SSP Editorial Team

Seed phrase best practices

·7 min read·By SSP Editorial Team
Twelve-word seed phrase printed on a paper card next to a hardware wallet

Your seed phrase is the master key to every coin in your wallet. Lose it and the funds are gone forever. Leak it and someone else can sweep the wallet in seconds. Yet most guides treat seed phrase storage as a checklist of slogans — "never screenshot it," "use metal" — without explaining what a seed phrase actually does, what it doesn't do, and how a multisig setup like SSP's changes the threat model.

This article is for people who already own crypto and want to think clearly about how to keep it. We'll cover what a seed phrase is at the protocol level, the difference between hot, cold, and hardware wallets, real storage trade-offs, and the way 2-of-2 multisig rewrites the rules. Treat it as a mental model, not dogma.

What a seed phrase actually is

A seed phrase looks like a poem: 12 or 24 ordinary English words in a fixed order. Under the hood it is a compact encoding of a single very large random number. That number is the seed from which every private key in your wallet is generated. The list of words you can choose from — exactly 2,048 of them — is defined by <span id="bip39"></span>BIP39, the standard that turns raw entropy into something a human can write down without dropping a digit.

The reason one short phrase can control an entire wallet — Bitcoin addresses, Ethereum addresses, change addresses, future addresses you have not even used yet — is <span id="bip32"></span>BIP32, the standard for hierarchical-deterministic (HD) derivation. BIP32 takes the seed and runs it through a deterministic function to produce an unlimited tree of keys. Same seed in, same tree out, every time, on any compliant wallet.

This is why your seed phrase is not "a backup of your wallet" — it is the wallet. Restore the words into any BIP39/BIP32-compatible app and you reconstruct every key and every address. That is also why anyone else who reads those words gets the same wallet.

Keys, not coins

Crypto wallets don't store coins. They store keys. The blockchain stores the balances; your keys prove you are allowed to move them.

A <span id="private-key"></span>private key is a long random number that signs transactions. Whoever holds the private key for an address can spend whatever sits at that address — no password reset, no customer support, no appeal. That is what "self-custody" means in practice.

A <span id="public-key"></span>public key is derived from the private key by one-way math. You can publish it freely. The blockchain address you share with people who want to pay you is computed from the public key. Anyone who knows your public key can verify a signature you produced, but they cannot work backwards to your private key.

The seed phrase sits one level above all of this. From those 12 or 24 words, BIP32 generates every private key in the wallet, and from each private key the matching public key and address fall out. So when guides say "your seed phrase IS your wallet," they mean it literally: it is the root that all keys descend from.

Hot, cold, and hardware wallets

Wallets are usually sorted by how exposed their private keys are to the internet.

A <span id="hot-wallet"></span>hot wallet keeps its private keys on a device that is connected to the internet — typically a phone or browser extension. MetaMask on your laptop, Phantom on your phone, an exchange app that lets you withdraw to an on-chain address you control: all hot. The trade-off is convenience for attack surface. Signing a transaction takes one tap, but any malware on the device can in principle read the keys or trick you into signing something you didn't intend.

A <span id="cold-wallet"></span>cold wallet keeps the private keys on a device that has never been online and ideally never will be. The classic example is an air-gapped laptop used only to sign transactions, which are moved on and off via QR codes or microSD cards. Cold storage drastically shrinks the remote-attack surface, at the cost of being clunky to use day-to-day and dangerous if you set it up wrong (a "cold" laptop that quietly joined a Wi-Fi network once is just a slow hot wallet).

A <span id="hardware-wallet"></span>hardware wallet is the pragmatic middle ground: a small purpose-built device — Ledger, Trezor, Coldcard — that stores private keys in a secure element and signs transactions internally. The connected computer or phone sees only the signed transaction, never the key. The trade-off is that you trust the vendor's firmware and supply chain, and a sufficiently determined attacker with physical access can still attack the device. For most people, a hardware wallet is the right baseline.

