Trinity Attack Incident Part 2: Trinity Seed Migration Plan

Update: The IOTA Trinity wallet is deprecated with the Chrysalis upgrade and will be replaced by the new Firefly wallet. You can easily transfer your tokens following these instructions.


Summary: Trinity is a software wallet for the IOTA digital asset that has been developed for desktop and mobile operating systems. Managed by the IOTA Foundation, this open-source software project enables the user to manage their tokens over the IOTA network. On February 12, 2020 the Trinity Wallet was attacked via a third-party dependency from Moonpay, which resulted in the theft of around 8.55 Ti in IOTA tokens.

This blog post is divided into a 3 part series:

  1. Part 1 summarizes the series of events that led to the attack and the measures taken by the IOTA Foundation. You can read it here.
  2. Part 2 is the seed migration plan put in place to protect users that might have been affected by the attack. (This blog)
  3. Part 3 offers an overview of key learnings, takeaways and measures that the IOTA Foundation will implement to ensure the highest security standards for all of our software development. You can read it here.

The following outlines the Trinity Seed Migration Plan which includes a seed migration tool that will be released next week.

Seed Migration Plan

The IOTA Foundation’s investigation identified 50 seeds whose tokens have already been stolen by the attacker. However, due to the nature of the attack, it is not currently possible to know the exact number of affected users and all Trinity users need to determine whether they might be affected.  

  • It should be noted that this migration plan was developed primarily for Trinity Desktopusers. But we strongly recommend that Trinity Mobile users also make use of the migration tool.
  • Token holders that have used other ways to secure their tokens (including Ledger Nano, custodians or exchanges and offline storage) are not affected and do not need to worry about the migration tool.
  • Passwords and seeds have been obtained by the attacker.All Trinity Desktop users from 17 Dec to 17 Feb should change their wallet password(and anywhere else it has been used). Note, changing password alone does not make you safe, you will also need to use the migration tool.

It is important that we enable all at risk Trinity users to migrate their tokens to safety. Instead of turning on the Coordinator immediately, we will provide a migration period for all at-risk users. The migration period will give users time to initiate a migration of their tokens from their current seeds, which may have been compromised, to newly created seeds.

Note:If you are uncertain about any of this or need assistance, please join the IOTA community on Discord and either ask on the #help channel or contact a member of the IOTA Foundation directly.  

Timeline for the migration plan

The IOTA Foundation is currently building a seed migration tool for migrating tokens from existing to new seeds. More information will be released early next week. Below is a timeline for the migration period.

Seed migration period

Day 0

The date of the migration tool release will be announced ahead of time. At-risk users will have a 7 day period in which they should perform the seed migration.

Day 7

After the 7 day period, the IOTA Foundation will start validating the submissions. Any conflicting submissions will need to be reviewed through a KYC process.

Optional Day 8–9

Optional: Community validation — The IOTA Foundation will propose a ledger state for a global snapshot. We will ask the community to validate the ledger state before moving ahead. This only applies if there are conflicts.

Day 10

The network is restarted with the new ledger state and the network Coordinator resumes operation.

What can lead to a conflicting submission?

If your seed has been compromised, or if you submit the same seed multiple times, we will receive conflicting submissions. Please make sure you only use the tool once for each account you own.

What happens after the migration period is over and a user hasn’t been able to submit in time?

In case the hacker has access to your seed, there is a risk that your tokens will be transferred out. If you are unable to use the migration tool during that period, we strongly recommend engaging with family or friends to find a trusted person to do the transfer for you.

How do I migrate on mobile?

Remember that the migration tool will only be available for Windows 7, Windows 10, Linux and MacOS, NOT for iOS and Android. Mobile users will have to use the SeedVault export or manually enter the seed directly into the tool.

I think my tokens have already been stolen, what do I need to do?

If you are suspicious of any wallet activity, please join our Discord server and contact the Discord mod team or IOTA Foundation directly. Please be aware that there are unfortunately active imposters posing as IOTA Foundation personnel on our Discord. Therefore it is important that you directly initiate contact with the IF or mod team yourself.  

Please continue to Part 3 of this series for more on Key Learnings and Takeaways.