BIP

NoSkidMarks

Wow, what happened to move the price, did a new BIP take effect, or did Trump sign a bill that removes KYC and AML? No... Uh, okay, then why is it up? Because people keep throwing money at it. Before ETFs, people were throwing their own money at it, now they're throwing other people's money at it. Pretty soon central banks will be throwing money at it. But until consumers decide it's what they prefer, it's all just a bunch of hot air. That's not going to happen until merchants begin accept it, and that's not going to happen until KYC and AML regulations are eliminated, and that's not likely to happen within my lifetime (\~60 years), so this Zeppelin of all Zepplins is likely to keep growing for a long time before it finally bursts into flames.

Tom_B88

Yep, that is a valid BIP39 mnemonic! The hash of 256 bits where all bits are 1 is exactly are you said - when the first 8 bits of this are added to the end, that makes the final 11 bit chunk 11110101111, which is 'vote'. I would not recommend storing any Bitcoin on the resulting seed 😀 Thanks for this, glad I'm not only one who got minesweeper vibes.

KelvenKing

Not sure if it's supposed to do that, but when you get minesweeper vibes and want to change all the entropy characters to 1 in the checksum visualizer then the checksum is: **10101111**10010110000100110111011000001111011100100110001101011111101111011011010001001010010110100000101001100011110000111001111100010010101011110011000011111001010100001010011011101110010111001001011100011011111000011000100011101000100111000100000001010001 Which is a valid BIP39 mnemonic as zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote

Crypto-Guide

Electrum uses a different seed standard and doesn't generate BIP39 seeds. (But does use the BIP39 wordlist) What makes things more confusing is that for a few years it was possible that a seed could have a valid checksum for both (1/16 chance as the checksum for BIP39-12word is so pointlessly weak) BIP32 is a different standard entirely and doesn't relate to mnemonics, but rather from the key that is created from the BIP39/Electrum2/SLIP39 process. (You can export the xprv from Electrum and then import this into Sparrow as a BIP32 wallet) Basically the question of whether Sparrow should support Electrum seeds is best directed at the Sparrow Dev. (There are other wallets that support Electrum standard seeds)

xpresstuning

What? I said that he could import the seed-phrase in any wallet. Software or hardware. Then send to exchange. And sell. My point was that his seed-phrase is backwards compatibile indefinitely; as long as BIP39 support exists. He could use the "Watch-Only" indefinitely for decades and accumulate with absolutely 0 risk. Once he decides to withdraw - he could use his seed-phrase with a hardware wallet. Or he could use any software wallet. Send to exchange. And sell. Or make a new wallet. Good job on the thumb down.

Scared-Ad-5173

You can't read. This sentence is in the comment I replied to - "But that also can be solved by another BIP." It Is referring to the idea that we can lock coins that live in non quantum resistant addresses after upgrading to quantum resistant addresses. Locking coins is reducing supply. But he clearly didn't understand that. Lmao

ultron290196

Quantum resistant forks will be out before it's ever a threat. However lost coins are at risk of being moved. But that also can be solved by another BIP. You need to realise BTC is a living organism. It can adapt.

rumi1000

Don't know Safepal. Trezor has passphrases though so you should be using that. Choose a passphrase you can memorize, but also back it up. Just don't back it up in the same place as your seed as this would defeat the purpose. I recommend having passphrase memorized and in password manager. BIP85 is a bitcoin thing. I have my main seed in Passport, then derived a BIP85 child seed for my Trezor which I use for everything non-Bitcoin.

rumi1000

It allows you to deterministically derive child seeds from a main seed. Backup main seed in steel, use BIP85 to derive child seeds > use this for mobile wallets, shitcoin wallets etc Supported by Coldcard and Passport.

rumi1000

Passphrase is your friend. Also checkout BIP85 so you only have to backup one seed phrase.

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: •No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. •Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. •If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. •The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: •Keeping your seed and passphrase offline and safe •Not reusing the passphrase elsewhere •Being alert for phishing attempts

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: • No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. • Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. • If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. • The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: • Keeping your seed and passphrase offline and safe • Not reusing the passphrase elsewhere • Being alert for phishing attempts

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: • No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. • Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. • If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. • The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: • Keeping your seed and passphrase offline and safe • Not reusing the passphrase elsewhere • Being alert for phishing attempts

crunchyeyeball

According to their site, the Safe 3 does support a 12-word (BIP39) option if you prefer that. It just uses 20-word (SLIP39) option as a default: > The first version of the Trezor Safe 3 was released while we used the term recovery seed instead of wallet backup. The 2023 version came with 12-word wallet backup cards labeled as recovery seed, while the 2024 version includes 20-word wallet backup cards. > > ***Both devices are identical - the only difference is the blank wallet backup card. Both devices are capable of using 12, 20, and 24 word backups.***

CatatonicMan

Huh. You're right. I thought SLIP39 was an implementation of Shamir's Secret Sharing over BIP39, but they made it a separate thing.

