Backup & recovery
When a user generates and funds a new daily spending wallet, they will then need to create a backup of their wallet in order to ensure their bitcoin are not lost.
Two main types of information need to be backed up: the user’s wallet recovery data and their Lightning channel state. While the wallet recovery data may be used to restore the wallet using another wallet application, the channel state is typically only restorable within the same application.
- The Recovery phrase is the fundamental information (consisting of 12 or 24 words) used to construct a wallet
- The Passphrase is an optional password for additional security
- The Derivation path includes information on how to construct the wallet
- A Fingerprint allows for verification that the wallet was reconstructed correctly after import
- Static channel backups contain all basic information about active Lightning channels
- A Channels database contains data on payments made in active Lightning channels
Users who lose both their wallet access and their backup permanently lose their bitcoin. Arguably, this creates one of the most challenging design problems within the space.
Backups could be handled automatically by the software, manually by the user, or a mix of these two methods. Regardless of the type of scheme you decide to go with, it’s crucial to be explicit about how your product handles backups and private key management.
We recommend that the optimal phase to hint the user to perform the backup should be after the wallet has received funds for the first time. This way, we avoid overwhelming the user with an unnecessary task, as it makes more sense to backup a wallet with funds on it.
Recent studies show users are often confused or unaware of where their private keys are being stored, ultimately causing inadequate risk assessment and poor storage behavior. This risk of user negligence may be avoided with transparent messaging around the scheme your wallet is using.
New-to-crypto users often expect a recovery mechanism that allows them to “regain access to their funds in the case that they lose their seed phrase.”
As researched by Voskobojnikov et al
Cloud backups may be preferable in many situations. They speed up the onboarding process, are easier for newer users, and protect the user from mishandling their recovery phrase and potentially losing funds. They can also be automated to help ensure an up-to-date backup of channel state if the user loses their wallet. This type of gateway gives a beginner security without overwhelming them with unfamiliar onboarding actions.
However, there may be times when it is necessary to use a manual backup alternative, as it can be low tech and easily accessible.