Two very different approaches to backing up a BIP39 seed phrase: an encrypted file you save anywhere (SeedCrypt) versus an NFC smart card you tap with your phone (Seedkeeper). This guide breaks down where each one wins and where the trade-offs hurt.
TL;DR
- Seedkeeper is an open-source NFC smart card by Satochip (~€60). It stores your seed in a tamper-resistant secure element you tap with your phone.
- SeedCrypt is open-architecture offline software (€29 one-time, free tier available). It produces an encrypted file (AES-256-GCM) you save on any USB stick or disk.
- Both are excellent at different things. Seedkeeper wins on physical tamper-resistance; SeedCrypt wins on cost, multi-copy redundancy, and zero hardware dependency.
- Many users combine the two — Seedkeeper as primary cold backup, SeedCrypt as offsite redundant copies.
What is Seedkeeper?
Seedkeeper is a smart card device produced by Satochip, a Belgian company specialised in cryptocurrency hardware. Form factor: a credit-card-sized PCB (or a Java-Card chip) that stores BIP39 seed phrases inside a tamper-resistant secure element (the same kind of chip used in passports and bank cards).
You communicate with it over NFC using the official Seedkeeper mobile app (Android, iOS) or via a USB card reader on desktop. The seed never leaves the chip in plaintext: when you read it, you authenticate with a PIN, and the seed is decrypted on-card before being shown.
The firmware is open source under GPL v3 — you can audit the Java Card applet on GitHub. The hardware itself uses certified secure-element chips (Common Criteria EAL5+).
Seedkeeper highlights
- Tamper-resistant secure element — physical attack on the chip costs five-figure lab time.
- NFC-readable — tap the card on a phone, no cable.
- PIN-protected — wrong PIN attempts increment a counter, card wipes after the limit.
- Open-source firmware — full auditability of the Java Card applet.
- Supports multiple seeds and notes on a single card.
- Sold by Satochip directly, on Amazon, and via re-sellers in EU/US.
Seedkeeper trade-offs
- Cost — €60–75 per card. For multiple geographic backups, that adds up fast (3 locations = €180–225).
- Physical dependency — losing or destroying the card means losing the data on it. You need a backup of the backup (paper or other).
- Vendor lock-in — the card needs the Satochip app to read. If the company disappears, your only fallback is the card-reader hardware spec, which is documented but non-trivial to use.
- NFC required on phone — older phones or feature-phone users can't use the mobile flow.
- Not portable as digital file — you can't email yourself an encrypted backup or stash it on cloud storage encrypted-at-rest. The data lives on the chip.
What is SeedCrypt?
SeedCrypt is offline-first encryption software for Windows and Android. You enter your BIP39 seed phrase, choose a strong password, and the app produces a small .json file encrypted with AES-256-GCM and a key stretched through PBKDF2-SHA512 (600,000 iterations).
You can save that file anywhere: USB stick, SD card, external drive, optical disc — even paper as a printed QR code. The file is meaningless without the password. To decrypt, you load the file into SeedCrypt on any supported device and enter the password.
SeedCrypt itself never makes a network call. License activation is offline (HMAC-SHA256 verified key, no server callback). It runs in airplane mode just fine.
SeedCrypt highlights
- AES-256-GCM + PBKDF2-SHA512 600,000 iterations — same primitives used by 1Password, BitLocker, and Bitcoin Core.
- Zero network calls — fully air-gapped, no telemetry.
- Multi-copy at zero marginal cost — copy the encrypted file 100 times to 100 places.
- Cross-platform — Windows EXE + Android APK, same encrypted file format.
- QR / PDF export — for paper backups (printed QR of the encrypted blob).
- Free tier for 1 seed; paid tiers from €29 one-time (no subscription).
- Free recovery tool — SeedCrypt Recover (open source, MIT) brute-forces missing or mistyped words.
SeedCrypt trade-offs
- Software dependency — you need a Windows or Android device to decrypt (not a problem in practice; the app is small and offline-installable).
- Password is the single point of failure — forget your password and the encrypted file is useless. Mitigation: use a memorable phrase + write it down separately.
- Storage medium can fail — but mitigated by keeping multiple copies.
