How is the seed phrase stored in trust wallet

how is the seed phrase stored in trust wallet
I assume the seed phrase is never stored in the clear on the disk of the device.

is the seed phrase encrypted on the disk of the device,
which encryption algo is used when storing the phrase, AES-256 ?

is the seep phrase ever loaded into memory in the clear, while the trust wallet software is running ?

if I took a memory dump and looked with a HEX editor, would i see the seed phrase just sitting there in the clear ?

6 Likes

Hello @srgbrg
Please take note that your seed phrase is never stored on your device neither do we have a backup of your seed phrase.
There is a prompt to make a backup of your seed phrase when you create a Trust wallet account and you can do that by writing down your seed phrase on a paper and storing safely or storing in any other safe way you prefer.

Learn more here:

2 Likes

“your seed phrase is never stored on your device”

this is clearly a false statement,

by clicking “settings” → “wallets” → “into”. → “show secrete phrase”

the seed phrase is revealed. the seep phrase is in fast stored on the device. can a developer or some one with a bit of technical proficiency please reassure us that the seed phrase is encrypted on disk and memory

4 Likes

@srgbrg Like i said above, your seed phrase isn’t stored or encrypted on your disk or memory.

2 Likes

How to Find Your Recovery Phrase in the Trust Wallet App

  1. Step 1: Open Trust Wallet on Your Phone. Assuming your account is set and ready to go, you just need to open the app on your phone. …
  2. Step 2: Go to Wallet Settings. …
  3. Step 3: Tap on “Show Recovery Phrase” …
  4. Step 4: Copy the Recovery Phrase.

“settings” → “wallets” → “show secrete phrase”

reveals the seed phrase

the seed phrase is stored on the device.

probably asking at github com /trustwallet/wallet-core. we can get a more technical answer

1 Like

@srgbrg You can check the seed phrase on your device this way only when your wallet is already on that device.
Write down your seed phrase on a paper, delete your wallet or the app and try finding your seed phrase on your device then and see if that’s possible.

1 Like

quote “You can check the seed phrase on your device this way only when your wallet is already on that device.”

yes correct. and so trust wallet must store the seed phrase. my original question was.

how is the seed phrase stored, which encryption algorithm is used, is the seed phrase ever loaded into memory in the clear.

quote “Write down your seed phrase on a paper, delete your wallet or the app and try finding your seed phrase on your device then and see if that’s possible.”

you are changing the question i asked. you are now talking about deleting trust wallet app. of course when the app is deleted you would expect all data to be “removed” from the device. from you statement above, you have just implied that the seed phrase must be stored on the device. which of course it is.

I would like to ask my original Question.

how is the seed phrase stored in trust wallet, which encryption algorithm is used to store the seed phrase, is the seed phrase ever loaded into memory in the clear ?

given trust wallet is an open source project, the answers to these questions should not be proprietary.

1 Like

in this link trustwallet com /blog/could-someone-guess-your-mnemonic

Quote.
" Note that your recovery phrase is encrypted on your device. This means that the Trust Wallet team cannot access it. Only you control your funds when using Trust Wallet."

would there be any proficient open source code contributor who might explain how the seed / recovery phrase is encrypted on the device, which algorithm is used, how that key is obtained / stored ?

how the phrase is not loaded into memory in the clear on the device.

Of course, it is stored on our device. That is why the app asks for a password to encrypt it on the device.

your seed phrase isn’t stored or encrypted on your disk or memory.

@JennyMillan That is wrong. Even seed phrase derivation/recovery happens (memory access) on the device.