# How does Jade protect my recovery phrase with a blind oracle? Source URL: https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-does-jade-protect-my-recovery-phrase-with-a-blind-oracle Updated: 2026-04-09T09:37:18.000Z Category: Blockstream Jade Section: FAQs --- [Jade](https://blockstream.com/jade) uses oracle-enforced PIN protection to encrypt your Jade's [recovery phrase](https://helpcenter.dxp-frontend.devserver.app/blockstream-app/faqs/what-is-a-recovery-phrase). This unique security model functions as a **virtual secure element** to provide extra protection for your funds while offering several key benefits. ## Oracle-enforced PIN Protection Explained During the Jade initialization process, you will be asked to create a unique PIN. This PIN is used in combination with a [blind oracle](https://glossary.blockstream.com/blind-oracle/), managed by Blockstream, to encrypt Jade's key material - at which point it will need three secrets to decrypt your recovery phrase and spend funds: - User-generated unique PIN - Jade secret - Oracle secret ![virtual_secure_element.png](https://dxp-backend.devserver.app/uploads/help-center/content/blockstream-jade/faqs/how-does-jade-protect-my-recovery-phrase-with-a-blind-oracle/17057492929817.png) When you are ready to unlock Jade, you will be prompted to enter your PIN. The companion app (e.g. [Blockstream app](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/set-up-transact-recover-your-wallet/download-a-companion-app-for-jade)) will then establish an encrypted channel with the blind oracle, allowing for the **server** **secret** to be sent to Jade - thus decrypting **Jade's secret** and allowing you to spend bitcoin. **The blind oracle is truly blind**. Your Jade device itself does not communicate with it. It does not know anything about you or your wallet data, and you can access it over Tor. **It doesn't even know your actual PIN!** To learn more about how this process works, [visit our FAQ](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/jade-security-model-faqs). > **Note:** Jade only unlocks successfully if you enter the correct PIN. To prevent against brute-forcing, the oracle and Jade will **delete** their keys if you enter the wrong PIN **three** times. At this point, you must restore Jade with the recovery phrase. ## Benefits & Tradeoffs of Oracle-Enforced PIN Protection Thanks to Jade's security model, the recovery phrase's strong encryption on on your device comes with some powerful **benefits:** - Attackers with access to your Jade cannot steal your funds, as they would need to compromise **both** your local encrypted flash and the remote PIN oracle. The seed is encrypted with random keys split between the Jade device and a lock-out oracle. - By not requiring a secure element and utilizing a PIN oracle instead, **Jade is** **fully open-source**. With all things Bitcoin, however, this model does not come without **tradeoffs**, as you may need communication with Blockstream's blind oracle. To avoid needing communication with Blockstream's oracle, you can: - [run your own PIN oracle](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/add-more-security-functionality/set-up-a-personal-blind-oracle). - unlock Jade using your [recovery phrase directly](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/add-more-security-functionality/use-cases-for-temporary-signer) (by scanning a [SeedQR](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/use-jade-air-gapped/access-jade-plus-air-gapped-with-seedqr), for example). ## The Details Matter Once you choose your PIN, an ephemeral Elliptic Curve [Diffie Hellman exchange](https://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman%5Fkey%5Fexchange) (ECDH) exchange occurs with the remote oracle. An [ECDH](https://en.wikipedia.org/wiki/Elliptic-curve%5FDiffie%E2%80%93Hellman) key exchange allows two separate entities with no previous knowledge of each other to generate a shared secret over public insecure channels. Using a known public key of the blind PIN oracle, an ECDH key exchange occurs, and the communications channel can be fully encrypted. **Once the encrypted channel is established, the Jade and the remote oracle work together to create an** [**AES256**](https://en.wikipedia.org/wiki/Advanced%5FEncryption%5FStandard) **key.** When creating a recovery phrase for a new wallet, [entropy is gathered from the pool](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-does-jade-generate-my-recovery-phrase), and it encrypts the resulting key material for the recovery phrase using the AES256 key. This data can **only be decrypted** when you input the correct PIN on the Jade and establish a connection with the remote PIN oracle, mediated by the companion app. Since the oracle only has a part of the AES256 key, **it is blinded to any of your wallet’s keys and PIN**. All data at rest is encrypted on the oracle. > **Remember:** If you enter the PIN incorrectly three times, the oracle and Jade both delete the secret, requiring you to restore your wallet using the recovery phrase. The newly-encrypted key material is then stored on the [encrypted off-chip flash](https://docs.espressif.com/projects/esp-idf/en/v4.2/esp32/security/flash-encryption.html) of the Jade and protected by [Secure Boot](https://docs.espressif.com/projects/esp-idf/en/v4.2/esp32/security/secure-boot-v2.html). Secure Boot is a technology that prevents unsigned boot firmware from running on your Jade, such as a compromised firmware image from an attacker. **It ensures that only firmware you intend to run is used to boot the device.** Your Blockstream Jade now has a robust encrypted recovery phrase. Navigation: Blockstream Help Center > Blockstream Jade > How does Jade protect my recovery phrase with a blind oracle? ## Related Articles in This Section - [How does Jade protect my recovery phrase with a blind oracle?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-does-jade-protect-my-recovery-phrase-with-a-blind-oracle) (current) - [Why doesn't Jade have a secure element?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/why-doesnt-jade-have-a-secure-element) - [Jade security model FAQs](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/jade-security-model-faqs) - [Blockstream Jade vs Blockstream App](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/blockstream-jade-vs-blockstream-app) - [How does a passphrase work on Jade?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-does-a-passphrase-work-on-jade) - [How does Jade generate my recovery phrase?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-does-jade-generate-my-recovery-phrase) - [How do Lightning accounts work with my Jade?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-do-lightning-accounts-work-with-my-jade) - [How do I set up a wallet-erase PIN?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/how-do-i-set-up-a-wallet-erase-pin) - [What is a SeedQR?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/what-is-a-seedqr) - [What is Anti-Exfil and how does it work?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/what-is-anti-exfil-and-how-does-it-work) - [What is the wallet ID shown on the Jade home screen?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/what-is-the-wallet-id-shown-on-the-jade-home-screen) - [Should I export the master blinding key?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/should-i-export-the-master-blinding-key) - [Blockstream Jade Quickstart Guide for iOS](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/blockstream-jade-quickstart-guide-for-ios) - [Blockstream Jade Quickstart Guide for Android](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/blockstream-jade-quickstart-guide-for-android) - [Blockstream Jade Quickstart Guide for Desktop](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/blockstream-jade-quickstart-guide-for-desktop) - [Which Xpub Export settings should I use?](https://helpcenter.dxp-frontend.devserver.app/blockstream-jade/faqs/which-xpub-export-settings-should-i-use)