Aussiehash

>You can always convert SLIP39 to BIP39 Nope

CatatonicMan

SLIP39 is an open standard supported by several wallets, including Electrum. It's not exclusive to Trezor, and you shouldn't worry about not being able to use it if Trezor goes belly up. Regardless, you can always convert SLIP39 to BIP39, since SLIP39 is just a specially-encoded BIP39 seed phrase.

ac4346e2

You can choose 12/24 word it's in some hidden menu it's also called BIP39

Dettol-tasting-menu

Most welcome! And thank you for going self custody instead of buying some ETF, which is easier on surface but it's not real bitcoin. If everyone just buys ETF or MSTR, bitcoin might die. I don't personally memorise the 24 words, but I have some good copies. And yes finding the best place to hide the plates is the main headache for most people. Think of it like, in the ancient world, where would a wealthy person hide their gold bars and bullions? It's always a bit tricky. But fear not. There is a good solution to that too. It's a called a Passphrase (often called the 25th word). So once you have understood the idea of the seed phrase (24 words private key), the next step would to add a passphrase to the seed phrase (note the unfortunate names people often get confused). Passphrase is also a BIP39 standard, think of it as the 25th "word" added on top of the 24, but this 25th word doesn't have to be picked from the standard word list. It can be anything (much like our normal login passwords, we can make it however long and however complex we want). Once you enable a Passphrase, the resulting private key would be completely different from the original 24 words alone. So 24 words by themselves, you can think of it as a wallet holding some bitcoin, but once you add your passphrase on top, you get a completely different wallet. Every different passphrase gives you a different \[empty\] wallet. So imagine, I have my steel plates with 24 words stamped, I hide it in my house somewhere, preferably more than one copy. I am not too worried about someone finding my plates, because I have only a small decoy amount kept on that 24 word wallet. A bigger (main) stash is actually kept on my Passphrase enabled wallet - still the same 24 words, but it also needs the 25th (my passphrase) to get to it. And if your passphrase is a reasonably long and complex one (much like any email password), then it's difficult to brute force by trail and error. But that's the next step. Most wallet would allow you to enable the passphrase, but many wallet would call it an "advanced" feature because if you're just getting started, it could be confusing. First get the good understanding on how the basic seed phrase work, then move on to passphrase to better protect yourself. Good luck!

Dettol-tasting-menu

Your private key is actually very simple. It’s just a very very large number. That’s it. It’s a 256 bit number, so that’s just 101110101011101 etc etc. All 1s and 0s, 256 digits long. The words are just a human readable representation of this 256 bit number. 256 bit would translate to 24 standard English words (from a standard list), and some wallets choose to use a 128 bit private key (half as long) so that translates to 12 words. Both are plenty secure. Note no SHA256 is involved here. It literally transcribes a random binary number 1011001000101…. into words. Each word represents a 11 bit binary. You can google BIP39 word list and look at the mapping. 00000000000 is ABANDON, 00000000001 is ABILITY, 00000000010 is ABLE, etc etc. You can flip a \[fair\] coin, head being 1, tail being 0, do it 128 or 256 times, write down the result on paper and then manually refer to this word list and find out the English words, then you have your seed phrase aka private key. No SHA is needed. \>shares it safely when I need to authorize a transaction No your cold wallet never \*shares\* your private key, not sharing the key is the whole point of a cold wallet. It \*knows\* your private key but it will never disclose it. When you want to spend your coin, you put together a transaction -- like A (you) send 0.1 BTC to B (on this address). Once you (really it's your software paired with the cold wallet) put together this transaction details, it get sent to the cold wallet for signature. Cold wallet \*signs\* it with the private key, but never tell the software what the key is. Think of it like, your cold wallet is a guy hiding inside a secret room with a secret authorisation code, you slip a piece of paper (the transaction details) under the door, the guy picks it up and use the authorisation code to \*sign\* the paper. Once done, he slips the paper back out to you. You now have a signed transaction, fully authorised, ready to broadcast to the world, but you (your software) never get to see the authorisation code (your private key), you only get to see the final produce which is the signature, the signature can go public to the worlds. You must always make good back up of the words. Write it down on paper, or better yet stamp the words on steel plates. Never type it out on a computer, never take pictures of it with a phone (otherwise it defeats the purpose of using a cold wallet!) If you lose your hardware wallet (which holds your key) that's ok because it's impossible (or at least extremely hard) to extract your keys from the hardware, and your hardware is protect by your PIN, if the person picked up the hardware and key in wrong PIN a number of times your hardware just wipes itself clean. etc. So losing your hardware is ok as long as you have a copy of the words, again, that's your private key. You can buy another hardware wallet (even another brand, most are BIP39 compatible) and restore your private again using your words. so ultimately your 12/24 words are what you need to safekeep, everything else can be replaced, you can buy a new phone, a new cold wallet, new PC... as long as you have your words your coins will be safe. \>that is why I can use them to “restore” my wallet? Except that isn’t really restoring my wallet, just allowing me to authorize a new device to use Yes, you're restoring your private key, into any compatible wallet software or hardware. Your bitcoin is just information, it's not physical. It's just a bunch of words that you can memorise in your head and your coins follows you. And no one in the world can stop you from remembering 12 words.

