Phishing
Phishing is a scam in which an attacker poses as something trustworthy to trick a person into revealing a secret. In Bittensor the usual prize is a wallet’s recovery material, most often the seed phrase, which the documentation treats as sensitive wallet access material that should be kept private.
References: Handle your Seed Phrase Securely, Wallets, Coldkeys and Hotkeys
What It Targets
The center of a Bittensor phishing attempt is the recovery phrase that backs a wallet. The documentation describes a seed phrase as material that can restore a wallet’s keys, so an attacker who obtains it can rebuild the wallet elsewhere and move its funds. A phishing attempt is, at heart, an effort to get that phrase out of the owner’s sole control by making a fake request look genuine.
Reference: Handle your Seed Phrase Securely
Why the Seed Phrase Is the Prize
Phishing works for the same reason recovery phrases are powerful: the phrase is key-equivalent. Because it can regenerate the keys it belongs to, disclosing it is close to handing over the wallet itself. That is what makes a convincing fake prompt for a recovery phrase so dangerous, and it is why the documentation frames disclosure of the phrase as a wallet-safety risk rather than a minor mistake.
Reference: Handle your Seed Phrase Securely
Development Stage Context
Phishing targets recovery material because a disclosed seed phrase can restore the keys that control a wallet. Official guidance treats the phrase as key-equivalent and warns against entering it through untrusted surfaces (Handle your Seed Phrase Securely).
The practical risk therefore follows the assets and permissions those keys can move, not the label on the prompt. A fake message that harvests recovery words is dangerous whenever the compromised material can reach live TAO or stake the coldkey controls (Wallets, Coldkeys and Hotkeys).
Readers should treat any recovery-phrase request as a custody threat and judge phishing examples by whether disclosure would hand an attacker wallet control, regardless of how trustworthy the prompt appears.
Reader Boundary
This page defines the concept at a high level. It does not catalog specific scams, sites, or messages, and the forms phishing takes change constantly. The durable point is the target: a wallet’s recovery phrase is what a Bittensor phishing attempt is ultimately after, which is why that phrase belongs nowhere but the owner’s own secure keeping.
Coldkey Material Is What Phishing Usually Targets
Official Wallets, Coldkeys and Hotkeys documentation separates the coldkey that holds TAO and stake from the hotkey used for subnet operations. Phishing that asks for a recovery phrase is therefore aimed at coldkey control, not merely at a mining or validation hotkey label.
That distinction matters because a stolen hotkey can disrupt subnet participation, but a stolen coldkey seed phrase can move the underlying funds and stake the wallet controls.
Leaked Phrases Should Trigger Coldkey Rotation
Handle your Seed Phrase Securely documentation treats a leaked secret as a case where the owner can and should rotate access through a coldkey swap rather than continuing to treat the exposed phrase as safe. Leak vocabulary therefore points toward replacement, not toward reuse of the same recovery material.
Phishing succeeds when a user treats a fake prompt like a legitimate wallet step. Once disclosure happens, the durable response in official guidance is rotation of coldkey control, not merely changing a display password on the same compromised seed.
Official Guidance Rejects Untrusted Entry Surfaces
The same seed-phrase security page warns against entering recovery material into messaging apps, email, or online word processors. Those surfaces are untrusted channels where a convincing fake support message can harvest the phrase.
Phishing depends on that mistake: the attacker imitates a trusted party, but the entry surface itself is what official wallet guidance marks as unsafe for seed-phrase handling.
Relationship to Seed Phrase
Phishing and seed phrase are related but different parts of Bittensor wallet-security vocabulary. Phishing names the deceptive request that tries to obtain a secret, while seed phrase names the recovery-word material that documentation treats as key-equivalent wallet access (Glossary: Seed Phrase, Handle your Seed Phrase Securely).
For readers, phishing describes the social attack surface, and seed phrase describes what the attack is usually after. A phishing prompt asks for recovery words; the seed phrase is the secret those words represent. The terms should not be read as interchangeable labels for the same concept.
References: Handle your Seed Phrase Securely, Glossary: Seed Phrase