About W2QR
A virtual hardware wallet for MetaMask.
The Idea
Hardware wallets (Ledger, Trezor) are the gold standard for securing crypto keys. But they cost money, require USB, and can be lost or damaged. What if you could get most of the same security model with just a QR code and a password?
W2QR turns your honey-encrypted QR backup into a virtual hardware wallet. MetaMask treats it as an external signer — the same way it treats a Ledger. Your mnemonic is never imported. Your signing key exists only during the session.
How It Works
CreateEncrypt your seed phrase into a QR codeConnectInstall the W2QR Snap in MetaMaskScanScan QR + enter password to start a signing sessionSigndApps request signatures through MetaMask as usualExpireSession ends, key is cleared — re-scan to sign again
Technology
- -Honey encryption — Juels & Ristenpart (Eurocrypt 2014). Every password produces a valid mnemonic.
- -Argon2id — 64 MB memory, 3 iterations (OWASP recommended). Memory-hard key derivation.
- -MetaMask Snaps — Keyring API for external signer integration. Same protocol as hardware wallets.
- -Client-side WebAssembly — all cryptography runs in-browser. No server.
- -BIP-32/44 derivation — standard EVM key path m/44'/60'/0'/0/0.