A lost phone is not a lost wallet
A phone goes missing the way phones always do. It slides out of a pocket on a train, gets left on a café table, drops into a lake, or simply stops turning on one morning. If that phone was running SSP Key, your first instinct may be a cold one: the wallet is on there — is my money gone?
It is not. This is the moment SSP's two-key design is built for. Your SSP wallet is a 2-of-2 setup: one key lives in the browser extension on your computer, the other lives in SSP Key on your phone. Losing the phone means losing one of two keys. The browser key still stands, untouched, on a machine you still control. No coins can move without both keys cooperating — so while you restore the second factor, your funds sit exactly where they were.
This guide walks through restoring SSP Key on a new device, step by step, at an intermediate level. It also covers the order of operations — what to do first — and is honest about the brief window where you are holding only one of two factors and what that does and does not mean. If you have not already, the companion article on what you actually need to restore a wallet is worth reading first; it sets out the keys-versus-seed distinction this guide leans on.
First, slow down — then do these three things
The temptation when a phone vanishes is to act fast and act everywhere at once. Resist it. A 2-of-2 wallet buys you something most setups do not: time. Nothing can be spent with one key, so there is no race against a thief. Use that breathing room to act in the right order.
- Confirm the browser key is safe. Open SSP on your computer and check that the extension still loads your wallet. This is your surviving factor. As long as it is intact, your wallet is recoverable and your funds are not at risk.
- Lock down the lost phone, not the wallet. Use your phone provider's or platform's find-my-device tools to lock or remotely wipe the handset. This protects SSP Key's data behind the phone's own PIN and encryption — it is device hygiene, not wallet recovery, and the two are separate jobs.
- Get a replacement device ready. Any phone you can install SSP Key on will do — a new handset, an old spare, or a freshly reset one. You do not need to rush the rest until this device is in hand.
Notice the order. You verify the surviving key before touching anything else, because that single check tells you whether this is a calm restore or the worst-case scenario covered later in the series.
What you need to restore SSP Key
Restoring the mobile signer is deliberately lightweight. You need three things:
- Your computer with the SSP browser extension working. This is the device that still holds a valid key, and it anchors the whole process.
- A new phone with SSP Key installed. Install it from the official app store for your platform — the same place you installed it originally.
- A few minutes with both devices side by side. The phone and the computer need to be near each other to exchange a recovery handshake.
What is not on this list is worth noting: for this scenario you do not need to type your BIP39 seed phrase. The seed is your last-resort backup for the case where both devices are gone. Here, the browser key survived, so the browser does the work of rebuilding the phone side.
Step 1: Install SSP Key on the new phone
Open your platform's official app store and install SSP Key. When it launches for the first time it offers two paths: create a new key, or restore an existing wallet. Choose restore. You are not making a new wallet — you are rebuilding the missing half of one that still exists.
Step 2: Start recovery from the browser
Open SSP on your computer and unlock it. The extension still holds its key, so it can act as the anchor for restoring the phone. Choose the wallet-recovery option and tell SSP you are replacing the mobile signer. The extension generates a recovery handshake: a short-lived, encrypted exchange that re-establishes the pairing between the two keys.
This is the important mental model. Recovery does not reconstruct your wallet from a written secret. It reconnects the two halves of a wallet that was never fully broken — one half simply needs a new home.
Step 3: Pair the new phone with your browser
The browser extension displays a QR code. Open SSP Key on the new phone and scan it. The two devices exchange the recovery handshake: the phone receives what it needs to rebuild its key, and the browser confirms the request came from a session you are actively driving.
Because the pairing is anchored on the computer you already control, an attacker who merely found your old phone cannot complete this step. Your old handset is locked, its key is being replaced, and they have no access to your browser extension.
Step 4: Confirm and verify
Once pairing completes, SSP Key finishes rebuilding the mobile key and your wallet appears on the new phone. Two checks before you call it done:
- Confirm your receiving addresses match. Compare a receiving address on the restored SSP Key against one you know — a past invoice, a saved contact copy, or the address shown in the browser extension. They must be identical.
- Send a test transaction. Move a small amount and approve it on both devices. A successful 2-of-2 signature is the definitive proof: both keys are present and cooperating again.
The honest part: the one-factor window
Between losing the phone and finishing Step 4, you are in a particular state — you hold one of your two keys, not both. It is worth being precise about what that means, because honesty here is more reassuring than vague comfort.
What the one-factor window does not mean: it does not mean your funds are exposed. A single key in a 2-of-2 wallet cannot move money. Whoever finds your lost phone has, at most, one locked key behind a phone PIN — and one key spends nothing. The same is true in reverse: your surviving browser key alone cannot be drained either. This is the core guarantee of 2-of-2 multisig, and it holds whether you restore in ten minutes or ten days.
What it does mean: until you restore the second factor, you have no safety margin left. You are temporarily a one-key wallet's worth of redundancy short. If something then happened to the browser key too — a wiped computer, a second mishap — you would be down to the BIP39 seed as your only path back. That is recoverable, but it is the harder route. So treat the restore as important but not panicked: do it deliberately, soon, and in order.
Put plainly: a single lost device is a to-do item, not an incident. The 2-of-2 turns what would be an emergency for a single-key wallet into routine maintenance.
Order of operations, summarized
If you are reading this because your phone is already gone, here is the short version:
- Open SSP on your computer and confirm the browser key still loads the wallet.
- Lock or wipe the lost phone with your platform's find-my-device tools.
- Install SSP Key on a replacement phone and choose restore.
- Start wallet recovery from the browser extension and display the QR code.
- Scan it with the new SSP Key, then confirm an address you recognize and send a small test transaction.
For the scenario where the computer is the device you lost instead, the sibling guide on recovering SSP when you lose your browser walks the mirror-image process — the phone anchors the restore there, the browser anchors it here.
Industry guidance on account and device migration consistently makes the same point: a healthy recovery path lets you re-establish access on new hardware without ever exposing the underlying secret. Google's own guidance on moving to a new Android device frames device migration as restoring access, not recreating identity — exactly the model SSP applies to the mobile signer. Your seed phrase stays in the drawer; the surviving key does the work.
The takeaway
A lost phone feels like a crisis because, with most wallets, it would be. With SSP it is a tool that needs replacing, not a wallet that needs rescuing. The blockchain holds your coins. Your two keys hold the authority to move them. One of those keys was always safe on your computer — and now, after a calm ten-minute restore, you have both again.
