The Bitcoin Improvement Proposal or ‘BIP’ 39, was introduced in 2013 with the aim of creating a common standard for easy and safe wallet backups. Today, almost every Bitcoin wallet is compatible with BIP 39 seed phrases, and as such it is important for users to understand what they are and how to use them.
Seeds and HD wallets
Most Bitcoin wallets today are Hierarchical Deterministic (HD) wallets: they use a large number called a seed to derive all of the account’s addresses and private keys. This way, a user can write down their seed during wallet creation, and keep it as a secret password for recovering all their funds and past transactions in any compatible wallet.
The same wallet seed will always generate the same keys, and it does so in a predictable way in a tree-like structure. However, there needs to be agreed-upon standards for generating the wallet seed in order for wallets backups to be inter-compatible.
BIP 39 seed phrases
BIP 39 is the name of a specification published in 2013 for Bitcoin HD wallets to use as a standard for seed generation and backups. It specifies a way to convert a raw wallet seed—for example ‘eb9dd76f34595ca026d62cfbf0084f82’—into a group of easily recognizable words from the English language.
The number that makes up the raw seed is sliced into smaller numbers that correspond to a word from an indexed wordlist. Words in the wordlist have been chosen so that:
- The first four letter of a word are enough to identify the word
- Similar words such as ‘woman’ and ‘women’ are avoided to prevent mistakes
For example, for a 128 bit seed (12 words):
Raw hex: ce4e23c8afd40274e42c7c8852d0bb3
Index numbers: 359, 312, 1145, 175, 1696, 157, 456, 711, 1604, 331, 535, 831
Seed phrase: coconut check monkey bicycle staff beauty decorate flight silk city drill gun
The seed phrase is much easier for users to read and write than a random number, and helps minimize human error when backing up a new wallet or restoring an existing one.
Passphrases
BIP 39 features an option to add a passphrase to the seed phrase. When a passphrase is combined with a seed phrase it will generate a new wallet seed, with completely different keys and addresses. The passphrase, sometimes called 13th or 25th word, does not need to come from a wordlist. It can be any string of uppercase or lowercase letters, numbers, spaces, and special characters—which means similar looking characters like ‘l and l’ should be avoided.
This feature can be used to create multiple wallets from one seed, or to create a second authentication factor: in case the seed phrase is stolen or compromised, the passphrase as well is needed in order to access the funds.
To learn more: How can BIP 39 passphrases help upgrade your Bitcoin custody?
Generating a seed phrase
In order to be safe, the seed used in a Bitcoin wallet must be truly random. Seed phrases picked ‘at random’ by users are very easy for computers to break. Bitcoin wallets use random number generators which are much better than humans at generating true randomness. Always use a wallet to generate your seed phrase.
Another concern is the possibility of an attacker extracting the seed from a wallet on a connected device (even turned offline) like a mobile phone or a computer. For keeping large amounts of bitcoin, purpose-built devices called hardware wallets are used to generate and keep the key offline during the signing process.
Some hardware wallets like Seed Signer and Coldcard offer the option to add entropy by entering the result of a certain number of dice rolls for a more trustless key generation process.
Try Mnemonic Code Converter by Ian Coleman to experiment with BIP 39 seed creation.
Keep your seed phrase safe
The seed phrase allows anyone to enter it into a compatible Bitcoin wallet and get access to the funds in the wallet as well as the entire transaction history. Seed phrases and passphrases must be written down, stored in a safe place, and kept secret.
For larger wallets, multiple copies on the backup can be made and stored in more than one location, in case one copy is lost or destroyed. It is good practice to test wallet backups by recovering them and making a test transaction before sending any meaningful amounts of funds. You should write down next to the seed the version of the wallet used to generate it, and the derivation path or account number if you know it.
To prevent thieves from accessing your wallet, backups should be stored securely, away from sight and from cameras, including your own mobile devices and webcams. Never store your seed phrase in a file on your computer or on cloud storage, an email, a text message, in a password manager, or by taking a photo of it.
Also keep in mind that scammers target Bitcoin users with phishing attacks. Only enter your seed phrase in a Bitcoin wallet when you need to recover it.
Remember that if a seed phrase generated with a hardware wallet is entered into a connected device, it should be considered compromised, and funds should be moved to a new secure seed.
Posted at block 799940
Bitcoin Bumblebee 
Leave a comment