Skip to content

Temporary Seed

(new in v5.0.7, requires Mk4)

Temporary seed (renamed in 5.2.0 from Ephemeral seed) is a temporary secret completely separate from the master seed, typically held in COLDCARD® RAM and not persisted between reboots in the Secure Element. Temporary seeds completely defeat the design of Coldcard's security model, based on secure elements. Enable the Seed Vault feature to store these secrets longer-term. Read more about Seed Vault feature below.

Make sure you know what you're doing!

This feature is intended for those one-off signings, like recovering a lost seed from some other system or importing some seed as a balance check. We do not recommend handing unencrypted seed material on a regular basis!

Usage#

  • if temporary seed is already in use, first home menu option [<xfp>] is visible with fingerprint of temporary master secret
  • go to Advanced/Tools > Temporary Seed

generate_temporary_menu

  • temporary seed words can be Generated with TRNG
    • Advanced/Tools > Temporary Seed > Generate Words

generate_temporary_menu

  • temporary seed words can be imported
    • Advanced/Tools > Temporary Seed > Import Words

main_temporary_menu

  • importing extended private keys

    • Advanced/Tools > Temporary Seed > Import XPRV
    • Advanced/Tools > Temporary Seed > Tapsigner Backup

  • temporary seed can be activated from BIP-85 derived secrets - go to Advanced/Tools > Derive Seed B85 and pick types of secret. Keep in mind that only word based and xprv based secrets can be used as temporary seed.

    • 12 words
    • 18 words
    • 24 words
    • XPRV (BIP-32)
    • pick derivation Index in next prompt, or just press OK for index 0
    • Press (2) in next prompt to activate derived secret as a temporary seed

  • temporary seed can be activated from Duress Wallet

    • go to Settings -> Login Settings -> Trick Pins
    • add new Duress Wallet trick pin and save it
    • choose newly created trick pin in trick pins menu and use Activate Wallet option

  • temporary seed can be obtained from SeedXOR

    • go to Advanced/Tools -> Danger Zone -> Seed Functions -> SeedXOR
    • pick Restore Seed XOR option and provide all XOR parts
    • Press (2) to activate restored seed as temporary seed

  • BIP-39 passphrase is from version 5.2.0 handled internally as temporary seed

Ability to generate and use Temporary seed is available on Coldcard when:

  1. no PIN chosen and no secret chosen (newly unpacked Coldcard)
  2. PIN set up but no secret chosen yet
  3. with both PIN and secret already picked

Generate#

generate_temporary

Import#

import_temporary

Import via NFC#

Import temporary seed via NFC. This is mostly for testing purposes as you need to have seed on mobile device which is very insecure.

Trick PIN Notes#

If you intend to use the temporary seed feature frequently, you can define a "Trick PIN" which takes you to a "look blank" trick wallet (i.e. no seed set appears to be set). Then you may then safely unlock your Coldcard, without revealing the true PIN, and perform all your temporary seed work in that state.

Restore Master#

(new in v5.2.0, requires Mk4)

From version 5.2.0 users no longer need to reboot COLDCARD to return to their "master seed" (one stored in SE2). Once COLDCARD has temporary seed active, first item in home menu is [xfp] and is a clone of Ready To Sign. Last item in home menu is Restore Master.

Restore Master offers two options. First, if user presses OK, COLDCARD wipes temporary seed settings and switches back to master seed and its settings. If user presses (1) temporary seed settings are preserved for later use and COLDCARD only switches back to master seed and its settings.

If current temporary seed is also saved in Seed Vault, option to wipe settings is not available. Seed Vault entries can only be deleted in Seed Vault menu.

Seed Vault#

(new in v5.2.0, requires Mk4)

Seed Vault adds the ability to store multiple temporary secrets into encrypted settings for simple recall and later use (AES-256-CTR encrypted with your master seed's key). Users can capture and hold master secret from any temporary seed source, including: TRNG, Dice Rolls, SeedXOR, TAPSIGNER backups, BIP-85 derived values, BIP-39 passphrase wallets.

Enable Seed Vault#

Enable this functionality in Advanced/Tools -> Danger Zone -> Seed Vault -> Enable. Once seed vault is enabled new menu item is visible in home menu Seed Vault.

sv0

Below is empty Seed Vault menu which offers shortcut to Temporary Seed menu

sv1

To disable Seed Vault user needs to remove all entries from Seed Vault first.

