Seedless Wallets Want to Make Bitcoin More User Friendly
Seedless wallets replace the need to write down a backup passphrase and keep it secure. BIP39 passphrase does not necessarily need to be created in a manner in which it creates a single point of failure.
Bitcoin (BTC) has been around for more than 11 years, but it’s still rather difficult for the average person to use the network in a secure manner. One of the reasons for this is that Bitcoin works very differently from traditional online payment systems.
In Bitcoin, users are in full control of their own money, which means they’re in charge of securing it and not making any mistakes when they are sending an irreversible transaction. There are no third parties to come to your rescue in a situation where you make a mistaken payment or a hacker accesses your private keys.
A new wave of Bitcoin wallets are attempting to solve at least part of these issues with the BTC user experience through the use of so-called seedless multisig wallets. These wallets are intended to simplify the storage of BTC in a non-custodial manner and get rid of the current default backup option in most wallets, which involves writing down a 12 or 24-word backup phrase and storing it somewhere safe.
The promise of seedless multisig wallets
The main idea with seedless multisig is to make it so a combination of backup options in the form of devices, service providers, hardware wallets, trusted friends or family members, and other sources replaces the need to write down a backup passphrase and keep it secure.
“The BIP39 [passphrase] introduced in 2014 was a very simple yet powerful way for backing up a Bitcoin wallet using 12 to 24 words (plus an optional passphrase),” said Hexa Wallet Product Director Anant Tapadia. “Before this backing up a Bitcoin wallet was something only technically proficient people could do. But this method posed certain problems.”
According to Tapadia, the biggest issue with BIP39 is the backup method creates a single point of failure for the wallet user’s BTC holdings.
“If they are lost, there is no recourse,” said Tapadia. “Adding a salt or passphrase does not help the problem as now you end up having two single points of failure. Losing any one of them means loss of funds. Mnemonic based backup scheme offers no resiliency.”
US-based crypto security specialist Casa has been one of the pioneers in the seedless multisig wallet space.
“Our seedless setup does away with paper backups once for all,” notes Casa’s page on their Keymaster wallet. “So stop worrying that you’re going to forget where that piece of paper went.”
That said, the free version of Keymaster only works for a single-signature wallet architecture. For multisig functionality, Keymaster users must pay at a subscription fee, which starts at USD 10. When reached for comment, Casa Chief Technology Officer Jameson Lopp told Cryptonews.com there are no plans to offer a free version of Keymaster at this time.
“We don't make money by selling ads or user data, so it really comes down to an issue of how we pay for support costs,” Lopp added. “No such thing as a free lunch I'm afraid.”
According to Tapadia, Hexa Wallet uses a system that combines the use of multisig with a threshold recovery scheme.
“Hexa has gone for a hybrid approach of having a multisig account on top of a multi-party seedless recovery,” said Tapadia. “We use Shamir’s Secret Sharing scheme for this.”
Hexa Wallet also plans to add Lightning Network support to their wallet. The funds held on the Lightning Network will act as a sort of checking account, while the “savings account” will be for larger amounts held in a multisig address.
Looking for balance
Of course, seedless multisig also has its downside risks, asUnchained Capital Chief Strategy Officer Dhruv Bansal explained on an episode of the Stephan Livera Podcast back in October of last year.
“I personally think it is insane to run seedless,” said Bansal during his conversation with Livera.
“I think running without a seed phrase or throwing out your seed phrase because you believe you have sufficient other devices, I wouldn’t feel comfortable doing that. The argument, I think, that is advanced sometimes by folks like Casa for doing that is seed phrases are complicated, I guess, and they can be lost.”
Bansal and Livera also discussed the fact that a BIP39 passphrase does not necessarily need to be created in a manner in which it creates a single point of failure. And the various shares of the backup seed phrase can be encrypted.
“That’s actually one of the additions that Unchained is pushing into this conversation is to try to encrypt these shares,” said Bansal. “There’s not just one of them, so that makes it a lot easier to say that it’s safer.”
At the end of the day, all of these different wallet providers are simply trying to find the correct balance between security and user experience, and a definitive answer may not be available until multiple architectures are tried out in the wild.
Seedless Lightning Network wallets
Of course, many mobile BTC wallets are also focused on the Lightning Network these days, as the layer-two protocol’s instant, nearly-free payments make more sense when it comes to using BTC on a phone. After all, nobody wants to walk around with their entire life’s savings in their pocket.
Since smaller amounts are expected to be used with Lightning, there may be room to further improve the user experience, as security requirements become a little less strict.
Lightning Network developer Tankred Hase has been working on a new mobile Bitcoin wallet library, photon-lib, that allows users to backup their private keys and channel state with a model based on SMS and cloud backups. Hase’s work on photon-lib was fueled by lessons he learned regarding user activity while working on the Lightning app for Lightning Labs.
“Most users want to experiment with a wallet at first,” Hase told Cryptonews.com. “Maybe feed chickens on Pollofeed or order a sticker in the Blockstream store. So, mobile wallets should emphasize ease of use during the initial setup process.”
According to Hase, the most important aspect of the backup process when a new user is playing around with the Lightning Network should be redundancy.
Users can then be “upsold” on additional security features like a PIN or time delay once more funds are added to the wallet.
The developers behind photon-lib are currently figuring out the balancing act between security and user experience on their GitHub.