In a Casa multisig vault, we consider retaining the seed phrase backup for your hardware device(s) to be optional. For the 5-key or 6-key vault, we recommend keeping only one of them.
See Seedless multisig for more info on this.
If you do decide to retain one or more of the device seed phrases, you should note the following security considerations:
- The seed phrase should be recorded in such a manner that it never touches the internet (write it down on paper, or use a bespoke solution such as a Seedplate backup)
- Keep the seed phrase in a secure location (e.g., home safe, bank deposit box)
- Seal the seed phrase itself in tamper-evident packaging
Should something happen to your physical hardware device, you can use the backup seed phrase to restore the device in its entirety. This means that a new hardware device that has been restored from your backup seed phrase will have a restored copy of the corresponding Casa signing key. It will function in place of the old key exactly as though it were the old key.
If your hardware device becomes damaged or otherwise fails and you have a backup seed phrase, you can get a new device, restore it with the seed phrase, and no additional steps or changes need to be made to your Casa keyset. From the perspective of your multisig setup, it's like nothing ever happened. The new key is an exact duplicate of the old one.
Should your device become damaged, and you do NOT have a seed phrase backup, you could simply follow the steps to replace that key with a new one and transfer your funds to a new keyset.
NOTE: If your hardware device is lost to theft, you should consider that key compromised. Even if you have a backup seed phrase, you should replace that key with an entirely new device and an entirely new seed phrase.
If you should need to restore a device using the seed phrase backup, you should follow that manufacturer's guidelines on setting up a restored device.
External resources:
Restoring seed phrase with Trezor
Restoring seed phrase with Ledger
Restoring seed phrase with Coldcard
