What are Secret Keys and how do they work?

Secret Keys are 12- or 24-word phrases that authenticate you to products built with the Stacks blockchain such as the Hiro Wallet.

They are otherwise known as "seed phrases", "mnemonic seed phrases", "recovery seeds" or "recovery phrases".

Secret Keys are like strong passwords in that they protect your identity and STX holdings. However, unlike passwords, they can never be recovered – by you or anyone else – if lost. So be sure to always back up a copy in a very secure place that you remember!

See our instructions for securing Secret Keys.

Think twice whenever entering or giving your Secret Key

Always double check that you trust any downloaded software or website that prompts you for your Secret Key before proceeding to enter it!

Never give your Secret Key to anyone online, no matter how trustworthy they seem. Beware especially anyone who claims to need your Secret Key urgently for any purported emergency, financial or otherwise.

It's common for cryptocurrency users to suffer phishing attacks that fool them into providing their Secret Keys to malicious actors. Once your Secret Key is stolen by "bad" websites or software, there are no guarantees that you will get your associated STX or other digital assets back. And you will surely have to generate a new Secret Key for future usage since the original one will have been compromised forever.

12 vs. 24-word Secret Keys

The desktop Hiro Wallet has always generated 24-word Secret Keys for new users, whereas other products such as the Blockstack Browser and web-based Hiro Wallet have generated 12-word Secret Keys for new users.

Generally speaking, if you purchased STX before 2021, your STX holdings are almost certainly associated with a 24-word Secret Key or hardware device such as Ledger or Trezor.

If you have a 12-word Secret Key and never used Trezor or Ledger, you most likely generated it when trying separately to use apps built with Stacks (previously known as "Blockstack") in a web browser. Please ensure that you are entering a separate 24-word Secret Key into the desktop Hiro Wallet to view and manage your balance.

Secret Keys generated by certain Trezor or Ledger devices constitute an exception to this general rule since they may contain 12 or 18 words. You can enter Secret Keys with 12 words directly into the Hiro Wallet to view your holdings if you used a Trezor or Ledger device originally to set them up. Any other lengths such as 18 words must be loaded onto a Ledger device and cannot be entered directly into the Hiro Wallet. However, we recommend you maintain Secret Keys of any length on a Ledger device and connect with that instead to maintain a higher level of security.

You can use 12- or 24-word Secret Keys across both the desktop and web versions of the Hiro Wallet. However, we generally recommend that you generate and use a separate Secret Key for entry in the web browser since it's a less secure environment than desktop software.

Exporting Secret Keys from Trezor or Ledger

Secret Keys originally generated and held on Trezor or Ledger devices can be entered into the Hiro Wallet directly as long as they have 12 or 24 words. However, we highly recommend that you continue using a hardware wallet to connect with the Hiro Wallet to ensure the same level of security to which you're accustomed.

If your Trezor or Ledger device has an additional passphrase, you will need to send your STX to a separate address without a passphrase before entering its Secret Key directly into the Hiro Wallet. There is no way to enter a Secret Key with a passphrase directly into the Hiro Wallet.

Trezor users with passphrases can migrate their underlying Secret Keys and passphrases to Ledger devices for use with the Hiro Wallet. This is the only option for Trezor users with any number of words (e.g. 18) aside from 12 or 24. See our Trezor guidance for details.

Secret Keys must be BIP39 compatible

Secret Keys generated by the Hiro Wallet are BIP39 compatible and in English.

All Secret Keys entered into the Hiro Wallet must also be BIP39 compatible and in English.

Check if your Secret Key is compatible by cross-checking all of its words against the corresponding list by language.

Note that small transcription errors can lead to problems authenticating with your Secret Key. You may want to check in the lists above for possible variants of the words you've transcribed to correct such errors.

Also ensure that your Secret Key conforms to the following upon entry:

  • All lowercase
  • Words with only a spaces in between
  • No preceding numbers or other indication marks