Is my SOL lost forever?

I typed in solana-keygen new --no-output to create a paper wallet and it gave me a pubkey and seed phrase. I airdropped 1 SOL to the wallet using the pubkey from the CLI output. Now I can’t figure out how to transfer the SOL out of the wallet address. I tried using the following command: solana transfer --from prompt:// <RECIPIENT_ACCOUNT_ADDRESS> 0.5 --allow-unfunded-recipient --fee-payer prompt:// and It asks me for my seed phrase, but then it tries to withdraw SOL from a different account.

Is the 1 SOL now stuck in the wallet address forever?

I am using the devnet so I’m not actually loosing anything here, however I am very confused. I understand that to get a usable address to a paper wallet I can just use the solana-keygen pubkey prompt:// command and enter my seed phrase. However, it seems redundant (and dangerous) that the CLI provides a pubkey with no way to verify ownership over it when using the solana-keygen new --no-output command. This leads me to believe that I must be missing something.

I’ve noticed the Solana docs refers to this redundant address as the “legacy, raw keypair’s pubkey” here:

Is there a way to generate a keypair file from a seed phrase using Solana CLI? If not, is there any way to verify ownership over this “legacy” address?

I understand that this is simply an issue with the CLI output and not the Solana CLI itself, however it’s highly misleading and seems to be a common source of confusion for beginners like myself. Also this output could potentially lead to financial loss if a beginner was foolish enough to transfer actual funds to the address before attempting to verify ownership.

Am I missing something? What is the point of this “legacy pubkey”?

Hi @aycodetime and welcome to the forum! :wave:

You are right that it is very confusing. As long as you have the seed phrase, though, it’s 100% possible to access all addresses that can be created from that seed phrase including the “legacy” one.

The misleading part is that the address printed from solana-keygen new is the “master” ( or “legacy” as the docs call it ) address. This “master” key is not usually used directly, instead, derived keys are usually used according to the BIP-44 standard.

Anyway, the ASK keyword can be used in place of the prompt:// keyword in the Solana CLI to use the master key instead of the default derived key. So to transfer tokens out of the master key to the default derived key you can do this

solana transfer prompt:// 1 --from ASK --allow-unfunded-recipient

Note that --allow-unfunded-recipient is just needed whenever you use the solana transfer command to transfer to a wallet that is currently empty.

So yes it is very confusing and unfortunate for beginners, I wish it was better than it is, but it is safe as long as you keep your seed phrase safe and you maintain full ownership over all possible addresses associated to yours seed phrase.

I’ve got a little bit more explanation on how the derived addresses work in this post: Paperwallet addresses - bad guide in Solana DOCS - #2 by zicklag.

Feel free to ask if you have any more questions!

1 Like

Thanks a lot, that clear it all up!

1 Like