lgopenr

You’re asking exactly the right questions, and they’re very common when people first get into Bitcoin self-custody — so let’s break it all down step by step, ELI5-style: ⸻ ✅ First, you are correct about this part: My actual crypto/wallet is stored on the blockchain. Viewable publicly, but any transactions from that “wallet” can only happen if I know the “keys”. YES. The Bitcoin lives on the blockchain, not inside your wallet. What your wallet gives you is control over it — by holding the private key. ⸻ 🗝 What are keys and seed phrases? • A private key is like your password to spend BTC. • A public key (derived from the private key) is like your bank account number, used to receive BTC. • The 12 or 24-word seed phrase is a human-readable backup of your private key. So, what determines if you get 12 or 24 words? • It’s usually a setting when creating a new wallet. • 24 words = more entropy = theoretically more secure. • 12 words = still secure, but shorter and easier to write down. • Both are recoverable across most wallet systems. ⸻ 💾 What does the Jade (or any cold wallet) actually store? Your Jade hardware wallet stores the private key, securely. Here’s what it does: 1. Generates and stores the private key inside the device. 2. Never lets it leave the device. 3. Signs transactions within the device. This means you can sign a transaction to send BTC, without exposing your key to the internet. So: • Yes, you set up a PIN on the Jade to prevent someone else from using it. • The Jade stores your key and requires PIN access to use it. ⸻ 🔌 What about plugging the Jade into a computer? Yes, you need to connect it to a computer (or use it wirelessly) to interact with the blockchain via a wallet interface (like Sparrow or the Blockstream Green app). BUT: • The Jade is designed to be “air-gapped”: your private key never leaves the device. • Even though it connects via USB or QR codes, all the signing happens internally. • This means even if your computer has malware, it can’t steal your private key — the Jade never exposes it. ⸻ 🔐 Can I receive or spend BTC without unlocking my Jade? • Receiving BTC? ✅ Yes! You can generate your receive address ahead of time and give it to others to send you BTC. (Your address = derived from your public key = not sensitive.) • Spending BTC? ❌ No, not without unlocking Jade. You must connect and use your PIN to sign any outgoing transaction. ⸻ 🔥 What if my Jade is destroyed in a fire? This is where your 12/24-word backup comes in. That is your wallet. • You buy a new Jade (or any other wallet that supports BIP39 — which is nearly all of them). • You enter your 12/24 words to restore your private key. • Boom: You now have access to all your BTC again. The Bitcoin is still sitting on the blockchain, and your seed phrase is the key to it. ⸻ ❓So… why do I need the Jade if all I need is the seed phrase? Good question — here’s the answer: • You can use the 12/24-word phrase directly in a “hot wallet” (like a phone app), but… • Then the private key lives on an internet-connected device, which can be hacked or infected. The cold wallet (Jade) protects your private key by: • Keeping it offline. • Never exposing it. • Letting you sign safely. So it’s like putting your money in a vault with one tiny opening — you can drop in money (receive BTC), but to take it out, you need your hardware device + PIN. ⸻ TL;DR: Cold wallet basics Thing What It Does Blockchain Stores all Bitcoin balances + transactions. Public ledger. Your wallet address A public identifier that can receive BTC. Anyone can send BTC to it. Private key Gives you control over spending the BTC tied to your address. Keep it safe! Seed phrase (12/24 words) A human-readable backup of your private key. Jade (cold wallet) Stores your private key securely + signs transactions without exposing it. PIN Prevents others from using your Jade even if they steal it. ⸻ 🔐 Why it protects you from online attacks Because: • Your computer or phone never holds the private key. • Only the Jade signs transactions. • So even if a hacker controls your computer, they can’t move your BTC without the Jade and your PIN. ⸻ If you’d like, I can walk you through a step-by-step process of buying BTC on Strike, setting up the Jade, and moving it safely. Let me know if you want that!

keefyboy452

I think SLIP39 is an improvement upon BIP39 from practical stand point. Trezor created BIP39, btw. I wish this SLIP39 would be submitted as a new BIP to get greater adoption.

fllthdcrb

I'm not sure if this has been emphasized enough: Whatever you do, **don't just delete the wallet with your seed phrase in it**. Otherwise, you will never be able to do anything with the bitcoin you receive. You need to have the seed phrase recorded in some form. Make sure it's stored in as secure a manner as possible, since if anyone finds it, they will be able to "restore" the wallet and steal your coins, and you most likely won't know they found the seed phrase until it's too late. And yeah, a hot wallet is potentially insecure. It's best to avoid generating the seed phrase on a system that is connected to the Internet, or even that *will* be connected to the Internet, in case some malware captures the sensitive data and uploads it somewhere later. > buying a cold wallet would cost me a lot "Cold wallet" is not the same as "hardware wallet". "Cold" just means not having an Internet connection. If you can't afford a hardware wallet, there may be other possible solutions. Not as good, probably, but maybe good enough for your purposes. If you have some sort of PC, you can use a "live operating system", which should reduce malware risks. 1. Take a bootable medium, like a USB drive, and put a live OS on it, with suitable wallet software installed. 2. Shut down. 3. For extra security, disable the network capabilities at as low a level as possible (if by chance you are connected solely through a wired connection, or you use wireless but the adapter is not built-in, just unplug it; if you're connect through wireless with a built-in adapter, though, disabling it would have to be at the BIOS/firmware level). 4. Boot the live OS. 5. Run the wallet software, and use it to create a new wallet. 6. Write down both the seed phrase and the xpub/zpub (used to generate the watch-only). 7. **Test that you can restore from the seed.** If this fails, generate a new wallet, and try again. 8. Write down the first one or two addresses in the wallet. 9. Shut down (and re-enable Internet if you disabled it before). 10. Create your watch-only based on the xpub/zpub. Check that the first one or two addresses match what you wrote down before. What is suitable wallet software? Well, a popular choice is [Electrum](https://electrum.org/). Do note, however, Electrum generates its own seeds that are incompatible with the BIP 39 standard most other wallets use. So only use it if you plan to use only it when you eventually need to spend the coins. You can still use many different applications for the watch-only. Another choice I can vouch for is [Sparrow](https://sparrowwallet.com/), which does fully support BIP 39, so you would be able to use most any other wallet for spending later. It's less popular, though, and is less likely to be installed in a live OS image. Expect to have to install it yourself, and maybe an appropriate Java VM as well; you could download it/them from within the live OS (but only if you haven't disabled Internet), or put the downloadables on the medium beforehand. The interface is also less straightforward, though there is documentation (you may ignore the parts about configuring a server for now).

