Introducing the world’s first 2FA backup system for non-custodial Bitcoin wallets.

7 min readOct 22, 2019

In our quest for finally getting rid of the legacy 12 words seed system, we are taking the first step by introducing the notion of split key systems that increase both security and usability exponentially. The following article intends to give transparency to our decision making process.

Motivation (why?)

Innovation is very rooted in HandCash’ DNA. We strive not only to create the best products possible, but also to push for new standards and better interoperability for the rest of the industry.

With that in mind, we are never afraid of thinking outside the box to solve problems, and often times that means acting differently than the rest of companies in our industry.

One of the biggest hurdles we face with Bitcoin, is how counterintuitive is to secure your funds as a non-custodial service. We see not just “noobs” but also experienced “bitcoiners” lose their keys constantly, delaying writing them down for weeks and then they lose their phones… it’s a mess. And it’s a mess we feel responsible to fix for or users.

If we are dealing with money, the main goal here is to make sure people always have access to their funds. It’s not about the how, it’s just morally wrong to turn our heads on this situation as our users lose their savings and hard earned money. Something has to be done.

We believe in economic sovereignty and this is something very important for us, at a personal level. The fact that you can own your money and use it anytime, anywhere.

So how can we accomplish that while making it not just easier, but even invisible? Well, we think we have figured out how to — but it will require a few phases of adaptation if you will.

Until all pieces are in place and we can remove the 12 words entirely, the current 2FA system provides stronger security with the same UI, and allows us to block other companies to access HandCash accounts with the purpose of efficiency and security gains.

This last point sounds very controversial in Bitcoin — and it is! but there are reasons why we decided to do it, and we are convinced it’s unavoidable that others will do the same if they wish to scale and serve millions of users.

How does the 2FA backup system work

The initial phase of this system is pretty simple.

When a new account is created by phone verification, a private key is generated in the user’s phone, where the account structure is allocated. One of those 12 words seed sets is secured by HandCash -with redundancy and cold storage backups- and the other set of 12 words is the one we give to the user. For familiarity we are calling it “Recovery Phrase”.

HandCash can never access the full private key where the account structure is allocated, as it is only regenerated in the user’s phone after validating the phone number and the Recovery Phrase.

Of course users have the ability to change the phone number attached to their account, and they will still need to write down and keep safe a set of 12 words — same thing they’ve been doing to this point.

Another interesting trait is we are making use of the iPhone’s Keychain, which is a protected space of Apple ID accounts reserved for developers and only accessible through the app that originally created that data.

That means in many cases if the user tries to restore their account on a new device tied to the same Apple ID, they might not even have to validate the phone number to restore their accounts as long as they have the same Apple ID session on that iPhone. It just works, and this data it’s not available for any other app or user as it’s encrypted and stored in a secure chip in your phone.

For Android phones this is more tricky due to fragmentation and the different way their “KeyStore” works as opposed to Apple’s Keychain.

Although they Keychain does NOT remove the need of writing down and storing the Recovery Phrase, it can help in certain situations whereas without it some people might lose access to their money. So we don’t rely on this 100% but it’s there just in case the conditions are ideal, for convenience.


Drastically reduce chances of human error: We found that almost 40% of our users take screenshots of their 12 words seeds, many write down the words with typos (specially non-English speaking users) and others write down the words in cloud note services such as Evernote.

These are very bad security practices, but we understand it’s convenient and people will do it regardless so, why don’t we make it more secure?

With our new system, the full private key is never exposed to the user, so the chances of others accessing our money drastically decrease. And in case your Recovery Phrase gets exposed, it’s useless without phone validation. Hence the 2 Factor Authentication (2FA) denomination of this technique.

When compared with current Bitcoin 12 words seeds where the money is accessed straight through them, there’s no layer of protection — if you lose them, you are 100% screwed and your money is taken away. Always.

With our new system you can afford to be more casual when saving the Recovery Phrase as it does nothing by itself. The attacker would have to know your phone number and try to spoof the SMS verification — which is way too hard to pull off even for experienced hackers, and given we are dealing with small amounts of money, an attack wouldn’t even be economically worth it.

BIP270: We will be transitioning all of our infrastructure to BIP270. Here’s the documentation about how this new way of handling Bitcoin transactions works. We agree with Ryan X Charle’s view that if we intend to scale, we need to become way more efficient, and BIP270 is our bet for accomplishing this.

In short, the way this works is that transactions will be sent straight to the receiver’s service and they do the broadcast directly to the miners — and it’s instantly determined if the transaction is valid or not.

This is a huge time and resource saver as we don’t have to be constantly listening to the blockchain.

But for this to work, to keep things in sync and to benefit from the efficiency gains, our systems need to be the receiver’s end and for that we cannot allow any other party to interfere. In other words: HandCash accounts must only work on HandCash for this efficient scheme to work.

We have already implemented BIP270 for all $handle to $handle transactions in HandCash and can already tell the efficiency gains are absurd.

Increased account complexity: Another big reason for not wanting to make HandCash accounts importable by other Bitcoin wallets is this allows us to create a complex HD wallet tree for all our needs.

We plan on making it possible to add business accounts, family accounts and other kinds of accounts to your current HandCash account. Each with its particular path and sub-paths. So only one “key” and phone number can recover all the wallets you have at home, and your business ones too.

QR code transactions, Paymail and $handle transactions are in different paths too — like if they were different wallets! This allows us for an efficient use of rotating addresses.

The only way we could do this while making it exportable to other wallets would be for all companies on Bitcoin to agree to follow our same exact structure — and most of them will never have the need for doing so.

So instead of trying to force others to follow suit and use our same wallet structure, we are taking steps towards creating the best products we can, regardless of how many sacred cows stand in the way.

Future of backups

We plan on implementing more of these kind of Split Key and Threshold Signature schemes until backups happen seamlessly (not requiring an extra action by the user to actually secure their funds) and account recoveries are fast, reliable and as easy as any regular app or service people already use.

With BIP270 becoming the default way of handling Bitcoin transactions, and as complexities of wallet structures increase, we think it’s unavoidable for each Bitcoin service to have its own particularities instead of limiting their efficiency or innovation for compatibility’s sake.

Even more, nothing is stopping you from sending money from one service to another. So, why should we care that much about importing or exporting entire wallet structures when you can simply send your money to your MoneyButton account or to your Simply Cash wallet using Paymail?

The drawbacks of limiting ourselves when we see there’s no practical reason for it are huge compared to all we can gain by embracing individuality.

Some might argue that it is important to have an exportable private key for a service in case that service goes bankrupt, but that is in our view, nonsense. Any responsible company would provide a solution for you to withdraw your funds within a reasonable time frame.

And remember HandCash Labs S.L. is a registered company, not a hobby project whose founders can suddenly disappear overnight

The reality is nobody outside of Bitcoin expects to “sync” their WhatsApp accounts into Telegram, or your Facebook account into Twitter. So this only sounds outrageous to a small minority.

But make sure we care about that small minority and that’s why this article has been written — we just aim to build products you can recommend to your closest ones to introduce them to Bitcoin. That’s our place! And we understand that will only happen if you trust what’s going on behind all the decisions we make and the changes we introduce. We are more than OK if you yourself prefer to use more “status-quo” Bitcoin apps.

We are laser focused on creating the best products we can, and as a small company with limited resources, we have to pick very well what to build for the long run, instead of just following the old rules of Bitcoin blindly.