Comment on page
Seedless Hardware Wallets
Nearly every wallet asks you to write down a recovery seed and keep it secure when you set it up. Underlying that seemingly simple instruction is an ocean of complexity. Keeping a recovery seed secure requires expertise and can be a labor-intensive and costly process. If a spending threshold of recovery seeds fall into the wrong hands, they can be used to spend funds from the wallet.
We decided not to rely on manually backed up recovery seeds. Instead, the Mobile Key is automatically backed up, the Casa Recovery Key has multiple geographically distributed backups, and the user can decide how many seed phrases for their hardware devices to back up. We recommend backing up at least one so that you can still recover funds in the extreme case that all of your hardware devices fail simultaneously. Note that if you have a spending threshold of seeds backed up in cleartext, you are vulnerable to a physical attacker gaining access to them.
The Casa app makes it easy for a user to swap in a new hardware device for one that is lost at any time. By simplifying the key replacement process, we have eliminated a whole class of complexity (secure backups) that users have to deal with in other systems.
With Casa Bitcoin vaults, you will need to pay transaction fees (ie Bitcoin network fees) to change a key in the vault. Similarly, with Casa Ethereum vaults, you will need to pay gas fees (ie Ethereum network fees) to change a key in your vault. If you wish to avoid paying these fees, you can backup all hardware device seed phrases, meaning you would not need to replace a key if you lost it - you would instead recover the same key to a new device using the seed phrase. Keep in mind that this tradeoff requires you to secure those seed phrases properly, as discussed above.
Note: If you take the seedless approach, we strongly recommend that you backup your hardware device PINs in a secure place (such as a password manager) and ensure you keep your hardware devices up to date with the latest firmware. Failure to do the above puts you at risk of key and fund loss.