ToneCapwn

If quantum computing breaks SHA-256 then your BANK account and all encrypted logins and passwords and every other sensitive account is compromised. At that point BTC will be leaps and bounds ahead of the ancient legacy systems. There is already a BIP in process for quantum resistance

jkl2035

Klar, dafür bietet BIP360 einen möglichen Ansatz, die spannende Frage für mich ist wie man für BTC hinbekommt und wie der Weg dahin aussieht

fllthdcrb

Yes, that's all correct. A lot of Bitcoin security is based on the space of keys being so large that we never have to worry about collisions between wallets. And the space of keys in a BIP 32 wallet is so much smaller as to be almost nothing by comparison.

fllthdcrb

> If you have two sets of infinite values, they can both contain completely different values and still be infinite. This is true. However, there aren't infinite numbers of Bitcoin keys and addresses. The numbers are unimaginably large, but not infinite, so the special properties of infinite sets (e.g. subsets having equal cardinalities) don't apply. In reality, any sequence of derivations of keys will produce a cycle. It's hard to say how large such cycles are, though. There may be multiple disjoint cycles for a given pattern of paths, or there could be a single cycle of 2^512 extended keys (though I think this latter isn't too likely). That said, for a given BIP 32 "chain" (defined as the sequence of keys derived from a given parent key using consecutive indices), there are only 2^32 in the chain, since the index is a 32-bit number, and the chain is divided into two halves, one with normal derivation and the other with "hardened" derivation, where the widely used BIP 44 scheme for derivation paths uses only one for a given level of the path. Also, BIP 44 provides for two leaf chains per wallet, for receiving and for change; when either one is exhausted, further use of the wallet may not be possible. This means a single wallet (on a single account) can have between 2^31 and 2^32 key pairs and addresses, making running into a cycle or colliding with other wallets highly unlikely.

Aussiehash

Each BIP32 level is limited to {1 - 2,147,483,647} so nowhere close to infinity

Evening-Patience9801

I like it👌👍👍 sins i have my BIP39 Mnemonic and seed, would be very good to wire in BIP-32 (and BIP-44/49/84) to spit out xprvs/xpubs and on-chain addresses, also would be good to allow a user-supplied passphrase so I can derive the same wallets each time.

rgnet1

You’re right. Electrum did its thing, then the BIP39 standard came along. I assume raw private keys and paper wallets were still more popular during the Casascius coin minting years…

mk0aurelius

BIP 40,000

WhisperCrystal

Then you're blind - I quote: "Now I recently discovered Tinyseed and love it. Unlike standard metal plates that display your seed phrase in plain text, Tinyseed encodes it using a clever numerical system. Each number corresponds to a word in the BIP39 list - meaning the phrase is hidden in plain sight, significantly increasing privacy and reducing theft risk."

fllthdcrb

This implies the first word is numbered at 1. But BIP 39 starts the numbering at 0. This is critical to get the correct encoding for the mnemonic, which starts by splitting the raw seed into 11-bit chunks. (You can't have 2048 as a possible value for 11 bits, at least in the normal way.) The numbers you see at that link **are not index numbers in the BIP 39 encoding**! They are line numbers that GitHub displays for all text files, using the same 1-based numbering scheme that all source code tools do. If you download that file, or use the [raw view](https://raw.githubusercontent.com/bitcoin/bips/refs/heads/master/bip-0039/english.txt), you can see there are actually no numbers in it. Why is this a problem? Well, I'm assuming Tinyseed comes with the word list, along with the number for each. What if you lose that? Well, then you have to go look up the numbers elsewhere. Is it 0-based or 1-based? That would be a point of confusion.

Mercurius88888

2048 represents the last word in the BIP-39 word list, which is "zoo": https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

fllthdcrb

Not that I like this solution (reversing the encoding of bits as words that BIP 39 uses to make handling seeds much less error-prone), but there is one thing I'm wondering about: why is there a "2048" column? The word indices go from 0 to 2047, so that 12th bit is useless as far as I can tell. As we can see in the picture, it goes unused.

fllthdcrb

The use of metal for its durability is sound. The issue is with the encoding. Words are used for good reasons. Humans handle them better than numbers (especially in binary), and are a lot less likely to make mistakes when copying them than they are with something like this. Just think about the process required when stamping it: you have to look up each word of your phrase to find its index value, figure out the binary encoding (though maybe they give that to you for convenience), then punch the correct cells in the correct row. What happens if you get the wrong value for a given word? You have encoded entirely the wrong word, which is not immediately obvious. What happens if you make a mistake when recording the letters of a word? Most likely, you got one letter wrong, which is easy to spot and correct when reading it back. Now, BIP 39 does use a checksum, and there is a good chance the checksum won't match if you get a word wrong. But it doesn't help you find which one is wrong. Also, if you punch this thing wrong, you may have ruined the whole plate. A mistake in punching something with letters shouldn't be terrible, for the reason I gave above.

fllthdcrb

The point of using metal is that it is very durable. In case of fire or flood, it's highly likely to survive. Any BIP 39-compliant wallet can be used to recover based on the seed phrase, so you don't rely on any single electronic device to keep your money safe.

