Seed Phrase

What is a Seed Phrase?

A seed phrase is a sequence of 12 to 24 random words generated by your crypto wallet that acts as the master backup for every private key and account inside that wallet. If your device breaks, gets lost, or is wiped, entering your seed phrase into any compatible wallet restores full access to your funds. There are no passwords, no customer support teams, and no exceptions: whoever holds the seed phrase controls the wallet.

This makes seed phrases the single most important piece of information in self-custody crypto. They are also the single most targeted piece of information by scammers, phishing campaigns, and malware.

How It Works

When you set up a non-custodial wallet like MetaMask or a hardware wallet like Ledger, the software generates a seed phrase from a standardized word list of 2,048 words defined by BIP-39 (Bitcoin Improvement Proposal 39).

This phrase encodes the cryptographic root from which every private key in your wallet is mathematically derived. It’s not stored anywhere online by the wallet provider. It exists only where you write it down or store it yourself.

If an attacker obtains your seed phrase, they can import your wallet on any device and drain every asset across every blockchain your wallet supports, immediately and without any ability for you to stop it.

There’s no fraud department to call and no reversal mechanism on a blockchain. The funds are simply gone.

Common attack methods include Web3 phishing sites that impersonate official wallet support pages, social engineering calls where attackers pose as wallet company staff, and malware designed to scan devices for seed phrase files or clipboard contents.

How to Reduce Risk

• Write your seed phrase on paper or a metal backup plate and store it offline in a secure physical location, never in cloud storage, notes apps, screenshots, or email.

• Never enter your seed phrase on any website, even one that appears to be the official wallet provider. No legitimate wallet service will ever ask for it.

• Treat any unsolicited contact from “wallet support” as a scam. Support teams do not proactively reach out and will never request your seed phrase.

• Use Kerberus to identify phishing sites designed to harvest seed phrases before you interact with them.

In December 2025, a compromised browser extension update to Trust Wallet version 2.68 exposed users who had imported seed phrases into the affected version, with ZachXBT’s on-chain analysis tracing over $6.77 million drained across multiple blockchains before the breach was contained.

FAQ:

Q: What is a seed phrase?

A: A seed phrase is a sequence of 12 to 24 random words generated by your crypto wallet that serves as the master backup for every key and account inside it. Anyone who holds your seed phrase has complete, permanent control over your wallet and all its assets, with no recovery option available to you.

Q: How does a seed phrase work?

A: Your wallet generates a seed phrase from a standardized list of 2,048 words. This phrase encodes a cryptographic root from which every private key in your wallet is derived. If your device is lost or damaged, entering the phrase into any compatible wallet restores full access. It’s not stored by your wallet provider, only where you keep it.

Q: How can users protect their seed phrase?

A: Write your seed phrase on paper or a metal plate and store it offline, never in cloud storage, screenshots, or email. Never enter it on any website, even ones that appear to be official wallet support pages. Treat any unsolicited contact requesting your seed phrase as a scam. Kerberus Sentinel3 can identify phishing sites designed to steal seed phrases.