Secure Your Secret Key

When users create a Leather wallet, a 24-word phrase is generated. This phrase is known as a Secret Key, and users need to make sure to store this Secret Key in a place that only they can access. 

What is a Secret Key?

Secret Keys are more conventionally known as “seed phrases,” mnemonic seed phrases,” “recovery seeds,” or “recovery phrases.” They’re essentially randomly generated cryptographic keys that protect a user’s crypto wallet and, consequently, the assets held within the wallet.

Secret Keys generated by Leather are BIP39-compatible and in English. Technically, you can check to see if your Secret Key is compatible by cross-checking all of the generated words against this list. If you’re having trouble entering your Secret Key when prompted to do so, please double check that:

• All words are lowercase

• Words are separated by only one space

• You haven’t entered any numbers or special characters

Secret Keys vs. Passwords

While users may think of Secret Keys as a password of sorts, it’s important to distinguish between the two. 

Passwords are unique to each device and are created by the user to access their wallet on a particular browser or computer. They are helpful if you use the same device and browser to access your Leather wallet, as they save you from having to re-enter your Secret Key every time you log in.

Unlike Secret Keys, passwords can be reset and easily recovered. While there is a way to recover your Secret Key using backup data from your computer, a Secret Key is generally extremely difficult to recover once lost. It is crucial for users to keep a copy of their Secret Key in a very secure location that only they have access to. 

You will often be prompted for your Secret Key if you attempt to log into your wallet from a computer or browser that you don’t normally use, or if you previously signed out from your wallet. That’s why it’s important to make sure that you back up your Secret Key the moment it is revealed to you. You do have the ability to view your Secret Key from within the extension, but that’s provided that you can already access your wallet. 

How to Secure Your Secret Key with Leather

The Cryptocurrency Security Standard (CCSS) offers guidelines for user key storage. These guidelines are ordered from the least secure (Level I) to most secure (Level III). 

We recommend that users adhere to the CCSS’ Level II standards at the very least. This involves:

• Backing up each of your cryptographic keys separately 

• Storing the backup in a different location from where you access your wallet (e.g. if you access your wallet from a computer located in your office, you may want to store your Secret Key in another room)

• Storing your backup in a location that minimizes possible access by unauthorized parties (e.g. a safe or lock box)

• Employing a tamper mechanism that helps you determine if your backup was accessed by another party

Please note that we do not store our users’ Secret Keys, nor can we help our users recover their Secret Keys should they become lost. Leather is a self-custodied Bitcoin wallet, which means that users, alone, are responsible for their keys.

This also means that if your Secret Key has been stolen by harmful websites or software, there are no guarantees that you will be able to recover your wallet assets. Consequently, we ask that users think twice before revealing or entering their Secret Key in another application besides Leather.