Full_Possibility7983

Or use BIP-85, with an ultra-cold back-up of your main seed, and "throw-away" hardware signers with derived seeds.

sto7

> Tinyseed encodes it using a clever numerical system. Each number corresponds to a word in the BIP39 list - meaning the phrase is hidden in plain sight, significantly increasing privacy and reducing theft risk. Security through obscurity is pointless.

Head_Performance2432

They should apply via a BIP instead to solve those issues ?

Business_Smile

I was a bit surprised that SLIP39 is a way less broadly supported thing. Would make me feel a lot better, having the broad BIP39 support and I'm trying to get a feel for if this will change going forward

Business_Smile

This is great. I used to engrave BIP39 seeds on a metal plate and seal it with another, but next time I will use this: [https://www.cardwallet.com/](https://www.cardwallet.com/) and add a nice gift package together with the coin like OP. Sadly, I've gotten quite disillusioned/ disencouraged doing this since it's often met with indifference or even unspoken disdain. Though I know of cases where it turned people hodlers and that's really awesome, but I'm not sure I want the social baggage of trying anymore.

DonisKadonis

There was a shitcoin with a wallet extension called Coindefi and it used to generate seeds with words outside of BIP protocol. Could be the case too

r_a_d_

It doesn’t matter. You need to record the first four for each word, as specified by BIP-39 itself for various languages. Even three letter words may coincide with longer words with the same letter. So the fourth letter would be a <blank>. Do you otherwise propose to look up every word in the BIP wordlist and then decide whether to write down 2, 3 or 4 letters? Risking mistakes instead of just writing simply writing down 4 letters for all words?

Mercurius88888

No, it doesn't store the private key. When you add up the numbers in each row, you'll get a number which corresponds with the number of the particular word in the BIP39 word list.

Aneizi

I like how they added decimal 2048 for symmetry when BIP39 is just 11 bits

stblack

lol do you even own a Ledger? When entering words it auto-completes. lol Some words like yard or oak or ill require just two letters — the very fact that three letter words exist in BIP39 kinda indicates that you really should get out more.

Fearless-Sherbert-40

Y’all should have immediately known some of those words aren’t even on the BIP39 word list.

InevitableRip4613

What he said. Given the one incorrect word that you memorized, you can probably guess the missing word on the BIP39 list. Saves you the hassle of creating a new seed and transferring

ToTheBatmobileGuy

🔤 Input Letters: NEVERGONNAGIVEYOUUPNEVER 🔐 BIP39 Mnemonic: need ecology violin evoke robust grid oppose name nice antenna grab identify voyage eagle you orient usage useful prepare next embark vote exile refuse

ToTheBatmobileGuy

🔤 Input Letters: ROBOTSWILLKILLUSALLAGAIN 🔐 BIP39 Mnemonic: reform oblige bicycle opera tennis sad width inner limb load kid infant loyal lake upper shiver album liquid labor absent grain aerobic inherit night

ToTheBatmobileGuy

🔤 Input Letters: RECONSIDERLIFECHOICESNOW 🔐 BIP39 Mnemonic: regular ecology chair omit nothing state innocent draw east rate lava item foil empty child hint original invest clever end super name october welcome This is actually kind of fun.

ToTheBatmobileGuy

🔤 Input Letters: HAVEFUNSTAYINGPOORFUCKER 🔐 BIP39 Mnemonic: host ahead voyage eye frame unlock nation speak turn analyst you immense news grape pencil oppose old repair first use catalog kingdom emotion rich Made a script with ChatGPT that will generate a random BIP39 seed with the specified first letter of each word. It lowers the entropy significantly, but it is as secure as it *can* be........ (still not very secure, do not actually use these phrases.) const bip39 = require('bip39'); const crypto = require('crypto'); // Use BIP39 English wordlist const wordlist = bip39.wordlists.english; /** * Get a cryptographically secure random integer in [0, max) */ function cryptoRandomInt(max) { if (max <= 0) throw new Error("max must be > 0"); const byteLength = Math.ceil(Math.log2(max) / 8); let rand; do { rand = parseInt(crypto.randomBytes(byteLength).toString('hex'), 16); } while (rand >= max * Math.floor(256 ** byteLength / max)); // Avoid modulo bias return rand % max; } /** * Generate a BIP39 seed phrase where each word starts with a given letter * @param {string} input - 12 or 24 letter string (spaces allowed) * @returns {string} - Valid BIP39 mnemonic with correct initials */ function generateCustomMnemonic(input) { const cleaned = input.toLowerCase().replace(/ /g, ''); if (!/^[a-z]+$/.test(cleaned) || (cleaned.length !== 12 && cleaned.length !== 24)) { throw new Error("Input must be 12 or 24 letters, a-z only (spaces allowed)"); } let mnemonic; do { const words = []; for (const char of cleaned) { const candidates = wordlist.filter(word => word.startsWith(char)); if (candidates.length === 0) { throw new Error(`No BIP39 words start with "${char}"`); } const index = cryptoRandomInt(candidates.length); words.push(candidates[index]); } mnemonic = words.join(' '); } while (!bip39.validateMnemonic(mnemonic)); return mnemonic; } // === CLI Usage === const input = process.argv[2]; if (!input) { console.error("Usage: node seed-speller.js \"your 12 or 24 letter string\""); process.exit(1); } try { const mnemonic = generateCustomMnemonic(input); console.log("🔤 Input Letters:", input.replace(/ /g, '').toUpperCase()); console.log("🔐 BIP39 Mnemonic:", mnemonic); } catch (err) { console.error("❌ Error:", err.message); }

stblack

This may be helpful to know: With BIP39, it’s just the first three, sometimes four first letters of each seed word that matter. So the word itself might be wrong, but the first three or four letters could be right, in which case you’re fine. If you’re not fine, then the wrong word may provide clues to a limited set of words to pick from. Again, first three or four letters is what to consider with BIP39 and, with that knowledge, you can find, maybe reckon, the word.

