Skip to content

Encrypted Backups

Background#

The COLDCARD® is unique in that we offer a backup feature to save your wallet seeds to the MicroSD card(s) or Virtual Disk. Settings and other meta is saved as well. The encrypted file can be treated as any other file because we use AES-256 encryption, with a strong passphrase.

Even when using this feature, you should still have a offline-only copy of your seed words, ideally on a SEEDPLATE. Use the encrypted backup feature for convenience and extra duplication.

Video: Mk4 Create Backup

Create Backup#

  1. From the Main Menu, go to: Advanced/Tools > Backup > Backup System.

    Mk4 nav to backup Q nav to backup

    • If you are currently using a BIP-39 passphrase, you will be given the option of either backing up the main wallet, or the passphrase wallet. Press OK/Enter to backup the main wallet, or 2 to save the passphrase wallet.

      Mk4 backup bip39 Q backup bip39

    • If a Temporary Seed is in use, then the Temporary Seed and its settings will be backed up.

      Mk4 backup temp Q backup temp

  2. COLDCARD will pick 12 words as a password. These words have nothing to do with your wallet seed and are chosen randomly.

    Mk4 backup pass Q backup pass

    • While viewing the 12 words, press 1 on the Mk4 or the QR key on the Q to display the words as a QR code.

      Mk4 backup pass QR Q backup pass QR

  3. Next you will have to pass a quiz, proving you've made a backup of the words. We have made the quiz easier, as it does not verify every word.

  4. After successfully completing the password quiz, you may save the words to the COLDCARD for future use by pressing 1.

    Mk4 save words Q save words

  5. The new file is written to the MicroSD card, or the Virtual Disk, if it is enabled and no SD card is inserted.

    Mk4 file written Q file written

    • The file will be named backup.7z. If there was already a backup file, a number is appended to the filename. The most recent backup file should have the highest number.

    • Q Only: If two MicroSD cards are inserted, the file will be saved to the card in Slot A. If there is only one card inserted, then the file will save to it no matter which slot it is in.

  6. To make a second copy of the backup, put in another MicroSD card and press 2.

Important

We strongly recommend using real Industrial Grade MicroSD cards for backups: At least 2 cards and write 3 times to each card to mitigate future issues.

You can find them at the Coinkite store.

True SLC design with wear-leveling & block management, and environmentally tested for bend, torque, salt spray, solar radiation, and harsh temperatures: -40°C to +85°C.

Verify Backup#

This command does a quick CRC32 check over the file. It's useful to check the file was not truncated or damaged in transit. It is not cryptographically secure, meaning the file maybe artificially created or deliberately tampered with. However, it's still a useful feature when you are confident of the chain of custody of your file.

No password is required since the file is not decrypted in this process.

  1. From the Main Menu, choose: Advanced/Tools > Backup > Verify Backup.

    Mk4 nav to verify Q nav to verify

  2. Select the backup you wish to verify from the list.

    Mk4 verify backup Q verify backup

Restore Backup#

The backup file can be used to restore the seed and settings as the Main Seed of a COLDCARD, or as a Temporary Seed.

Video: Mk4 Restore Backup

Restore Backup as Main Seed#

To restore the backup as the Main Seed, you must use a new COLDCARD with no wallet defined, or wipe the seed from the COLDCARD, which is naturally a dangerous operation.

Consequences of Wiping Seed Words

Wiping your seed words will result in the loss of access to your Bitcoin, passwords, notes, and settings stored on your device. You can regain access to them by restoring your seed words from backup.

  1. With a COLDCARD that has no Main Seed, navigate to: Import Existing > Restore Backup.

    Mk4 nav to restore main seed Q nav to restore main seed

  2. Choose your backup file from the list.

  3. Enter the 12 word password for the backup encryption that was saved when the backup was created.

    • Q Only: Press the QR key during the password entry prompt to scan a QR code of your 12 words.

    Mk4 restore main seed Q restore main seed

  4. Reboot your COLDCARD, and it will be restored back to the state it was in when the backup was created.

Restore Backup as Temporary Seed#

Restoring as a Temporary Seed can be useful to test your backup without having to wipe your Main Seed.

