CFOtech New Zealand - Technology news for CFOs & financial decision-makers
Story image

The future of crypto wallets - do we really need seed phrases?

Wed, 28th Feb 2024

Finance has come a long way from the days when people joked about hiding money under their mattresses or in their couch cushions. The crypto industry is responsible for a large portion of this innovation, but the irony is that many individuals are now hiding their crypto wallets' seed phrases (which they use to access their money) in places not much more secure than under their beds!

First things first - what's wrong with seed phrases?

Seed phrases are effectively the master key to your cryptocurrency. They offer you full control over your digital assets without reliance on any other party (such as a bank, a credit company or an exchange). However, with that freedom comes responsibility, and "being your own bank" means that there's no call centre there for you if you forget your password. 

Seed phrases need to be kept safe from attackers, whilst always being accessible to the owner. This is not an insignificant challenge, and for this reason 'Lost Bitcoin' is an official term! It refers to Bitcoin that the current owner can't locate, either because they forgot their private key or have lost their hardware wallet device. Estimates suggest that around 6 million Bitcoins, or 30% of Bitcoin's supply, have been irretrievably lost, amounting to $554 billion in value.

Having phrases on a piece of easy-to-lose paper or on a USB device (or pic on your phone or laptop) really is akin to stepping back in time, when the goal of crypto has always been to move us towards the future of money - where control over your assets shouldn't come at the expense of peace of mind... 

Just keep these 12 words somewhere you can find them, but no one else can…
If someone else gets hold of your seed phrase (e.g. by stealing your backup or hacking into your phone), they can access and take all your crypto. Even the 'gold standard' of security - hardware wallets - need to have the seed phrase backed up somewhere, leaving your crypto only as secure as your backup location (which hopefully is not under your mattress!)…

A lot of wallets look largely the same as they did a decade ago, and wallet help desks are still fielding calls from panicked users whose wallets have been emptied using stolen seed phrases. Malware and viruses have been developed to search files for lists of seed phrase words, and one enterprising scammer even developed a photo editing app that would search people's albums to search for screenshots of seed phrases.

As crypto has become more common, so have these hacks that target seed phrases, leading many in the industry to ask whether there is a way that we can minimise the risk of accidental loss or theft. Could a post-seed phrase world offer much better protection and control?

Wallet innovators have moved on…
In pursuit of both simplicity and security, today's wallet innovators believe that self custody doesn't have to mean using a seed phrase. You can own your own funds while taking advantage of the backup and protection of third-party software that not only enables you to sign transactions but, importantly, gives you options around how you secure and protect your funds.

This innovation taps into the use of technologies like Multi-Party Computation (MPC). This approach involves the use of key 'shards' rather than entire seed phrases to authorise transactions, together with secure software. This still provides a user effective control over their assets with the ability to integrate safeguards such as Two-Factor Authentication (2FA). (You have no option for 2FA with a seed phrase - pretty terrifying when you think about it!) 

'But hang on, isn't reliance on third parties what we are trying to avoid?' you might say. With seedless wallets, reliance shifts to software that approves transactions based on predetermined conditions, such as 2FA. In future, it's likely that this software itself could be a self-governing entity operating on blockchain technology (called a Decentralised Autonomous Organisation) using smart (or automated) contracts that eliminate the need for a centralised authority. This would ensure wallets are censorship-resistant and less dependent on a single entity.

Ok, but how would recovery work with no seed phrase? 

This, too, is becoming a lot simpler…

Social recovery
The introduction of novel social recovery options is making wallet recovery more accessible. Social recovery involves designating trusted individuals (friends, family, your lawyer or even automated systems) to help you in the recovery process. If you lose access to your wallet, they would simply be sent a link to verify your identity. 

Cloud backup
The use of encrypted cloud backup for password recovery adds an additional layer of convenience. Unlike downloadable files containing your entire seed phrase, cloud backups allow wallet apps to automatically verify the existence of the (password-protected) backup file, prompting users to create a new one if necessary (for example, accidental deletion).

One prominent wallet recently announced a staggering 55% surge in active users within a span of four months, reaching over 30 million users by January. As wallet adoption and the crypto space continues to evolve, so too will the tools and methods that empower individuals to navigate it. While some people will always want to use a seed phrase, most users (particularly beginners) want something that is easy, safe and just works 'out of the box'. This is what MPC enables; and will hopefully see the term' Lost Bitcoin' become a thing of the past. 
 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X