Aussiehash

>I suddenly realized that one of the words in my seed phrase does not even appear on the BIP 39 word list Well that narrows down which word is incorrect, but memory is fallable, so maybe you have other mistakes in there too Just buy a hammer and letter stamps and punch your mnemonic seed into steel washers.

TheGreatMuffin

> This week’s newsletter summarizes research about fingerprinting full nodes using P2P protocol messages and seeks feedback about possibly removing support for `H` in BIP32 paths in the BIP380 specification of descriptors. Also included are our regular sections summarizing top questions and answers on the Bitcoin Stack Exchange, announcing new releases and release candidates, and describing notable changes to popular Bitcoin infrastructure software.

DinnerPuzzled9509

He probably either has the words stored somewhere and he’s memorized a number sequence to know the correct order or he has memorized the sequence of his appropriate words in the BIP-39 word list (ex: D32=depart) or something of the sort.

TheQuantumPhysicist

Creating a BIP is on my todo list. First I want to see what people think.

pythosynthesis

Did you create a BIP? I'm not technically knowledgeable enough to comment on the goodness of the proposal, but Bitcoin is open source and if you believe this is valuable, you should do it. I hope you're not posting this to say "someone else should implement this" because it will never happen. So go ahead, prepare a well detailed BIP and submit it for review. Same goes for the code - You say you contributed already, off you go, create your branch and implement the changes you want to see. Good luck.

low_contrast_black

Bitcoin is open source and a decentralized development effort. That means there are caretakers of the source, but no singular author. To make changes, you must submit something called a BIP (bitcoin improvement proposal) - a notable one was BIP39, which gave us the standard for mnemonic seed phrases. But BIPs are subject to review. If we ignore the fact that changing the number of total bitcoin flies in the face of finite supply, something like modifying the total number of bitcoin would be a deep cut. There’s a halving schedule, block rewards, etc. it would be a complex mess.

Mercurius88888

The sum of the numbers for each seed is the number / location of the word in the BIP39 word list. The fact that people don't immediately know what to do with this is an additional layer of security.

longonbtc

Lol definitely don't want to do that. It would be very insecure. Besides that, most of the lyrics would not be on the BIP39 word list and the last word of a BIP39 seed phrase is a checksum that is calculated from the preceding words in the seed phrase. And if you were actually able to use song lyrics for your seed phrase, then it wouldn't take long for your bitcoin to be stolen. You want to use a seed phrase that was actually randomly generated.

WVBitcoinBoy

My complaint isn’t that they are in the space, my complaint is that “Bitcoin dropped, Bitcoin went up, Bitcoin is going to $21 million in 21 years.” is all I hear anymore. What happened to the bar tab-on-Bitcoin (lightning Network) talk, the BIP talk, the things we can build on Bitcoin. I feel like nowadays everyone asks what Bitcoin can do for them instead of asking what they can do for Bitcoin.

MittenSplits

Sure. When you enter your 12 or 24 word seed phrase, that will create one private key. After Bitcoin improvement proposal 39 (BIP-39), you can also add a passphrase. When you take your seed phrase and add "_______" to it as a passphrase, that creates a new wallet. Maybe each of your kids can have their own sub wallet with their name as the passphrase, and you hold the master key. Except you wouldn't use a simple word like a name. It should be a relatively long phrase, or preferably you pick your own 4-5 words from the bip-39 word list. This makes sure it can't be brute forced, which would actually be pretty trivial for a short passphrase. A good passphrase means someone can't steal your funds with just the seed phrase, but too short of one could theoretically be brute forced with some more know-how. Just make sure to be careful with the passphrase, don't lose it, make sure you have the cases right. It's a great tool, but equally unforgiving as anything else in cryptography.

riscten

You got me digging and realize that PSBT is actually **not** limited to BIP32, so you can ignore the last two paragraphs of my previous reply. Sorry about the misinformation and thanks for sharing this info! AFAIK Sparrow does not allow importing single public addresses, which would be required to create a watch-only wallet to sweep from a legacy wallet. But as you found out in the CryptoGuide video, this is possible with Electrum. The entire sweeping process needs to be done using Electrum, as while Sparrow can open a PSBT file generated by Electrum, it won't be able to sign the transaction, since it cannot import a single private key, only wallets (or if it does, I never found how). So your plan would be: 1. \[no change\] 2. Online Transaction Preparation: On an online computer, using Electrum, import the legacy wallet as watch-only by using its public address. Create a PSBT file for the desired transaction (Send > enter tx info, using the receiving address from the new wallet you created in Sparrow > Pay... > Share > Save to file). There is no xpub in this step as only hierarchical deterministic wallets (BIP32) have xpubs. Single addresses do not. 3. Offline Signing: Transfer the PSBT to your offline computer. In Electrum, import the legacy wallet, but this time using the private key. Go to Tools > Load transaction > From file and open the PBST. Click Sign, then Share > Save to file, which will save a signed, Complete Transaction file in the TXN format. 4. Returning to Online and Broadcasting: Return the completed transaction TXN file to the online computer. In Electrum, go to Tools > Load transaction > From file. Open the TXN then click Broadcast to broadcast the transaction to the Bitcoin network. From there your funds should be sweeped to the new HD wallet you generated in Sparrow, without ever exposing your private key.

