Secret Key basics

What are Secret Keys and how do they work?

Secret Keys are typically 12- or 24-word phrases that authenticate you to products built with the Bitcoin or Stacks blockchain such as Leather.

They are otherwise known as "seed phrases", "mnemonic seed phrases", "recovery seeds" or "recovery phrases".

Secret Keys are like strong passwords in that they protect your identity and STX holdings. However, unlike passwords, they can never be recovered – by you or anyone else – if lost. So be sure to always back up a copy in a very secure place that you remember!

‍See our instructions for securing Secret Keys.

Think twice whenever entering or giving your Secret Key

Always double check that you trust any downloaded software or website that prompts you for your Secret Key before proceeding to enter it!

Never give your Secret Key to anyone online, no matter how trustworthy they seem. Beware especially anyone who claims to need your Secret Key urgently for any purported emergency, financial or otherwise.

It's common for cryptocurrency users to suffer phishing attacks that fool them into providing their Secret Keys to malicious actors. Once your Secret Key is stolen by "bad" websites or software, there are no guarantees that you will get your associated STX or other digital assets back. And you will surely have to generate a new Secret Key for future usage since the original one will have been compromised forever.

12 vs. 24-word Secret Keys

The Leather app for desktop has always generated 24-word Secret Keys for new users, whereas other products such as the Blockstack Browser and have generated 12-word Secret Keys for new users.

Generally speaking, if you purchased STX before 2021, your STX holdings are almost certainly associated with a 24-word Secret Key or hardware device such as Ledger or Trezor.

If you have a 12-word Secret Key and never used Trezor or Ledger, you most likely generated it when trying separately to use apps built with Stacks (previously known as "Blockstack") in a web browser. Please ensure that you are entering a separate 24-word Secret Key into Leather for desktop to view and manage your balance.

Secret Keys generated by certain Trezor or Ledger devices constitute an exception to this general rule since they may contain 12 or 18 words. You can enter Secret Keys with 12 words directly into Leather to view your holdings if you used a Trezor or Ledger device originally to set them up. Any other lengths such as 18 words must be loaded onto a Ledger device and cannot be entered directly into Leather (desktop). However, we recommend you maintain Secret Keys of any length on a Ledger device and connect with that instead to maintain a higher level of security.

You can use 12- or 24-word Secret Keys across both the desktop and web versions of Leather. However, we generally recommend that you generate and use a separate Secret Key for entry in the web browser since it's a less secure environment than desktop software.

Exporting Secret Keys from Trezor or Ledger

Secret Keys originally generated and held on Trezor or Ledger devices can be entered into Leather directly as long as they have 12 or 24 words (the extension also accepts 15, 18, 21 word seeds). However, we highly recommend that you continue using a hardware wallet to connect with Leather to ensure the same level of security to which you are accustomed.

If your Trezor or Ledger device has an additional passphrase, you will need to send your STX to a separate address without a passphrase before entering its Secret Key directly into Leather. There is no way to enter a Secret Key with a passphrase directly into Leather.

Trezor users with passphrases can migrate their underlying Secret Keys and passphrases to Ledger devices for use with Leather. This is the only option for Trezor users with any number of words (e.g. 18) aside from 12 or 24. See our Trezor guidance for details.

Secret Keys must be BIP39 compatible

Secret Keys generated by Leather are BIP39 compatible and in English.

All Secret Keys entered into Leather must also be BIP39 compatible and in English.

Check if your Secret Key is compatible by cross-checking all of its words against the corresponding list by language.

Note that small transcription errors can lead to problems authenticating with your Secret Key. You may want to check in the lists above for possible variants of the words you've transcribed to correct such errors.

Also, ensure that your Secret Key conforms to the following upon entry:

  • All lowercase

  • Words with only a single space in between

  • No preceding numbers or other indication marks

Last updated