a user’s device and identity.

According to our research, testimonies from early adopters indicate the technology has yet to sort out important standardization issues. Lava’s Maredia agrees there is room for improvement. He recently launched a seedless solution he thinks achieves the best security tradeoffs one can expect of mobile devices.

The Lava Vault draws heavy inspiration from older contributions from ex-Spiral developer Tankred Hase called the Photon SDK. Photon implements a seedless cloud backup similar to Casa’s early implementation of the mobile key wallet but is fully open-source though it hasn’t been maintained for some time. Maredia is persuaded that the 2-of-2 solution he has adapted from existing designs in the ecosystem can stand against most known attacks.

“We looked at things like passkeys, but we just don’t think they are made to secure important key material like Bitcoin. They basically swap one piece of sensitive information for another and are usually stored in a password manager. In practice, most password managers do a poor job handling them, they can be deleted very easily even on iCloud.”

Lava secures users’ seed phrases using a high entropy key stored on a different server. Once encrypted, the seed is saved in a special directory on the user’s cloud that can help prevent accidental deletion or malicious access. Users authenticate with a key server, which enforces rate limiting, using a 4-digit PIN of their choice. Lava does not require the creation of any account which preserves users’ privacy from the service and its servers. For daily operations, the wallet uses another key stored on the device’s secure enclave.

“Even if a party accesses encrypted information, there is no single point of failure because they’d have to know the encryption key. Forgetful users can set up a PIN recovery method which allows them to change their PIN after a 30-day delay.”

Maredia expects his security protocol to evolve according to users’ needs and different risk profiles. Wallet policies such as 2FA, withdrawal or spending limits, and whitelisted addresses are already on the way. “Lava Smart Key is a very flexible solution. Users can upgrade their self-custody setup easily, and we’re open to accommodating users who have specific demands,” he explains.

Although seedless backups have been criticized for exposing individuals to undue third-party risks, open-source implementations like the Photon SDK and Lava’s vault model suggest more vendors and service providers could implement similar standards and mitigate this issue.

Seed phrases remain an important component of the security stack but both entrepreneurs consulted for this article believe it is essential to abstract them from most future users.

“Seed phrases in general, I think, are a very useful tool for making your keys more portable between wallets and giving you that exit option just in case something happens to the wallet software you’re using,” says Casa CEO Nick Neuman.

To eliminate single points of failure, Casa promotes a combination of multi-sig plans involving hardware devices but insists on sticking to its seedless principles where possible.

“Wallet software is made for managing private keys. Humans are not made for managing private keys. So we should leave that job to the wallets.”

Source: bitcoinmagazine.com