- Source code currently closed for the main app (the recovery tool is open-source). Trust comes from offline verification — the binary makes zero outbound connections, easy to verify with a network monitor.
Side-by-Side Comparison
| Criteria |
Seedkeeper
(Satochip NFC card) |
SeedCrypt
(offline software) |
| Form factor |
Smart card / dongle |
Encrypted .json file |
| Price |
€60–75 per card |
Free / €29 one-time |
| Encryption |
Secure element (HW) |
AES-256-GCM (SW) |
| Tamper-resistance |
Yes (CC EAL5+) |
Strong password required |
| Air-gapped |
Yes |
Yes |
| Multi-copy redundancy |
One per card (€60+ each) |
Unlimited copies, €0 |
| Physical loss = data loss |
Yes (card-bound) |
No (file can be re-copied) |
| Read on phone |
NFC tap |
Android app |
| Read on Windows |
Via USB card reader |
Native EXE |
| Open-source code |
Yes (firmware) |
Recovery tool only |
| Recovery if password lost |
Possible via PIN reset |
Recover tool available |
| Vendor lock-in risk |
Card-specific app |
Standard AES file |
| Long-term durability |
Years (HW chip) |
Depends on medium |
| Multiple seeds per unit |
Yes |
Yes (Family/Business) |
Different Threat Models
The two products optimize for different attacks:
Seedkeeper protects best against:
- Physical theft of one location — the chip resists physical extraction.
- Software supply-chain attacks — there's no software running on a general-purpose OS.
- Coercion (limited) — PIN counter wipes after wrong attempts.
SeedCrypt protects best against:
- Loss / destruction of any single backup — you have N redundant copies for free.
- Geographic risks (fire, flood, war) — copies in different countries are trivial.
- Need to share with heir / family member — give them an encrypted file + password instructions in your will.
- Travel / cross-border — a USB stick draws less attention than a smart card with cryptocurrency branding.
The "right" tool depends on what you're afraid of. If you're afraid someone might find your backup and read it, both work. If you're afraid you'll lose your backup, SeedCrypt is more forgiving. If you're afraid of a tech-savvy attacker getting physical access, Seedkeeper is harder to break.
The Pragmatic Setup: Use Both
For users with serious holdings, the recommended setup is layered defense:
- Primary cold backup: Seedkeeper card stored in a safe at home. Tamper-resistant, physically durable.
- Geographic redundancy: SeedCrypt encrypted file on 2–3 USB sticks in different locations (relative's house, bank vault, separate apartment). Cost: a few euros per stick.
- Inheritance copy: SeedCrypt encrypted file in your sealed will or estate documents, with password instructions transmitted separately to your executor.
- Recovery insurance: If you ever lose part of a known backup, the open-source SeedCrypt Recover tool can brute-force missing or mistyped words against a wallet address you own.
None of these copies on its own is a complete backup. Combined, they cover loss, theft, fire, flood, jurisdiction risk, and human typo errors.
Which Should You Pick?
Pick Seedkeeper if:
- You hold significant funds and want hardware-level tamper resistance as your primary line of defense.
- You're comfortable with the €60+ price per backup location.
- You prefer a physical object you can hold and lock in a safe.
- Open-source firmware audit is important to you.
Pick SeedCrypt if:
- You want zero hardware dependency — just a file you can copy anywhere.
- You want multiple geographic copies at marginal zero cost.
- You travel and don't want to carry crypto-branded hardware.
- You like the idea of a free recovery tool for typo / missing-word scenarios.
- You want to share an encrypted backup with an heir or co-signer easily.
Pick both if:
- You hold serious funds and can justify both costs.
- You want defense-in-depth with two complementary failure modes.
- You want a setup that survives both "house burned down" and "card got stolen".
Conclusion
SeedCrypt and Seedkeeper aren't really direct competitors — they solve overlapping but distinct problems. Seedkeeper is excellent at making one backup hard to physically tamper with. SeedCrypt is excellent at making many backups easy to spread, store, and recover.
If you can only pick one, the question is which failure mode worries you more: "someone finds my backup" (Seedkeeper wins) or "I lose my backup" (SeedCrypt wins). For most users, redundancy beats tamper-resistance — which makes SeedCrypt a better fit. For very high-net-worth users, both together is the right answer.