Q Safe Wallet
  • Getting Started
    • Overview
    • FAQs
  • Technical Details
    • Account Creation in Wallet
    • Quranium Chain Transaction Signing
    • ML-KEM Encryption for Backups
    • Backup and Recovery
  • All Features
    • Onboarding
    • Activity Section
    • Add Account
    • Multichain
    • Sending Transaction
    • Deposit Funds
    • Swapping
  • MULTICHAIN COMPATIBILITY
    • Quranium
    • Bitcoin & Derivatives
    • EVM
    • Solana
    • Other chains
  • BEST PRACTICES
    • Secure Your Backup and Mnemonic
    • Validate Transaction Details Before Signing
    • Monitor Account Activity Across Chains
    • Safe Interaction with DApps
Powered by GitBook
On this page
  • Secure Your Backup and Mnemonic: Best Practices and Guidelines
  • Introduction
  • Understanding Your Security Tools
  • Best Practices
  • Step-by-Step Workflow
  • Common Mistakes to Avoid
  • Note :
  1. BEST PRACTICES

Secure Your Backup and Mnemonic

Secure Your Backup and Mnemonic: Best Practices and Guidelines

Introduction

Securing your backup and mnemonic is critical to protecting access to your digital assets. Losing your 12/24-word mnemonic or ML-KEM private key means permanent loss of access, as backups are encrypted with a combination of ML-KEM (post-quantum encryption) and symmetric encryption. This guide outlines best practices, workflows, and common pitfalls to ensure your assets remain secure.


Understanding Your Security Tools

ML-KEM (Post-Quantum Encryption)

  • A quantum-resistant encryption algorithm used to protect your backup.

  • Losing the ML-KEM private key renders backups irrecoverable.

Symmetric Encryption

  • Used alongside ML-KEM for encrypting backups (e.g., AES-256).

  • Requires a strong password to decrypt.

SLH-DSA Keys

  • Used for digital signatures. Never share these keys, as they authenticate transactions.

Mnemonic Phrase

  • A 12/24-word seed phrase that regenerates your wallet’s private keys.

  • It is the ultimate backup. Losing it means losing access forever.


Best Practices

1. Store Your Mnemonic Offline

  • Write it down physically: Use paper or fire/water-resistant metal (e.g., steel plates).

  • Multiple secure locations: Store copies in a safe, bank deposit box, or with trusted parties.

  • Never store digitally: Avoid photos, cloud notes, or text files.

2. Encrypt Backups Securely

  • Use strong passwords: Combine uppercase, lowercase, numbers, and symbols (e.g., Nv7@qT!3xLp).

  • Separate backups from mnemonics: Never store encrypted backups and mnemonics together.

  • Use trusted cloud services: Enable 2FA for cloud accounts storing backups.

3. Test Recovery Periodically

  • Simulate recovery: Restore your wallet using the mnemonic every 3–6 months.

  • Verify decryption: Ensure backups can be decrypted with your password.

4. Never Share Keys

  • Avoid phishing/scams: Never share your mnemonic, ML-KEM key, or SLH-DSA keys via email, calls, or messages.

  • Beware of fake support: Legitimate services will never ask for your keys.


Step-by-Step Workflow

Exporting an Encrypted Backup

  1. Navigate to Settings: Go to Settings > Backup & Restore in your wallet/app.

  1. Export Backup:

    • Select Encrypt Backup and set a strong password.

    • Save the encrypted file to a secure cloud service (e.g., Google Drive with 2FA).

  2. Verify Decryption:

    • Immediately test decrypting the backup with your password.

    • Confirm all data (e.g., wallet addresses, balances) is intact.

Restoring from Backup (Testing)

  1. Initiate Restore: Use Settings > Backup & Restore > Restore Backup.

  2. Enter Password: Provide the password to decrypt the backup.

  3. Validate Recovery: Ensure restored wallet matches original (e.g., transaction history, balances).


Common Mistakes to Avoid

Storing mnemonics digitally: Even encrypted digital copies are vulnerable. Reusing passwords: Use unique passwords for backups and accounts. Ignoring recovery tests: Assume backups are corrupt until proven otherwise. Storing keys/mnemonics together: A single breach could compromise both.


Note :

Your mnemonic and ML-KEM private key are the gatekeepers to your assets. By following these practices—storing offline, encrypting backups, testing recovery, and guarding keys—you ensure resilience against loss or theft. Security is your responsibility. Stay proactive, stay safe.

PreviousOther chainsNextValidate Transaction Details Before Signing

Last updated 3 days ago