Should HW require user to confirm SEED awareness before firmware updates?

[satscraper]

Ok.

Let's assume that the majority agrees with OP's opinion. What next?

Shall we write letters to each HW manufacturer? Will the manufacturers add this SEED confirmation in the next release of the new firmware? In any case, the decision is up to each specific manufacturer, who can ignore it.

It will take tens or hundreds of thousands of "votes" to attract their attention, but look at the number of views of this topic - less than 200 at the moment. Even within this forum, there are not that many readers in this section.

I'm not saying that this is impossible (because if there is an idea that offers the necessary improvements, then need to try to implement it), I'm just curious, "what next?" after this vote and discussion of this topic.

If anything, seed confirmation should be optional: enabled by default, but can be disabled by the user if desired. This way, "both camps" will be happy.

As a customer of Foundation I believe I can reach out to them regarding this matter and reference this discussion. ^{I’ve contacted them several times in the past about other issues and have always received the positive response}.

Regarding the number of respondents here, I see it this way. On one side of the scale there are limited number of people who oppose this idea for various reasons. On the other side there are hundreds ^{if not thousands} who have lost their funds due to lost SEED before upgrading.I'm sure developers are already aware of many such cases and I trust they are wise enough to decide whether preventive measures are necessary.

[Lucius]

~snip~
Regarding the number of respondents here, I see it this way. On one side of the scale there are limited number of people who oppose this idea for various reasons. On the other side there are hundreds ^{if not thousands} who have lost their funds due to lost SEED before upgrading.I'm sure developers are already aware of many such cases and I trust they are wise enough to decide whether preventive measures are necessary.

Is there any point in trying to save people from themselves? People who are serious about what they do will never lose something as important as their seed backup (under normal circumstances), but those who are sloppy and irresponsible will mess up sooner or later.

What will we do with all those thousands who enter their seed on various online sites or save them in e-mail/cloud/as plain text on a computer/screen sample in a smartphone...?

[satscraper]

What will we do with all those thousands who enter their seed on various online sites or save them in e-mail/cloud/as plain text on a computer/screen sample in a smartphone...?

There's nothing special we need to do as we already do this constantly on the forum, every day, every hour, every minute warning people about malicious sites, scams, and other threats, including improper SEED storage that could result in the loss of their funds.

I don’t see any issue with HW being involved in this process.

[Meuserna]

~snip~
Regarding the number of respondents here, I see it this way. On one side of the scale there are limited number of people who oppose this idea for various reasons. On the other side there are hundreds ^{if not thousands} who have lost their funds due to lost SEED before upgrading.I'm sure developers are already aware of many such cases and I trust they are wise enough to decide whether preventive measures are necessary.

Is there any point in trying to save people from themselves? People who are serious about what they do will never lose something as important as their seed backup (under normal circumstances), but those who are sloppy and irresponsible will mess up sooner or later.

This.

Teaching is the answer.  We all need to become better teachers, because none of the companies selling hardware wallets do a great job of that.  Some barely even try.

Too many people don't understand the basics.  Even people in a forum like this!  That's why they don't understand how to protect themselves against disaster.  And, yeah, some people are just lazy.

I'm always shocked by how many Bitcoiners don't realize seed words represent numbers (used as entropy) for the math that generates their wallet.  The moment I understood that, I understood the importance of backing up my seed words offline, in human readable form.  I say "in human readable form," because I also have an encrypted seed QR made using my hardware wallet (Krux), but I would never rely on an encrypted backup as my only backup.  It's essential to have a human readable backup as the ultimate backup.

I do think hardware wallets should warn users before doing a firmware update to make sure they have a backup of their seed phrase, just in case.  But no amount of nagging is going to make lazy people less lazy.  And nagging doesn't teach those who don't understand.

In the end, teaching is the answer.  The more we help people understand how this stuff works, the more they'll be able to stay safe.

We all have to become better teachers.  Myself included.

