TL;DR
Research from Carnegie Mellon shows the cracks clearly. People misunderstand seed phrases, store them in unsafe ways, fall for scams, have no inheritance plan, and are often forced to choose between security and usability.
In this article we walk through those failures, and show how Bron approaches them differently.
In April 2025, researchers from Carnegie Mellon University presented a landmark study at the ACM CHI Conference in Yokohama, Japan, arguably the world's premier human-computer interaction venue. The paper, titled "Of Secrets and Seedphrases," surveyed 643 cryptocurrency users and conducted in-depth interviews with 20 more. What they found was alarming, but for anyone paying attention to the self-custody wallet space, not entirely surprising.
The findings were unambiguous: the tools people use today to manage their own crypto assets are fundamentally failing them. Misconceptions are widespread. Security behaviors are dangerous. And the gap between what users think they know and what they actually need to do to stay safe is vast.
This long-read walks through every major problem the Carnegie Mellon study identified, and explains, in concrete terms, how Bron Wallet was designed to solve each one.
The Problem Nobody Wants to Talk About
Crypto adoption has exploded. The same CHI 2025 study notes that an estimated 575 million people worldwide now own some form of cryptocurrency, up from just 5 million in 2016. Roughly 40% of American adults own crypto-assets. The technology has arrived in the mainstream.
But the infrastructure for actually owning and protecting those assets hasn't kept up. Self-custodial wallets, the kind where you, and only you, hold the keys, are the gold standard of crypto sovereignty. "Not your keys, not your crypto" is the movement's founding credo. Yet the research paints a picture of a category that is, on the whole, dangerously unusable.
The problems aren't just about hackers and phishing attacks. They are about everyday confusion, people who don't understand what a seed phrase is, who store it insecurely because nobody told them otherwise, who have no plan for what happens to their assets if they die.
Bron Wallet was built with these failures in mind. Every design decision, every UI choice, every security architecture reflects the real challenges real users face. Dmitry solved this problem for institutional investors, but when he left Copper in 2024, he realized the problem still wasn’t solved for individuals, so he built Bron. Here is how we fix it for retail.
Problem 1: Most Users Don't Actually Know What a Seed Phrase Is
The most striking number in the Carnegie Mellon study is this: only 43% of survey respondents were able to correctly identify an image of a seed phrase. More than half of people who use self-custodial wallets, people who already own cryptocurrency, cannot recognize the very thing that protects all of it.
The researchers also found something equally troubling: many users conflate seed phrases with passwords. In interviews, participants described applying the same strategies to both: storing them in the same document, and treating them with the same level of urgency. But they are not the same thing at all.
A password can be reset. A seed phrase cannot. A password grants access to a service that can lock you out if needed. A seed phrase is the master key to an irreversible cryptographic system. If someone gets your seed phrase, they own your assets forever. If you lose it, those assets are gone forever.
One participant in the study was frustrated that he couldn't "reset" his seed phrase the way he could reset a forgotten password. This isn't a personal failing, it's a design failing. Current wallets generate a seed phrase during setup and largely leave users to figure out what it means and why it matters.
How Bron Wallet Solves This
Bron addresses the seed phrase problem by replacing the traditional single private key model with Multi-Party Computation (MPC). In conventional crypto wallets, a private key is generated and represented to the user as a seed phrase, typically 12 or 24 words. This seed phrase is the master secret that controls the wallet. Whoever has it controls the assets, and if it is lost, there is no way to recover the funds. The Carnegie Mellon research highlights how fragile this system is, since many users either misunderstand what a seed phrase is or store it in insecure ways.
Bron was designed to remove this fragile dependency entirely. Instead of generating a single private key that must be backed up with a seed phrase, Bron creates a cryptographic key using MPC technology. In this model, the private key is never generated in full and never exists in one place. Instead, it is mathematically split into three encrypted fragments known as key shares.
These shards never come together in one place. When a transaction is signed, the user’s shard collaborates with Bron’s shard to produce partial signatures, which are mathematically combined to create a valid blockchain signature. The private key itself is never reconstructed during the process.
Bron uses a 2-of-3 threshold model, meaning any two shards can authorize a transaction. In normal operation, the user shard and Bron shard sign transactions, while the third shard is reserved for recovery if the device is lost.
This architecture removes the seed phrase entirely and eliminates the single point of failure that traditional wallets rely on.
Problem 2: Seed Phrase Storage Is Dangerously Insecure
Even among users who do understand what a seed phrase is, the study found a widespread pattern of insecure storage. Users store their seed phrases in Google Drive, in password managers alongside their login credentials, in notes apps, in screenshots, and in unencrypted text files. Some email it to themselves. Some store it in a shared document accessible by others.
