Apologies if any of this is answered or obvious, I cannot find these and also feel that my assumptions of the subtle aims and purpose are likely different to the real ones.
I find a seed phrase at:
/settings/backups/advanced backups/view seed words
Is this the seed for the bitcoin wallet, and if not how do I find it?
I can create other bitcoin wallets, are they all related to a common seed? If I create others and then archive and delete them am I consuming accounts in a derivation path or reusing them?
Is it or will it ever be possible to have a bitcoin wallet from an existing seed phrase (I canât find it)?
My understanding of the master key backed up to the cards and server is that it the root of the derivation path for bitcoin wallets and also used to encrypt / decrypt the backups. Is that correct and is there anything not backed up when you pick âBackup up nowâ inside âBackupsâ on the device itself?
Is this the seed for the bitcoin wallet, and if not how do I find it?
You are correct.
I can create other bitcoin wallets, are they all related to a common seed? If I create others and then archive and delete them am I consuming accounts in a derivation path or reusing them?
If youâre referring to the additional seeds you can generate in the Vault app, then yes, they are BIP-85 derived seeds. They are deterministic, so deleting and recreating a 12 word seed at index #3 will always produce the same output.
Is it or will it ever be possible to have a bitcoin wallet from an existing seed phrase (I canât find it)?
You can recover an existing seed during onboarding, and in the next firmware release (v1.3), youâll be able to import existing seeds for storage inside the Vault app. These will also be able to be temporarily loaded into the Bitcoin wallet app for use with transactions and wallet connections etc.
My understanding of the master key backed up to the cards and server is that it the root of the derivation path for bitcoin wallets and also used to encrypt / decrypt the backups. Is that correct and is there anything not backed up when you pick âBackup up nowâ inside âBackupsâ on the device itself?
The Master key is backed up by default in 3 parts. Two on two keycards you control, and a third onto your Envoy app and backed up to your personal cloud. We NEVER see or have access to any part of your Master Key. You can read a full explainer on what is backed up and where with MB, here. The only thing not backed up right now are any files stored inside your files app.
I get the feeling from your answer that the Vault and Bitcoin apps are not separate / independent. To the extent they are not can you please explain?
On the question regarding the other Bitcoin wallets, I am referring to the Bitcoin Wallet app itself, not seeds in the Vault app. So are new accounts in the Bitcoin Wallet app all from the derivation path of the master key (seed phrase) and if I create others and then archive and delete them am I consuming accounts on the same derivation path or reusing them?
For importing existing seeds, you mention in a later release being able to import them into the Vault app and temporarily load them into the Bitcoin Wallet app. Can you please elaborate? It also seems there will be no capability to go into the Bitcoin Wallet app and create a new wallet which is imported from an existing seed phrase - is that correct?
I get the feeling from your answer that the Vault and Bitcoin apps are not separate / independent. To the extent they are not can you please explain?
Right now they are separate, but youâll soon be able to temporarily load different seeds from the Vault into the Wallet app for us with transactions etc. This is coming in a firmware update.
So are new accounts in the Bitcoin Wallet app all from the derivation path of the master key (seed phrase) and if I create others and then archive and delete them am I consuming accounts on the same derivation path or reusing them?
Yes these are sub-accounts as defined by BIP44. All hardware wallets operate on this standard. Same applies as what I said before, each is a deterministic index that will generate the same result each time one is deleted and re-âgeneratedâ.
For importing existing seeds, you mention in a later release being able to import them into the Vault app and temporarily load them into the Bitcoin Wallet app. Can you please elaborate?
Iâm not sure how else to badge it. If you have existing wallet seeds from other apps, youâll be able to back them up in the Vault and from there if you want to move funds to/from that wallet, you can load that seed into the wallet app to perform that functionality. Learn more here.
It also seems there will be no capability to go into the Bitcoin Wallet app and create a new wallet which is imported from an existing seed phrase - is that correct?
Same underlying secret, just in a different format.
View seed words screen This is your Prime Master Key in its complete form, encoded as BIP39 words. Anyone with those words has full control of the device. Itâs the âall in one placeâ representation of the secret.
Magic Backup (2 Keycards + Envoy keychain) The same Master Key is split into three parts using a 2-of-3 Shamir Secret Sharing scheme:
Keycard 1 holds share #1
Keycard 2 holds share #2
Envoy holds share #3, encrypted and synced to your iCloud Keychain or Android Auto Backup
So if I am enrolled in Magic Backups, but then restore the prime using this seed phrase (rather than the cards and keychain), will it still pull the settings metadata from your cloud? Just clarifying since it was implied this required the shard in the keychain but presumably the full seed is sufficient (running GrapheneOS and concerned about losing that shard). If so, this is perfect!
Yes, the recovery flow of a Passport Prime is agnostic of the method used to recover the seed. You can use the keycards, enter seedwords or scan a seedQR (importing from a passport core backup is not available as of right now). When the seed is loaded, Passport Prime will hash it locally and send this hash to Envoy to bounce it to foundation servers, there we will try to find a blob matching this random string (the hash of your seed), and forward it to the requesting Envoy, which in turn will bounce it back to Passport and this will be able to decrypt it locally using the actual seed words.
During onboarding if you tap Restore you will be shown this:
