The user’s wallet recovery data and channel states are backed up on their respective cloud storage provider. The recovery phrase only needs to be backed up once. However, channel states may need to be backed up frequently because they change every time the user’s wallet sends, receives, or routes a payment; therefore, the channel state should be backed up automatically.
If the user’s device is lost, stolen, or broken, they can use the backup from their cloud storage account (such as Apple iCloud or Google Drive) to regain access to their funds. To learn more about the technical details, hop over to the private key management section on this topic.
Crypto rookies perceive themselves as “incapable of self-managing keys”.
This method provides users with the feeling that they can rely on their cloud provider to regain access to their funds rather than putting the responsibility on themselves.
Below is an example of what the user interface might look like for an automatic cloud backup that significantly reduces friction during onboarding. An optimal phase to show this may be after the wallet has received funds for the first time, so that the user has an incentive to back up their wallet.
One approach is to explicitly explain within onboarding carousels that a user’s wallet backup is stored on the cloud; this means that if they lose or break their device, they can regain access to their funds on another device using their respective cloud account and bitcoin wallet app.
On a similar note, it’s crucial that you also explain that if someone else knows their cloud account information, they can gain access to their funds, too.
Do: Inform your Users
Before creating a wallet backup via cloud backup, make sure the user knows what they are about to do. Once the backup is complete, provide a summary and some reassurances before moving on. This is a good place for loading interactions and animation because there will likely be a few seconds between when a user clicks to upload to the cloud provider and when it completes.
By not making users manually backup, you decrease the risk of self-inflicted loss of funds. Automatic cloud backups put less pressure and responsibility on the user.
While this is an easier way for users to set up a wallet, it brings in the potential threat of malicious third-party access. If a user’s cloud account is hacked, their funds could be compromised. This can be mitigated by encrypting the wallet recovery data before sending it to the cloud provider. However, the user could still lose access to funds if they forget their cloud login information or the cloud provider blocks their access.
By bringing cloud storage providers into the equation, we assume that users trust their providers. This also raises the question of decentralization: a guiding principle of the bitcoin space and could be considered in conflict with the popular saying, “not your keys, not your coins”.
Don’t: Use for High Value Amounts
Automatic cloud backups should not be considered for products with users that are storing high-value amounts. This is because there are potentially more security threat vectors.
To grant users some ownership of their wallet data, you can create an optional manual backup within the settings menu. A great way to do this is by framing it as an extra layer of security or a good alternative in case the user loses access to their cloud account, or feels uncomfortable trusting their cloud provider.
In the next section we will show different methods for manual backups.