PSA: Be extremely careful when entering your passphrase in Sparrow Wallet

Bitcoin wallet clients can differ greatly from each other in terms of UX, but one thing you may be used to is having your private key stored in an encrypted file, as Electrum does.

Although Sparrow appears to store the 12-24 standard seed words, every time you reopen your wallet file and are prompted to enter a passphrase, it regenerates the private key on the fly.

Because there’s no second confirmation of that passphrase (apart from when you first create the wallet), if you have a typo in your passphrase, you’ll end up with a completely different set of UTXOs that you may never be able to recreate again.

I found this out the hard way while setting up several new multisig wallets for friends and family. After creating the wallets, I took a break and closed Sparrow. Came back later to reopen the wallets and send small test transactions to them. With one wallet, I mistyped the passphrase and because there was no transaction history yet, it wasn’t obvious that the UTXOs weren’t right. So that’s a few sats lost to the void forever.

This isn’t meant to knock Sparrow as it has an otherwise great design and feature set. But it’s important to think of its passphrase feature as more akin to, say, Trezor Suite’s hidden wallets with the Remember option disabled, rather than being a direct equivalent to Electrum.

Submitted March 28, 2022 at 12:25AM by hiyadagon https://ift.tt/IOnfi3H