Security


What is a Secret Recovery Phrase

A Secret Recovery Phrase (Seed phrase) is a series of randomly-generated words that give access to your wallet address in TON Space. It's crucial to keep this phrase confidential. Anyone with access to it gains full control over your TON Space funds.

⚠️ Note: Keep the secrecy of your Secret Recovery Phrase.


How can I find my seed phrase in TON Space

At any time, you can find your seed phrase within your TON Space, by going to Settings > TON Space > Tap to view phrase.


Where is my seed phrase stored

Your seed phrase is stored only on your device. Neither Wallet nor Telegram have access to it.


What should I do if I lost my Secret Recovery Phrase

If you have not opted in for TON Space email recovery, and you have no access to devices with your TON Space enrolled, you will lose access to your assets.

As TON Space is a non-custodial wallet, only you have access to your Secret Recovery Phrase. Wallet cannot recover access if a TON Space account is lost. Read about the differences between Wallet and TON Space here.


What should I do if I lost my seed phrase and didn't have email recovery turned on

During TON Space creation, you can provide your email address for wallet recovery via email and your Telegram account.

If not, you can recover using your Secret Recovery Phrase. Keep your Secret Recovery Phrase safe for potential TON Space recovery.

⚠️ Note: If you do not have your Secret Recovery Phrase saved offline and have not setup Recovery over email, you may lose your funds.


How can I restrict access to my TON Space wallet

Only you can access your TON Space wallet because to be able to use it, one needs to log in to your Telegram account on your specific device. To ensure your wallet’s security, avoid sharing your unlocked device with anyone else.


How does the backup process work in TON Space

There are two backup options. The first is an email backup, with a unique decryption key generated on your device. This key encrypts your seed phrase and splits the newly encrypted piece into two parts, known as shards, which are then sent to the corporate servers. Wallet stores the decryption key, TON Space keeps the first shard separate from Wallet, and Telegram secures the second shard. Both shards are securely encrypted, making it impossible for any party, other than yourself, to access your TON Space account.

The second option is a manual backup, where your seed phrase is only stored on your device, meaning neither Wallet nor Telegram will have access to any piece of your TON Space information.

⚠️ Note: If you lose access to your Telegram account or your email, you will need your Secret Recovery Phrase to recover your TON Space funds.


Does the Support team know the email I added for recovery, my TON Space address, my seed phrase

The Support team cannot access your email information. Also, no one, except you, can access your Seed phrase, even the TON Space support team.

Thus, it is important that you write down the Seed phrase and store it in a safe place, even if you already made an email backup. 


Will Wallet be able to access my seed phrase, if I turn on email recovery

No, your seed phrase is stored only on your device. Your email serves as an additional identification method, used together with your Telegram account, to help you regain access to your TON Space. The recovery code sent via email only works when you are logged into your Telegram account. This code enables the decryption of the seed phrase from the two shards created during the backup process.


What should I do if I do not receive a recovery code via email

If the recovery code doesn't come to the mentioned email, please check first:

  1. if you received messages with an email subject: Recover your TON Space account.
  2. if you have the email letter with an authorization code in other folders: Spam, Promotions or Deleted messages.

If the email letter still hasn't come, while the code was successfully sent, please write to the support team. We will check the status of the message sent.


Why do you offer an email backup option

We provide an email backup option to ensure you both security and convenience. Our system is just as secure as traditional seed phrase backups used by other wallets but is far more user-friendly. Common methods like offline storage or online notes, though widely popular, can be either inconvenient or less secure compared to our solution. This makes our approach particularly suitable for users new to blockchain technology, providing them with a safer and easier way to protect against lost seed phrases. However, the choice of traditional manual backup is always available for those who prefer it


If someone logs into my Telegram account on another device, will they be able to see TON Space

No, your TON Space wallet will not automatically appear on other devices. To access it on a new device, you must manually log in again, either via your seed phrase or your email recovery, provided you have previously created an email backup.


I lost access to my Telegram account. Will I be able to recover my TON Space wallet via email

It is possible to recover TON Space only if you have access both to the linked Telegram account and your email. You will not be able to send the recovery code to email without accessing your Telegram account.

If you lose access to your Telegram account, you will be able to recover the connected TON Space only with your seed phrase. Thus, it is crucial that you write down the Seed phrase now and always keep it in a safe place, even if you already made an email backup.


Is it possible for an attacker to get access to my seed phrase

No, unless you provide both your device and its passcode to an attacker. If someone has your phone but does not know the passcode, they cannot access any data. This is because smartphone flash storage is encrypted by default, making it impossible for an attacker to retrieve your files without unlocking the device.


Do Wallet / Telegram employees have access to TON Space seed phrase

Neither company can access your seed phrase. TON Space only holds part of the encrypted seed phrase, specifically 14 encrypted words, along with the decryption key. Meanwhile, Telegram holds another part, containing 10 encrypted words, but without the decryption key. Possessing either of these parts, even if fully decrypted, does not allow anyone to brute-force the other part. Here you can see some explanatory texts and a video demonstrating why brute-forcing is not possible.


I received a request to provide a Seed phrase from Support, can I share it

Never share your Seed phrase with anyone, even the TON Space support team. Also, our support team will never DM you first and will never ask for your seed phrase from TON Space.


I accidentally showed my seed phrase to support / to a third party. What should I do

If you accidentally shared the seed phrase with a third-party website or person, please urgently create a new TON wallet and write down its seed phrase; do not show it to anyone. Transfer all the funds from the old TON Space wallet to the new one, log out of your old wallet and never use it again.

Under no circumstances should you share your seed phrase with anyone. There is never a technical reason to share your seed phrase — if someone tries to persuade you to do so, ignore them and block their account on whichever platform they’re using to contact you.


How can I further secure my TON Space

To boost your TON Space’s security, follow the same precautions you would with any confidential information stored on your device. First off, never give your unlocked phone to someone you do not fully trust. Also, keep your email passwords to yourself, especially if the email is linked to your TON Space. If you opt for a manual backup, be mindful about where you keep your seed phrase — store it securely and make sure not to lose it.


To remove data about your seed phrase from TON Space, you should log out of your Telegram account and then uninstall the Telegram application from your device. Doing so will completely delete the seed phrase from your device.


Is there a plan for TON Space to release its source code on Github

We are exploring the possibility of making our code available on Github in the future. For now, our primary focus is on refining and developing the product. 


Are there plans to improve the security features of TON Space

Absolutely, we plan to implement a passcode for on-device encryption of the seed phrase. Additionally, we plan to further divide and distribute the decryption key and seed phrase shards across three separate storage locations for increased security.