Add Seed to Vault#

After Seed Vault is enabled, users will see a new prompt, after creation of temporary seed, asking whether to save this temporary seed to Seed Vault. Press (1) to save or any other key to ignore.

If option to save was chosen, confirmation prompt is shown - Saved to seed vault.

Seed Vault menu#

  • if Seed Vault is empty (none saved yet) is the first menu item followed by shortcut to Temporary Seed menu.
  • if not empty, saved seeds are listed in menu as [xfp]
  • if current active temporary seed is stored in Seed Vault - it has checkmark next to it
  • if temporary seed is active - last menu item of Seed Vault menu is Restore Master

Seed Vault entry submenu#

  1. by default [xfp] but can be renamed to allow user labeling and leads to additional information about the seed
  2. Use This Seed allows to switch to the saved temporary seed. If it is already active Seed In Use is shown instead.
  3. Rename allows to change 1. menu item to something personalized to user (limited to 40 characters)
  4. Delete allows to remove temporary seed from Seed Vault and optionally to completely wipe its settings.

Seed Vault Workflow#

(1) install firmware version 5.2.0

(2) enable Seed Vault Advanced/Tools -> Danger Zone -> Seed Vault -> Enable

(3) back in main menu with Seed Vault item visible

(4) choose any option to generate temporary seed. Here we will choose TRNG words.

(5) go to Advanced/Tools -> Temporary Seed -> Generate Words -> 24 Words

(6) backup generated words or press (6) to skip quiz

(7) press (1) to save entry to Seed Vault

sv2

sv3

(8) just a confirmation message that seed was saved to Seed Vault - press OK to continue

sv4

(9) looking at the master fingerprint of new temporary wallet - press OK

sv5

(10) back in home menu, and we can see temporary wallet master fingerprint at the top

sv6

(11) go to Seed Vault and you will see fingerprint from above steps listed there with checkmark next to it - meaning currently active

sv7

(12) add another seed to Seed Vault, for example BIP-39 passphrase

(13) go back to home menu and navigate to Passphrase -> Edit Phrase and add some passphrase and press OK

(14) choose Apply option from menu

(15) looking at the master fingerprint of the new temporary that was created by adding passphrase to you master seed - even though we have temporary seed active. If you want to add passphrase to the current active temporary seed you need to press (2) here, otherwise press OK.

(16) press (1) to save entry to Seed Vault (same as step 7.)

(17) just a confirmation message that seed was saved to Seed Vault - press OK to continue

sv8

(18) back in home menu, and we can see temporary wallet master fingerprint at the top

sv9

(19) go to Seed Vault and you will see both fingerprint from above steps listed there - last added with checkmark next to it - meaning currently active

sv10

(20) choose entry from previous step in the menu to see seed entry submenu

sv11

(21) choose first menu item with master fingerprint in it which leads to the info about the seed

sv12

sv13

sv14

(22) press OK to go back to seed entry submenu, choose Rename and pick new name for this entry and press OK

sv15

(23) top item of submenu is changed from master fingerprint to whatever name was chosen - in my case it is GRANDMA

sv16

(24) Go back to Seed Vault menu and see the Rename effect

sv16

(25) Pick the seed entry that we created first (TRNG words). Options to Rename and Delete are not present because we are currently in different temporary seed. Seed Vault entries can only be modified if entry to be modified is currently active temporary seed or if no temporary seed is active.

sv17

(26) choose Use This Seed to switch to this temporary secret

sv17

(27) go back to Seed Vault and choose current active temporary seed (one with checkmark next to it)

(28) choose Delete and press (1) to only remove seed entry from Seed Vault, but not wipe its settings

sv18

sv19

sv20

(29) Deleted entry is no longer in Seed Vault, but temporary seed is still active as we have not wiped its settings.

sv21

(30) Go back to home menu, choose Restore Master and press (1) to preserve settings again. Now we are in home menu again and no temporary seed is active (first item of home menu is not fingerprint)

sv22

sv23

sv24

(31) Go to Seed Vault, choose the other saved seed entry, hit Use This Seed and press OK to confirm

(32) Go to Seed Vault again, choose current active seed entry, hit Delete and press OK to not just delete from Seed Vault but also wipe its settings and completely forget about it. After this is done user is respawned in home menu with no temporary seed active. Once you decide to wipe settings COLDCARD needs to switch back to master settings.