Seed Phrase Generation and Recovery in Mobile Crypto Wallet

TRUETECH is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Seed Phrase Generation and Recovery in Mobile Crypto Wallet
Medium
~3-5 business days
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1052
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Seed Phrase Generation and Recovery in Mobile Crypto Wallet

Seed phrase — only recovery point for entire wallet. If mnemonic generated with poor entropy or recovery yields different addresses — user loses fund access. Both scenarios happen in production.

Generation: Where Mistakes Happen

Most dangerous error — using pseudo-random source. Math.random() in JavaScript not cryptographically random. Date.now() as seed — catastrophe. For BIP-39 need exactly 128 bits (12 words) or 256 bits (24 words) cryptographically random entropy.

On iOS correct path — SecRandomCopyBytes:

var entropy = Data(count: 16) // 128 bits for 12 words
let result = entropy.withUnsafeMutableBytes {
    SecRandomCopyBytes(kSecRandomDefault, 16, $0.baseAddress!)
}
guard result == errSecSuccess else { throw WalletError.entropyGeneration }

On Android — SecureRandom from java.security, not Random:

val entropy = ByteArray(16)
SecureRandom().nextBytes(entropy)

React Native: react-native-get-random-values polyfills crypto.getRandomValues(), which uses native CSPRNG. Without this package @noble/hashes and @scure/bip39 work on unsafe source.

Recovery and Compatibility

Recovery — input 12/24 words → same addresses. Bugs usually in text normalization: extra spaces, unicode spaces (NBSP instead of regular), case. bip39.validateMnemonic() should return false for such, but UI should normalize input before checking — trim() and replace(/\s+/g, ' ') mandatory.

Second source of incompatibility — passphrase. BIP-39 allows optional passphrase ("25th word"). MetaMask ignores it (empty string). Trezor supports. If your wallet silently passes empty passphrase, user recovering where they specified one — addresses differ. Must explicitly ask on recovery.

UX for Seed Confirmation

Show words in groups of 4, not all at once. After show — verification: random 3–4 words in random order, user taps in correct sequence. Don't allow clipboard copy by default — clipboard read by other apps. If copying allowed, clear clipboard after 60 seconds via UIApplication/ClipboardManager.

On Android 10+ ClipboardManager.clearPrimaryClip() — public API. On iOS < 16 no direct clearing, set clipboard to empty string.

Process

Implementation, testing on BIP-39 official vectors, seed confirmation UI, recovery with input normalization. Timeline — 3–5 days. If passphrase support and compatibility with specific external wallet needed — add day for testing.