Skip to content

Wallets and Seeds


1. Why should I not store my seed in a file on my machine or share the seed with someone?

Your seed is used to recreate your wallet and its accounts granting anyone with knowledge of the seed complete control of the funds within the wallet. If your machine were to be compromised and your seed stolen, the attacker would have the ability to drain your funds by sending your DCR to wallets under their control. Likewise, sharing your seed with anyone regardless of your current level of trust is highly discouraged as this could pose a major security risk for your wallet that they may misuse access in the future or store the copy of the seed less securely than you.

The safest method of storing your seed is on a physical medium, eg. written on paper. Store this paper as you would a key to your personal vault of gold. This is essentially what these seed words represent.


2. How can I convert my wallet seed hex to seed words?

You can use the dcrseedhextowords1 utility to convert a Decred seed from hex to the seed words needed for importing into wallets.


3. Can someone steal my coins if they access wallet.db?

Nobody can steal your coins if they get access to the wallet.db2 file unless they also have your private passphrase. If you chose to use public encryption, they also cannot get access to any of your extended public keys or addresses.


4. Can someone use a brute-force attack on a random wallet to regenerate its seed words (the words are not salted)?

All the seed words are is a direct mapping of English words to hex digits. The seed is nothing more than a 256-bit (32-byte) cryptographically secure random number. Salt does not apply here at all. It has nothing to do with brute-forcing3 random numbers.

In other words, since each word can be 256 possibilities and there are 33 words, that yields 256^32 (or 2^256 depending on how you want to look at it, but it is the same number) possibilities. That number is larger than the entire number of hydrogen atoms in the known universe. In fact, it is almost more than the number of atoms total in the known universe.

To put this in perspective, assuming there are 7 billion people on the planet and each person owned 10 computers and each one of those computers could test a billion possibilities a second and that you could find the solution on average after testing only 50% of the total possibilities, it would still take 26x10^48 (that’s 26 trillion trillion trillion trillion) years to brute-force a single seed.


5. My seed is not working. What can I do?

Make sure all of the words are on a single line separated by spaces4. Even though they are printed out on multiple lines for readability, they must be entered on a single line. Also double-check your words have no typos by comparing them to the words in the PGP word list.


6. How do I import a key that is in wallet import format (WIF)?

It is possible to import a standalone private key5 into dcrwallet. Note that this is only for --noseed addresses and you should not run this unless you know what you are doing!

Unlock the wallet (ignore angle brackets):

promptsecret | dcrctl --wallet - <private encryption passphrase> 60

Import the standalone (--noseed) private key (ignore angle brackets):

dcrctl --wallet importprivkey <put WIF private key here>

View balance of imported account (give it some time to rescan and look at the log in dcrwallet to see rescan progress):

dcrctl --wallet getbalance "imported" 0 all

7. What is the difference between a testnet and mainnet public key address?

A public key address, also called Pay-To-Pubkey (P2Pk), can be identified with its 2-byte prefix which identifies the network and type. A mainnet public key address starts with the letters Dk while a testnet public key address starts with the letters Tk. For details on address types, see the see the address details page.


8. I have lost my seed. What can I do?

If you have lost all copies of your seed and the wallet (or the wallet’s passphrase), then you’re out of luck: your funds are truly lost.

If you still have access to the wallet and the passphrase you need to IMMEDIATELY CREATE A NEW WALLET with a new seed that you properly store and then transfer your funds from the old wallet to the new.

If you have live tickets, maintain both wallets until all tickets have voted, then transfer the remaining funds to the new wallet.

You should backup your wallet.db file (preferably in a thumb drive stored in a secure location) until all funds have been transferred.


Sources


  1. Decred Forum, Post 8,660 

  2. Decred Forum, Post 9,803 

  3. Decred Forum, Post 10,452 

  4. Decred Forum, Post 10,657 

  5. Decred Forum, Post 10,724