Storing the words

Once you accept that the seed phrase is the wallet, the storage question becomes: how do you keep these words available to you but unavailable to everyone else, for as long as you might need them?

Start with what not to do. Do not photograph the words. Do not put them in a cloud notes app — iCloud, Google Keep, Notion, Apple Notes synced to a Mac all count. Do not email the phrase to yourself "just temporarily." Do not type it into a password manager you also use for streaming services. Each of these moves the seed onto infrastructure designed to be searchable, syncable, and recoverable — which is exactly the opposite of what you want.

The default good answer is paper: write the words by hand, store the paper somewhere only you can reach, and don't talk about where. Paper is cheap, deniable, and immune to remote attack. It is also vulnerable to house fires and floods.

The default better answer is metal: stamp or engrave the words into a stainless-steel or titanium plate. This survives fire and water. It does not protect against an attacker who finds the plate, so location matters as much as material.

For most people, the sane setup is two copies in two locations with different failure modes: one at home in something fire-resistant, one offsite (a trusted relative, a safety deposit box, a sealed envelope at a lawyer's office). Two copies in one house solves nothing — one fire takes both. Five copies across five locations is great until you forget where the fifth one is and a stranger finds it. Always trade recoverability against exposure; both are real risks.

How 2-of-2 multisig changes the math

Single-seed wallets have a brutal property: one leaked phrase is total loss. The attacker doesn't need your device, your password, or your presence — they need the words.

SSP uses a 2-of-2 multisig design: every transaction must be co-signed by two independent keys, one on your phone and one in your browser extension. Each key has its own seed phrase. Neither seed phrase alone can move any funds.

That changes the calculus in a specific, narrow way. If an attacker compromises one device, copies one seed phrase, or socially engineers one half of the setup, they still cannot spend. They have to compromise both, independently. Two separate intrusion paths, two separate physical accesses, two separate backups to steal.

What multisig does not do is make you immune. If both seeds end up in the same notebook, the same cloud, or the same drawer, you've collapsed the security back to single-seed. If you reuse the same passphrase, write both phrases on the same metal plate, or store both backups in the same building, an attacker who reaches that one place gets everything. Multisig raises the cost of attack, but only if the two factors are genuinely independent. Treat each seed as if it were the only one.

A short checklist

  • Write each seed phrase on paper or metal — by hand, in order, exactly as the wallet shows it.
  • Never type a seed phrase into a digital device that isn't already configured to use it. No cloud notes, no password managers, no "just for a minute" exceptions.
  • Keep at least two physical copies of each seed, in two locations with different failure modes (fire, flood, theft).
  • Test recovery on a throwaway install before sending real funds. A backup you have never restored is a hope, not a backup.
  • If you use SSP, treat the two seed phrases as fully independent. Different physical locations, different storage media, different mental categories.

Next step

If you're setting up SSP for the first time and want a guided walkthrough that follows these principles end to end — including how to generate, record, and verify both seed phrases — see Setting up your first SSP wallet.

Share this article

Related articles

Navy SSP cover for Self-custody checklist for your first $1,000, with wallet, key, shield and fingerprint icons over a dark gradient

Self-custody checklist for your first $1,000 — the concrete starter playbook

Eight ordered steps to set up SSP 2-of-2, write down both seeds, test recovery, and move your first $1,000 off the exchange in one afternoon.

8 min read
Navy SSP cover for Self-custody without going to cold storage, with wallet, key, shield and lightning icons over a dark gradient

Self-custody without going to cold storage — the middle path most users need

Self-custody isn't a single setup. The right point on the spectrum is warm storage — a multisig you actually use — not air-gapped cold storage.

8 min read
Navy SSP cover for What self-custody actually requires of you, with key, shield, fingerprint and CPU icons over a dark gradient

What self-custody actually requires of you — the honest list

Backups, opsec, device management, recovery planning, time and attention — the five-category bill self-custody puts on you, no marketing softening.

8 min read