[Pmalek]

Teaching is the answer.  We all need to become better teachers, because none of the companies selling hardware wallets do a great job of that.  Some barely even try.

All hardware wallets I have had in my hands explain how important it is to make backups of your seed and store it safely. They also have blogs on their websites, crypto manuals, and regular content posted over social media. The problem is that people hate reading and they don't have the concentration to pay attention to anything longer that the average TikTok video. It's very hard to help people like that. They already think they know it all and consider you a boring old-timer who is wasting their time with unimportant things.

[Wind_FURY]

Ok.

Let's assume that the majority agrees with OP's opinion. What next?

Shall we write letters to each HW manufacturer? Will the manufacturers add this SEED confirmation in the next release of the new firmware? In any case, the decision is up to each specific manufacturer, who can ignore it.

It will take tens or hundreds of thousands of "votes" to attract their attention, but look at the number of views of this topic - less than 200 at the moment. Even within this forum, there are not that many readers in this section.

I'm not saying that this is impossible (because if there is an idea that offers the necessary improvements, then need to try to implement it), I'm just curious, "what next?" after this vote and discussion of this topic.

If anything, seed confirmation should be optional: enabled by default, but can be disabled by the user if desired. This way, "both camps" will be happy.

As a customer of Foundation I believe I can reach out to them regarding this matter and reference this discussion. ^{I’ve contacted them several times in the past about other issues and have always received the positive response}.

Regarding the number of respondents here, I see it this way. On one side of the scale there are limited number of people who oppose this idea for various reasons. On the other side there are hundreds ^{if not thousands} who have lost their funds due to lost SEED before upgrading. I'm sure developers are already aware of many such cases and I trust they are wise enough to decide whether preventive measures are necessary.

There should be a CLEAR warning that upgrading would risk the user losing his/her seed words/phrase and that he/she should have the back-up with him/her in case something unexpected happens during the upgrade.

That's what Trezor does, and that's enough in my opinion. Although, hardware wallet manufacturers could build a feature called "newbie mode" that takes care of newbies.

[satscraper]

Ok.

Let's assume that the majority agrees with OP's opinion. What next?

Shall we write letters to each HW manufacturer? Will the manufacturers add this SEED confirmation in the next release of the new firmware? In any case, the decision is up to each specific manufacturer, who can ignore it.

It will take tens or hundreds of thousands of "votes" to attract their attention, but look at the number of views of this topic - less than 200 at the moment. Even within this forum, there are not that many readers in this section.

I'm not saying that this is impossible (because if there is an idea that offers the necessary improvements, then need to try to implement it), I'm just curious, "what next?" after this vote and discussion of this topic.

If anything, seed confirmation should be optional: enabled by default, but can be disabled by the user if desired. This way, "both camps" will be happy.

As a customer of Foundation I believe I can reach out to them regarding this matter and reference this discussion. ^{I’ve contacted them several times in the past about other issues and have always received the positive response}.

Regarding the number of respondents here, I see it this way. On one side of the scale there are limited number of people who oppose this idea for various reasons. On the other side there are hundreds ^{if not thousands} who have lost their funds due to lost SEED before upgrading. I'm sure developers are already aware of many such cases and I trust they are wise enough to decide whether preventive measures are necessary.

There should be a CLEAR warning that upgrading would risk the user losing his/her seed words/phrase and that he/she should have the back-up with him/her in case something unexpected happens during the upgrade.

That's what Trezor does, and that's enough in my opinion. Although, hardware wallet manufacturers could build a feature called "newbie mode" that takes care of newbies.

Well, after considering all the arguments presented in this thread, I’ve come to the conclusion that the natural resting point of this issue could be the wallet feature that suggests to check whether the given user is still aware of their SEED phrase by completing the short quiz. If the user doesn't want to take this quiz and prefers to proceed with the upgrade at their own risk, they should be allowed to do so without being forced to check their SEED first.