search

No Seed Storage

hashtag
What is never stored

Decoy Phrase never stores seed phrases or original sensitive data in any form. Specifically, the system never stores:

  • Seed phrases (mnemonic words)

  • Private keys or recovery codes

  • Passwords in their original form

  • Sensitive data in plaintext

  • Copies of sensitive data that the system could decrypt

When users transform their original seed phrase or sensitive data into decoy text, the entire process is performed fully offline on the user’s device. No data is sent to Decoy Phrase servers, no backend processing occurs, and no sensitive information ever leaves the user’s device at this stage.

When users choose to use permanent storage, what is stored is not the original sensitive data, but instead:

  • The decoy text, and

  • The mapping file

triangle-exclamation

Both must be stored in separate locations, for example by using Multi-Password Vaults, where each password corresponds to a separate storage space. This approach ensures that no single file or single access is ever sufficient to recover the original data.

hashtag
Why this removes attack vectors

Most digital security attacks focus on obtaining the original data—seed phrases, private keys, or passwords—whether through server breaches, database leaks, malware, or abuse of internal access.

With the No Seed Storage principle, Decoy Phrase eliminates the primary attack target from the outset:

  • There is no database of seed phrases or secrets to hack

  • There is no vault containing original data, even in encrypted form

  • There is no backend or administrator with access to user secrets

  • There is no high-value single point of failure

Because the original seed phrase never exists within the system, even if file leaks occur, permanent storage is accessed, or public metadata is exposed, there is no information that can be used to take over user assets.

circle-check

This approach shifts the security model from “protecting valuable data” to “eliminating the existence of valuable data.”

hashtag
Comparison with password managers

Aspect
Traditional Password Managers
Decoy Phrase

Original data storage

Stores original passwords or secrets inside a vault

Does not store seed phrases or original sensitive data at all

System architecture

Typically relies on a backend and cloud synchronization

Does not rely on servers or a backend

Security model

Depends on vault encryption and a master password

Has no vault containing secrets that the system can decrypt

Attack target value

High-value target because it contains original data

Has no high-value objects that can be stolen

Impact of a breach

If the vault or master password is compromised, all contents may be exposed

Leaking a single component is never sufficient to recover the original data

Stored data

Encrypted original secrets

Separate decoy text and mapping file

PreviousZero KnowledgeNextNo Third Parties

Last updated