The researchers found that these behaviors often stem from a genuine attempt to be organized and careful. Users apply the same mental frameworks they use for passwords and other digital secrets. The problem is that seed phrases require fundamentally different handling, and existing wallets rarely communicate that clearly.
The study also highlights a fundamental tension that users navigate: the trade-off between safety and ease of access. Users know that keeping their seed phrase in a paper notebook is more secure than keeping it in Google Drive. But they also worry about losing the notebook, about fire, about not being able to access it quickly. Many choose convenience over security not out of negligence but out of a rational calculation, one that wallets do nothing to help them navigate well.
How Bron Wallet Solves This
Because in Bron the key is distributed across shards, users no longer need to store or manage a seed phrase in notes apps, cloud storage, or paper backups. The security of the wallet no longer depends on the user correctly handling a single secret. Instead, the MPC architecture distributes trust across multiple independent components, removing the single point of failure that makes seed phrase storage so risky.
This architecture also enables secure recovery without relying on a seed phrase. If a user loses their device, the remaining key shares can generate a new device share through the MPC protocol. The user can then restore access to the wallet after authentication, without ever needing to locate or re-enter a seed phrase. Importantly, the private key still never exists as a single piece of data during this recovery process.
Problem 3: Users Are Highly Vulnerable to Scams
The Carnegie Mellon study found that cryptocurrency scams are nearly ubiquitous in the community. Both experienced and novice users reported falling victim to scams, 20% of experienced users and 29% of novices, at rates that would be alarming in any financial system.
Many of these scams involve social engineering around seed phrases specifically. Users are tricked into entering their seed phrase on fake wallet websites. They are impersonated by "support" accounts claiming to need the phrase to verify their identity. They are led to believe that sharing a seed phrase is a legitimate step in a wallet upgrade or transfer process.
The research notes that existing wallets do very little to intervene at the moment of risk. There are no warnings that fire when a user is about to take an action consistent with a known scam pattern. There is no in-app education about what legitimate support requests look like. Users are largely on their own.
How Bron Wallet Solves This
Bron introduces Policy Engine that adds an additional layer of behavioral protection at the transaction level.
The Policy Engine allows wallets to enforce predefined rules before a transaction can be executed. Instead of every transaction being signed immediately after user approval, actions can be evaluated against a set of security policies designed to detect or mitigate risky behavior.
For example, policies can introduce transaction limits, delays, or additional confirmations when certain conditions are met. If a user suddenly attempts to send a large amount of assets to a new address, the wallet can require additional approval steps before the transaction is finalized. This creates a buffer period that can help prevent impulsive actions triggered by social engineering or scam pressure.
The system can also enforce multi-step authorization flows, where sensitive transactions require confirmation from multiple devices or trusted parties. This means that even if a user is manipulated into initiating a malicious transaction, a second layer of verification can interrupt the process.
In practice, this transforms the wallet from a passive signing tool into an active security system. Rather than assuming that users will always recognize scams on their own, the Policy Engine provides structured safeguards that slow down suspicious actions and give users the opportunity to reconsider before irreversible transactions are executed.
Problem 4: Shared Accounts Create Hidden Risks
One of the more nuanced findings in the CHI 2025 paper concerns shared accounts and the circumstances under which users share seed phrases with others. The research found that 22% of users had shared their seed phrase with someone else, a spouse, a family member, a trusted friend, often for purposes of joint access or backup recovery.
This might sound reasonable. But the researchers found significant gaps in how users understand the implications of sharing. Many did not recognize that sharing a seed phrase gives the other person complete, independent access to the wallet, not joint access requiring mutual consent, but full unilateral control. There is no "read-only" mode. There is no permission system. Anyone with your seed phrase has everything.
The research also found that users with shared accounts, couples managing crypto together, for instance, had weak or nonexistent frameworks for handling the end of that relationship or a change in trust. What happens when a marriage ends? What if the trusted friend proves untrustworthy? Existing wallets offer no guidance on these questions.
How Bron Wallet Solves This
Bron addresses these risks through a team management system that introduces structured roles and permissions instead of requiring users to share full wallet access.
In traditional wallets, sharing a seed phrase effectively transfers complete control. Anyone who has the phrase can move funds independently, with no restrictions and no way to revoke access later. Bron replaces this model with a workspace structure where access is organized through four roles.