riscten

That makes sense. You're doing everything right as far as I can tell! To be perfectly clear, to sweep, you'll use Tools > Sweep on your *online* laptop. From there you'll enter your private key and pick your new watch-only wallet as the destination. So for this particular operation (sweeping), you wouldn't use a PBST, as PBSTs are not part of the feature set of single private addresses. You need your funds to first be in a hierarchical deterministic wallet (BIP 32), commonly defined by a 12-24 words mnemonic (like the new wallet you created) to be able to use PBSTs.  And once the funds are in your new wallet, you'll be able to use PBST via Send.

riscten

Same reply I gave for the French post you made last week that got removed: The problem with Ledger isn’t that it’s made in China. The problem is that it’s proprietary hardware running proprietary software. Even if Ledger were entirely designed and manufactured in the West, it would still be the same junk. As for centralized exchange platforms (CEXs—which I assume is what you mean by "purchasing hubs"), the issue is that they are essentially banks. But Bitcoin was created to solve the problem of banks, particularly that they operate behind closed doors, with nobody knowing what’s happening behind the curtains. Bitcoin is meant to be 100% transparent. All transactions are visible on the blockchain. When you use a CEX, you lose the connection to the blockchain. They record how much Bitcoin you have in a traditional database, and then they do whatever they want with it, all while collecting a ton of very personal information about you under the guise of “security.” And in the past, several of them — including some very large and supposedly trustworthy ones — have gone bankrupt, taking most of their users' assets with them. So if you’re going to rely on CEXs, you might as well just stick with the current fiat system. You mentioned paper wallets. Yes, some people have lost their money that way, but only because they didn’t follow the fundamental rules that come with using a paper wallet. Of course, if you write your information on a piece of paper and don’t take proper care of it, you might lose your money or have it stolen. With Bitcoin, you are your own bank—that’s the whole idea. So it’s up to you to learn how to use it and to do so wisely. Today, if you want to secure your Bitcoin, you generate a BIP39 mnemonic. This is a set of 12 to 24 words that identifies your place on the blockchain. This mnemonic lets you receive and send Bitcoin. If you have access to it, you have full control. Generally, knowledgeable Bitcoiners use a hardware wallet that is open-source in both hardware and software (so the entire system can be verified). The hardware wallet generates the mnemonic from a high-entropy source (as random as possible), to minimize the chances that a malicious actor could guess it. Once the mnemonic is generated, it's engraved on a steel or titanium plate and hidden somewhere. The mnemonic should never come into contact with a system connected to the Internet (airgapped). Using a metal plate protects the key from incidents like fires or floods. To go even further in terms of preservation, it’s possible to use 2-of-3 multisig. In this system, the wallet is not represented by a single mnemonic but by three, and any two of them are required to spend from the wallet. The mnemonics are again engraved on metal and placed in three different locations (for example: one at home, one at a friend’s place, and one at a secondary residence). This provides a very high level of security, protecting against both destruction (fire, flood) **and** theft, since if one key is compromised (e.g., a burglar gets hold of a plate), they can’t do anything with the mnemonic alone. Similarly, if your house burns down and the plate is lost, it’s still possible to recover your Bitcoins because the other two plates are still safe. So that’s how you properly store your Bitcoin. Not by entrusting it to a third party like Coinbase or Binance. Remember: with Bitcoin, it’s “Don’t trust, verify”, there should never be any trust. As for open-source hardware wallets, the big names are Coldcard, Jade, Trezor, and Seedsigner. With Jade and Seedsigner, you literally have the option of assembling the wallet yourself, just so you know exactly what’s inside and what code is running on it.

longonbtc

I recommend you to use Electrum to restore your wallet. I'll explain how to restore your wallet with Electrum below. When restoring your wallet on Electrum, you must choose BIP39 and then specify the derivation path. The derivation path is different for your "deposit", "bad bank", "pre-mix", "post-mix", and "ricochet" bitcoin balances in the wallet you were using with Samourai. So you must restore each of those balances separately. If you used a passphrase on your Samourai wallet, then don't forget to use it when restoring each of these wallets. I'm going to list the derivation path for for your "deposit", "bad bank", "pre-mix", "post-mix", and "ricochet" bitcoin balances below. Deposit: m/44'|49'|84'/0'/0' Bad Bank: m/84'/0'/2147483644' Pre Mix: m/84'/0'/2147483645' Post Mix: m/84'/0'/2147483646' Ricochet: m/84'/0'/2147483647' If you still have not recovered 100% of your balance by restoring all 5 of those wallets, then you need to increase your gap limit.

