Your secret recovery phrase is the key to your self-custody wallet, and controls access to your funds. So write it down and keep it safe!

secret recovery phrase

What’s a secret recovery phrase?

Your secret recovery phrase, also known as a seed phrase, is the most important information from your self-custody wallet. It can be used to access your funds across software wallets and devices. As long as you have your secret recovery phrase, you will always be able to access your crypto. 

All software wallets are hierarchical deterministic (HD) wallets.

Whenever you create a new HD wallet, it generates a secret recovery phrase. It can be any number of words, but it’s usually 12, with some phrases 18 or 24 words long. 

All your public keys (crypto addresses) and private keys are generated from this secret recovery phrase. 

How do I store my secret recovery phrase?

Write down your secret recovery phrase at least twice, and store copies in separate offline locations where no one else will find them.

You can store your secret recovery phrase in a lockbox, a fire- and water-proof bag or safe, a safety deposit box at the bank, or anywhere else you think will keep it both safe and accessible.

Never store your secret recovery phrase in digital form. If it’s in digital form, it can be hacked. This includes as a digital picture. 

Never share your secret recovery phrase with anyone. The only reason anyone would ask for it is to steal your money. If someone else gets their hands on your secret recovery phrase, they can steal all the crypto in your wallet.

If you lose your secret recovery phrase, you could lose access to your funds.

Where do the words come from?

Wallets use the English-language word list of the BIP39 standard. It has 2048 words.

All words in a secret recovery phrase comes from the BIP39 list. Words in a phrase can also be repeated.

What do the words mean?

Nothing, the words are chose and random and meant to be converted into numbers.

The string of numbers is used as the seed integer to an HD wallet. This seed integer generates all the key pairs (public keys, or addresses, and private keys) in the wallet.

Having the seed integer, or long string of numbers, as a phrase of 12 words, is meant to make it easier for us humans to keep track of this important information.

How secure is it?

If a secret recovery phrase contains 12 words, the number of possible combinations would be 2048^12 = 2^132, meaning 2 to the power of 132. So a 12-word secret recovery phrase has 132 bits of security.

However, some of the data in a BIP39 phrase is not random, so the actual security of a 12-word BIP39 seed phrase is 128 bits. Which may not seem like a lot, but it is.

To crack a 128-bit key with modern hardware would take around 500 billion years. You can read Hacker Noon’s assessment of 128-bit security here: Is 128 Bit Encryption Enough?

What are private keys?

Every public key, or crypto address, has an associated private key.

Like addresses, private keys are derived from the secret recovery phrase, which is why a secret recovery phrase can recover them. 

Single private keys can be used to restore a single asset in another platform that uses the same derivation path.

Restoring assets by private keys is safer than using your secret recovery phrase, because only the crypto of that private key could be compromised if the platform is unsafe.

Say you want to claim an Cosmos airdrop. Instead of restoring your entire crypto wallet with all your different assets (like Bitcoin, Ethereum, and Solana) in another wallet, you can restore only your Cosmos wallet with your Cosmos private key. 

How does a secret recovery phrase generate private keys for different assets?

Different assets have different starting points in the derivation formula, which prevents assets from generating overlapping private keys.

For example, if Bitcoin starts at 1, ETH might start at 14, and ATOM at 45. This ensures that all the private keys will be different.

How do private keys come from the secret recovery phrase?

When your secret recovery phrase is converted into a seed integer (long string of numbers), the seed integer is used with a derivation algorithm to derive (generate) private keys.

A very large number (almost but not quite infinite) of public and private keys can be derived by this process. Because the same seed integer is used with the same derivation formula, the same private and public keys will always be generated.

This means that no matter the software interface you use, as long as the secret recovery phrase and the derivation formula are the same, you will always have access to your funds.

What are derivation paths?

A private key tells a wallet which asset to restore, and a derivation path tells it how.

You can think of the derivation path as the mathematical function that shapes how the private key is derived from the secret recovery phrase. If you change the derivation path, you change the private key.

This is why if a wallet has a different derivation path, it won’t work to restore your private key and assets. 

Not to worry, because most wallets use the same derivation path. And if a wallet uses a non-standard derivation path, there’s usually at least one asset-specific wallet you can use as a backup.