  1. Starting at the Main Menu, navigate to: Advanced/Tools > Temporary Seed > Coldcard Backup.

    Mk4 nav to restore temp seed Q nav to restore temp seed

  2. Choose your backup file.

  3. Enter your 12 word password to decrypt the backup.

    • Q Only: Press the QR key during the password entry prompt to scan a QR code of you 12 words.

    Mk4 restore temp seed Q restore temp seed

  4. Press 1 to save the Temporary Seed to the Seed Vault (if enabled), or press OK/Enter to use the Temporary Seed without saving it.

Video: Clone Mk3 to Mk4 Video: Clone Mk4 to Q

Clone Coldcard#

You can copy the seed words and all settings from your COLDCARD onto a blank COLDCARD to make a "clone" (aka. warm backup). This process uses the same encrypted backup file format (AES-256 in 7z) but the encryption key is chosen automatically using Diffie-Hellman key exchange.

You'll need a blank COLDCARD (PIN chosen, but no seed words) and a MicroSD card for the data transfer.

  1. On a blank COLDCARD, choose: Import Existing > Clone Coldcard.

    Mk4 setup clone Q setup clone

  2. Be sure a MicroSD card is inserted, and a small file (containing an ephemeral public key) is written to it.

  3. While keeping power active to the blank COLDCARD, take the MicroSD to another COLDCARD.

  4. Insert the SD card into the COLDCARD you wish to clone, and go to: Advanced/Tools > Backups > Clone Coldcard.

    Mk4 create clone Q create clone

  5. A backup file is written to the SD card.

  6. Remove the SD card back and bring it to the blank COLDCARD.

  7. Insert the SD card and press OK/Enter.

    Mk4 apply clone Q apply clone

  8. Reboot the COLDCARD for the cloned seed and settings to take effect.

    • The key pairs used in this process are randomly picked at the time of use, and are not related to seed phrase or master secret.
    • Files written to the MicroSD card are deleted as the process is completed.
    • Only the two COLDCARDs involved can reconstruct the session key, so the complete back-and-forth process must be repeated to clone additional COLDCARDs.

About the Backup File Contents#

The file we create is a standard 7z archive with AES-256 encryption, in CBC mode. The 256-bit key is a SHA256 hash of a passphrase, hashed in a particular way to support 7z compatibility. We know the passphrase has at least 128-bits of entropy because the COLDCARD uses it's true random number generator (TRNG) to pick it.

Once decrypted, which is possible using any 7z archive tool, the contents are a simple text file with everything you could need to access your funds, in an emergency, using another wallet system.

Restoring the backup file onto a replacement COLDCARD is a simple process that merely requires entering the 12 words.

Is it secure?#

We use AES-256 encryption, wrapped in a 7z archive. The passphrase is chosen at random, as 12 words from the BIP-39 word list. This gives effectively 132 bits of security without any key stretching. The 7z file format adds a 16-byte salt and random 16-byte IV (initialization vector), plus a few tens of thousands of rounds of key stretching. We are not relying on that however, because of the long key itself (128-bits).

Proving It Works#

Because we are using a standard file format, you can verify the process and that the data is in fact encrypted. Any 7z tool that supports AES256-SHA256 encryption should be able to read the files we make. Take the 12 words and put them together with a single space between each word (all lowercase). The decoded archive will contain a single text file with a random file name, which is easy to read and understand.

Primary vs. Secondary#

(Applies to Mk1 and Mk2 only)

The current wallet, along with data for the corresponding duress wallet is recorded during the backup. Details of the other wallet (secondary when using the primary, for example) are not saved. You should backup primary and secondary wallets individually, but they can be stored onto the same MicroSD card.

Limitations#

  • The archive file names are not encrypted. You can see there is a single text file word(number).txt in the encrypted file without decrypting it.
  • The device PIN code is not preserved during backup.
  • We produce standards-compliant files, but do not support reading any file except the ones produced by COLDCARD.
  • Do not attempt to edit the file and restore it onto a COLDCARD.
  • You cannot construct a file for the COLDCARD to read because we implement only enough to support reading files that we know that we've produced.
  • There is no plausible deniability here: the 7z file is clearly a COLDCARD backup file. But with BIP-39 passphrases in play, even if forced to decrypt your backup, there is still one final secret protecting your wallets.
  • Learn more about backup files in our technical paper.