All Posts
Security

Crypto Twitter Decided Your Seed Phrase Is a Liability. It's Right — and the Fix Most Wallets Are Selling Just Moves the Risk Somewhere Else.

June 20, 20267 min read

Sometime this spring, a line that used to get you ratio'd on crypto twitter became the consensus. "A seed phrase isn't self-custody, it's a liability" ran as an essay in Bitcoin Magazine, argued by Max Guise on a clean premise: self-custody is not an object you possess, it is a capability you have, and the twelve or twenty-four words almost everyone treats as synonymous with that capability are far more liability than capability. BIP-39, the 2013 standard that let a short list of common words stand in for a raw private key, made backups writable by humans — and in doing so made the single most catastrophic secret in a person's financial life into something that can be photographed, shoulder-surfed, mistyped, water-damaged, or simply lost in a move. The convenience and the liability are the same feature.

The industry's commercial answer arrived under a single banner: go seedless. In a May interview with TheStreet's Roundtable, Ana Jacobson, brand campaigns lead at the hardware-wallet maker Tangem, put the usability case bluntly — "It was too hard for people to get into crypto. They had 12 or 24 words. Let's narrow it down to just three units and they still can't do it." Tangem's model generates the key on a secure chip and never exposes a human-readable phrase at all; redundancy comes from buying a set of up to three NFC cards that each hold the key, so losing one means reaching for a backup card rather than reciting words. Around that same idea a whole category has formed: multi-party computation wallets that split a key across servers and a device, passkey- and account-abstraction wallets that lean on a phone's secure enclave, social-recovery schemes that let a circle of "guardians" restore access. The shared pitch is that the words were the weak link, so the words should go.

The diagnosis is right, and it is worth saying so plainly, because this publication has been making a version of the same argument since before it was popular. A seed phrase held the way most people hold it — one complete copy, written once, sitting in one drawer or safe or steel plate — is a single point of total failure. Every phishing letter, every wrench attack, every house fire, every "I'll deal with the backup later" that this site has written about exploits that exact structure: the whole secret, in one place, reachable by one person. If the seedless camp has done one good thing, it is dragging that uncomfortable fact into the center of the conversation. The single complete copy is the problem. On that, there is no argument.

The argument is about what you replace it with. And when you look closely at the popular cures, most of them do not eliminate the liability the essay identified. They move it to a place that is harder to see. Tangem's three-card system is honest about its own limit: the company tells you directly that if you lose all your cards, neither Tangem nor anyone else can recover your funds — true self-custody, no third-party reset. That is admirable candor, but notice what it means. You have swapped "one fragile copy of a phrase" for "a small number of fragile physical objects, all carrying the same key, all of which must be kept and none of which can be regenerated." The failure mode didn't disappear. It changed shape, from words-on-paper to cards-in-a-drawer, and the cards still encode one undivided secret.

The software-side seedless models relocate the risk in a different direction: toward trust in infrastructure you don't control. An MPC wallet that holds key shares on a vendor's servers has quietly reintroduced a counterparty — if that company changes its terms, gets breached, suffers an outage, or simply shuts down, your "self-custody" inherits its fate. A passkey wallet bound to a phone's secure enclave ties your coins to a hardware ecosystem and a cloud account's recovery rules. A social-recovery wallet is genuinely clever, but it relocates the secret into a group of guardians and a smart-contract recovery flow that the average heir or spouse has never heard of and cannot operate under stress. None of these are scams; several are real engineering. But "seedless" too often means "the seed is still a single recoverable secret — we've just hidden where it lives and who can reach it." Hiding a single point of failure is not the same as removing one.

There is a different way to take the essay seriously, and it starts by refusing to throw away the one thing seed phrases got right. BIP-39 is an open, vendor-neutral, offline standard. A phrase generated by one wallet restores in a dozen others; it depends on no company's servers, no chip's continued manufacture, no cloud account staying alive; you can hold it for twenty years and it will still mean something. That portability and independence is the actual substance of self-custody — the capability, not the object. The problem was never that the secret is expressible as words. The problem is that the secret exists as one complete copy. Fix that specific thing and you keep everything the open standard gives you while removing the liability the critics correctly named.

That is the entire design of threshold custody, and it is why it answers the 2026 debate more squarely than the seedless products do. Take your seed phrase, encrypt it, and split it with Shamir's Secret Sharing into a threshold set of shares — say 3-of-5 — each encoded as a QR code and distributed across separate locations and people. Now there is no single complete copy anywhere. A house fire that takes one share takes nothing; below the threshold, Shamir's scheme reveals not "a little" about the secret but information-theoretically nothing, every possible seed equally consistent with what an attacker holds. There is no vendor to outlive, because reconstruction is pure math you can run with open-source tools. There is no chip to discontinue and no server to depend on. And unlike "lose all three cards and it's gone," redundancy is built into the threshold itself: you can lose two of five shares and still recover, lose a custodian to a move or a falling-out and still be whole. The seed still exists — you have just made sure it never exists in one reachable piece.

It would be dishonest to pretend threshold custody wins on the dimension the seedless camp actually cares most about, which is onboarding the absolute beginner in ninety seconds. It doesn't. Splitting and distributing shares is more deliberate than tapping a card to a phone, and that friction is real. But the debate that crowned "seed phrase = liability" was never really about the first ninety seconds. It was about the years afterward — the long tail of theft, loss, coercion, death, and human error during which a single complete secret quietly waits to fail. Against that, the right response is not to hide the secret inside a chip or a server and hope the redundancy holds. It is to make sure the complete secret never sits anywhere one event can reach. The critics are right that the seed, as usually held, is a liability. The cure is not to disappear the seed. It is to divide it.

seQRets is built on exactly that distinction. Your encrypted seed phrase, split into QR-encoded threshold shares, distributed across the locations and people you choose — open standard, no servers, no accounts, no vendor that can outlive your access, and no single complete copy for the next clever attack to swallow. Crypto twitter got the diagnosis right. This is the version of the cure that doesn't just move the liability somewhere you can't see it.