The Owner has full control over the workspace and can manage settings, policies, and team members. Members have operational access and can perform actions such as initiating transactions but cannot manage the team itself. Viewers are limited to monitoring activity and balances without the ability to take action. Guardians serve a recovery role only; they cannot view balances, transactions, or approve operations, but they can participate in recovery procedures if access to the wallet needs to be restored.
For sensitive actions such as transactions, limit changes, team updates, or workspace configuration, Bron allows additional approvals to be required. Instead of a single person authorizing an action, critical operations can require multiple sign-offs before they are executed.
Access is also flexible. Roles can be updated, users can be deactivated, and permissions can be changed at any time depending on how a team or family chooses to manage custody. This structure allows shared control without exposing the wallet to the risks that come with distributing a seed phrase.
Problem 5: Nobody Is Planning for Death
Perhaps the most overlooked finding in the Carnegie Mellon study concerns what happens to cryptocurrency when the holder dies. The research found that only a small minority of users have any estate plan for their crypto assets. Most have done nothing. Many haven't thought about it at all.
This matters enormously. In traditional finance, banks and brokerages have legal obligations and processes to help transfer assets upon death. In self-custody crypto, there are none. If you die and no one has your seed phrase, your assets are permanently inaccessible. They don't go to your family. They don't go to anyone. They simply cease to exist in any practical sense.
The researchers noted this as an area of urgent need for better wallet design, arguing that wallets should actively support users in thinking about and executing inheritance planning, not leave it as an afterthought that most users never get around to.
How Bron Wallet Solves This
Bron addresses the inheritance problem by introducing a built-in digital inheritance mechanism that allows users to securely pass their assets to designated beneficiaries.
Instead of relying on seed phrases or informal instructions, the wallet owner can add beneficiaries directly to the workspace. These beneficiaries create their own Bron accounts but cannot see balances, transactions, or interact with the wallet while the owner is alive. Their role only becomes active if an inheritance event occurs.
If the owner loses access to the wallet, any beneficiary can initiate the inheritance process. All guardians, owners, and beneficiaries are notified, and a security delay begins to prevent fraudulent claims. The delay lasts six months if guardians are configured or twelve months if they are not, giving time for the owner or other participants to cancel the request if it was started incorrectly.
After the delay expires, control of the workspace transfers to the beneficiaries who joined the process. The wallet automatically enforces policies requiring approval from all beneficiaries for transactions, ensuring that funds can only be moved through coordinated decisions.
This allows crypto assets to be transferred in a structured and secure way without exposing seed phrases or relying on external intermediaries.
Problem 6: The Security-Usability Trade-Off Is a False Choice
Running through every finding in the CMU paper is a common thread: the perceived trade-off between security and ease of use. Users feel they must choose between a wallet that is secure and one that is convenient. Many choose convenience, often without fully understanding the risks. Some choose security and end up with something so cumbersome they rarely use it, or worse, implement it incorrectly.
The researchers argue that the right solution is not to demand more sacrifice from users, but to design systems that make the secure path also the easy path. This is a design challenge, not a user education challenge. You cannot educate your way out of tools that are fundamentally hard to use correctly.
How Bron Wallet Solves This
Bron Wallet was built on a foundational design principle: security should be invisible where possible, and clear where it must be seen. The vast majority of security features operate at the infrastructure level, without requiring user decisions.
Where user decisions are required, such as backup, sharing access, inheritance setup, or transaction verification, Bron provides structured flows designed to guide users toward the safest choice. Instead of leaving users to interpret complex security concepts on their own, the wallet presents options with clear, plain-language explanations of what each action means and what its consequences are.
These guided flows help users understand the implications of their decisions without needing deep technical knowledge. As a result, critical steps like configuring recovery, assigning roles, or approving transactions become structured processes rather than confusing security tasks.
Bron also supports users beyond the interface itself. The platform offers 24/7 support as well as the Bron Wiki, a knowledge base where every feature is explained through detailed articles and step-by-step video guides. This combination of guided product design and accessible education helps ensure that the secure path is also the easiest one to follow.
What Research-Backed Design Actually Looks Like
The CHI 2025 Carnegie Mellon study is a comprehensive indictment of the current state of self-custodial wallet design. But it is also a blueprint, a detailed map of every place the category has failed its users, and every opportunity for a better product to do more.
Bron Wallet is that product. Not because it adds a layer of features on top of a broken model, but because it starts from what real users actually understand, actually need, and actually struggle with, and builds from there.
The problems are documented. The solutions exist. The only question is whether the wallet in your pocket was built with any of this in mind.
