mirror of
https://github.com/bitcoinbook/bitcoinbook
synced 2024-11-26 01:50:42 +00:00
CH01::Backups: s/mnemonic/recovery code/, add detail and warnings
- Use "recovery code" instead of "mnemonic phrase" or "seed phrase". A new tipbox describes that mnemonic implies memorization but that's bad practice. The phrase recovery code is generic enough to apply to a variety of schemes, including Electrum seed words, BIP38 seed words, aezeed, and non-phrase schemes like that used in Muun. - Be clearer about the difference between "wallet" and "wallet software". - Mention that restoring from a code doesn't restore labels or offchain transaction info. - Warn about re-entering your code into malware / phishing attacks.
This commit is contained in:
parent
89c40241e2
commit
84fd8b5953
@ -319,36 +319,87 @@ the option to create a new Bitcoin wallet. Because the wallet she has
|
||||
chosen is a non-custodial wallet, Alice (and only Alice) will be in
|
||||
control of her keys. Therefore, she bears responsibility for backing
|
||||
them up, since losing the keys means she loses access to the bitcoin. To
|
||||
facilitate this, her wallet produces a _mnemonic phrase_ (explained more
|
||||
in <<mnemonic_phrase_intro>>), in the form of 12 English words that can
|
||||
be used to restore her wallet on any of the hundreds of compatible
|
||||
software or hardware wallets.
|
||||
facilitate this, her wallet produces a _recovery code_ (explained more in
|
||||
<<recovery_code_intro>>) that can be used
|
||||
to restore her wallet.
|
||||
|
||||
Let's elaborate a bit on the mnemonic phrase, next.
|
||||
Let's elaborate a bit on the recovery code, next.
|
||||
|
||||
[[mnemonic_phrase_intro]]
|
||||
==== Mnemonic Phrase
|
||||
[[recovery_code_intro]]
|
||||
==== Recovery Code
|
||||
|
||||
Most modern non-custodial Bitcoin wallets will provide a _mnemonic
|
||||
phrase_ (also sometimes called a "seed" or "seed phrase") for their user
|
||||
to back up. The mnemonic phrase usually consists of 12 English words,
|
||||
selected randomly by the software, and used as the basis for the keys
|
||||
that are generated by the wallet. A sample mnemonic phrase is shown in
|
||||
<<mnemonic_phrase_sample>>.
|
||||
Most modern non-custodial Bitcoin wallets will provide a _recovery
|
||||
code_ for their user
|
||||
to back up. The recovery code usually consists of numbers, letters, or words
|
||||
selected randomly by the software, and is used as the basis for the keys
|
||||
that are generated by the wallet. Sample recovery codes from different wallets are shown in
|
||||
<<recovery_code_sample>>.
|
||||
|
||||
[[mnemonic_phrase_sample]]
|
||||
.Alice is shown a 12-word mnemonic phrase that she must backup (offline on paper)
|
||||
image::images/mnemonic_phrase_sample.png[".Alice is shown a 12-word mnemonic phrase that she must backup (offline on paper)"]
|
||||
[[recovery_code_sample]]
|
||||
[cols="1,1"]
|
||||
|===
|
||||
| Wallet | Recovery code
|
||||
|
||||
This mnemonic phrase can be used by Alice to restore *all* the
|
||||
transactions and funds in her wallet in the case of an event such as a
|
||||
lost mobile device, a software bug, or memory corruption. The mnemonic
|
||||
phrase is based on a common standard and therefore can be restored on
|
||||
any compatible software or hardware wallet. This allows Alice to try
|
||||
different wallets and also removes any dependency on the software or
|
||||
hardware maker of the wallet.
|
||||
| BlueWallet
|
||||
| (1) media (2) suspect (3) effort (4) dish (5) album (6) shaft (7) price (8) junk (9) pizza (10) situate (11) oyster (12) rib
|
||||
|
||||
Of note, when receiving funds to a new mobile wallet for the first time, many wallets will often re-verify that you have securely backed-up your mnemonic phrase. This can range from a simple prompt to requiring the user to manually re-enter the phrase.
|
||||
| Electrum
|
||||
| nephew dog crane clever quantum crazy purse traffic repeat fruit old clutch
|
||||
|
||||
| Muun
|
||||
| LAFV TZUN V27E NU4D WPF4 BRJ4 ELLP BNFL
|
||||
|===
|
||||
|
||||
[TIP]
|
||||
====
|
||||
A recovery code phrase is sometimes called a "mnemonic" or "mnemonic phrase",
|
||||
which implies you should memorize the phrase, but writing the phrase
|
||||
down on paper takes less work and tends to be more reliable than most
|
||||
people's memories. Another alternative name is "seed phrase" because
|
||||
it provides the input ("seed") to the function which generates all of
|
||||
a wallet's keys.
|
||||
====
|
||||
|
||||
If something happens to Alice's wallet, she can download a new copy of
|
||||
her wallet software and enter this recovery code to rebuild the wallet
|
||||
database of all the onchain transactions she's ever sent or received.
|
||||
However, recovering from the recovery code will not by itself restore any additional
|
||||
data Alice entered into her wallet, such as the names she associated
|
||||
with particular addresses or transactions. Although losing access to
|
||||
that metadata isn't as important as losing access to money, it can
|
||||
still be important in its own way. Imagine you need to review an old
|
||||
bank or credit card statement and the name of every entity you paid (or
|
||||
who paid you) has been blanked out. To prevent losing metadata, many
|
||||
wallets provide an additional backup feature beyond recovery codes.
|
||||
|
||||
For some wallets, that additional backup feature is even more important
|
||||
today than it used to be. Many Bitcoin payments are now made using
|
||||
_offchain_ technology, where not every payment is stored in the public block
|
||||
chain. This reduces users costs and improves privacy, among other
|
||||
benefits, but it means that a mechanism like recovery codes that depends on
|
||||
onchain data can't guarantee recovery of all of a user's bitcoins. For
|
||||
applications with offchain support, it's important to make frequent
|
||||
backups of the wallet database.
|
||||
|
||||
Of note, when receiving funds to a new mobile wallet for the first time,
|
||||
many wallets will often re-verify that you have securely backed-up your
|
||||
recovery code. This can range from a simple prompt to requiring the
|
||||
user to manually re-enter the code.
|
||||
|
||||
[WARNING]
|
||||
====
|
||||
Although many legitimate wallets will prompt their user to re-enter
|
||||
your recovery code, there are also many malware applications that mimic the
|
||||
design of a wallet, insist you enter your recovery code, and then
|
||||
relay any entered phrases to the malware developer so they can steal
|
||||
your funds. This is the equivilent of phishing websites that try to
|
||||
trick you into giving them your bank passphrase. For most wallet
|
||||
applications, the only times they will ask for your recovery code are during
|
||||
the initial set up (before you have received any bitcoins) and during
|
||||
recovery (after you lost access to your original wallet). If the application
|
||||
asks for your recovery code any other time, consult with an expert to
|
||||
ensure you aren't being phished.
|
||||
====
|
||||
|
||||
==== Running the wallet application
|
||||
|
||||
|
Before Width: | Height: | Size: 27 MiB After Width: | Height: | Size: 27 MiB |
Loading…
Reference in New Issue
Block a user