Thanis_in_Eve

Wasn't that BIP originally introduced by seagate? /s

Bruno_Alejandro

This should be the cond for they bitcoin keys generstor that follows BIP39 https://github.com/KeystoneHQ/keystone3-firmware/blob/master/src%2Fcrypto%2Fbips%2Fbip39.c

SecularAdventure

Matthew Kratter has addressed the divisibility issue already. Basically, there would be a BIP (Bitcoin Improvement Proposal) to increase the amount of sats per bitcoin (more zeroes after the decimal). That way, there would be even more divisibility, people would retain their current stack undisturbed, and the 21 million is never contested. Right now, there's 100,000,000 sats per BTC, so if it went to 100 billion (three more zeroes), people would have 1,000x the sats, but the same number of BTC. I can't find the original video, but rest assured, this issue has been thought of and there is a solution.

ecafyelims

**BIP-38** encryption is used to encrypt the wallet private key with a passphrase. The encrypted private key is printed on the paper wallet instead of the plaintext private key. In order to access the wallet contents, you now need the paper wallet AND passphrase.

micronfilter

Those are not BIP-39 words. All 2,048 English BIP‑39 words are uniquely identified by their first 4 characters Here’s the wordlist: https://gist.github.com/DMeechan/9761fea1031c95f71c39ac2b80884bc5 Other sources: https://www.nasdaq.com/articles/understanding-your-bitcoin-keys%3A-bip39-seed-words https://www.blockplate.com/pages/bip-39-wordlist?srsltid=AfmBOopY_7n56QaD5854-PjRdUynPbepYOP6XryXhozysF16VdzDQ2Dw

riscten

Le problème de Ledger n'est pas que c'est fabriqué en Chine. Le problème est que c'est du hardware propriétaire qui roule un logiciel propriétaire. Même si Ledger était entièrement concu et fabriqué en Occident, ça serait la même cochonnerie. Pour ce qui est des plateformes d'échanges centralisées (CEX, ce que j'imagine que tu veux dire par "hub d'achat"), le problème est que ce sont essentiellement des banques. Or le Bitcoin a été créé pour corriger le problème des banques, notamment qu'elles magouillent à portes closes, sans que personne ne soit au courant de ce qu'il se passe derrière les rideaux. Le Bitcoin se veut 100% transparent. Toutes les transactions sont visibles sur la blockchain. Lorsque tu utilises une CEX, tu perds le lien avec la blockchain. Ils enregistrent sur une base de donnée traditionnelle combien de Bitcoin tu possèdes, et ensuite ils font ce qu'ils veulent, en plus d'accumuler une tonne d'informations très personnelles sur toi, sous prétexte de "sécurité". Et dans le passé plusieurs d'entre elles, dont certaines très grosses et considérées très fiables, ont fait faillite, emportant avec elles la majorité des actifs de leurs usagers. Donc tant qu'à adopter les CEX, autant rester sur le système fiat actuel. Tu mentionnes le paper wallet. Oui, certaines personnes ont perdu leur argent de cette façon, mais uniquement car elles n'ont pas suivi les règles fondamentales qui viennent avec un paper wallet. C'est certain que si tu écris tes infos sur un bout de papier et que tu ne fais pas attention, c'est possible que tu perdes ton argent, ou que tu te le fasse voler. Avec le Bitcoin, tu es ta propre banque, c'est toute l'idée. Donc c'est à toi d'apprendre à t'en servir, et de l'utiliser judicieusement. Aujourd'hui, si tu veux sécuriser tes Bitcoin, tu génèreras une mnémonique BIP39. Il s'agit d'un ensemble de 12 à 24 mots qui identifie ta place sur la blockchain. Cette mnémonique te permet de recevoir et d'envoyer des Bitcoins. Si tu y as accès, tu as le contrôle total. Généralement, les Bitcoiners avertis utiliseront un hardware wallet à matériel et source ouverte (afin de pouvoir vérifier le fonctionnement entier du système). Le hardware wallet génèrera une mnémonique à partir d'une source d'entropie élevée (la plus aléatoire possible), afin de minimiser les chances qu'elle puisse être devinée par un agent malveillant. Une fois cette mnémonique générée, elle sera gravée sur une plaque d'acier ou de titane et cachée quelque part. La mnémonique ne doit jamais entrer en contact avec un système qui est connecté à Internet (airgap). L'utilisation de la plaque de métal permet de protéger la clé d'incidents comme les incedies et innondations. Pour pousser la préservation plus loin, il est possible d'utiliser le multisig 2-of-3. Avec ce système il n'y a pas qu'une seule mnémonique pour représenter un wallet, mais bien 3, et 2 de celles-ci sont requises pour pouvoir dépenser du wallet. Les mnémoniques seront encore une fois gravées sur métal, puis placées à 3 endroits differents (par exemple une à la maison, une chez un ami, et une dans une résidence secondaire). C'est un niveau de sécurité très élevé, qui protège à la fois de la destruction (incendie, innodation) ET du vol, puisque si une des clés est compromise (par exemple, un cambrioleur mets la main sur une plaque), il ne peut rien faire avec la mnémonique qui y est inscrite. Pareillement, si ta maison prend feu, et que la plaque est perdue, c'est toujours possible de récupérer les Bitcoins puisque les 2 autres plaques sont toujours là. Donc voîlà, c'est comme ça qu'on conserve son Bitcoin. Pas en le confiant à une tierce partie comme Coinbase ou Binance. Rappelles-toi: Avec Bitcoin, c'est "Don't trust, verify", il ne devrait jamais y avoir de confiance). Pour ce qui est des hardware wallets à matériel et source ouverte, les grands noms sont Coldcard, Jade, Trezor et Seedsigner. Pour Jade et Seedsigner, tu as litéralement l'option d'assembler le wallet toi même, question de savoir ce qu'il y a dedans, et le code qui y roule.

GreedyScumbag

Lil BIP39

DarthBen_in_Chicago

This can’t be right. Are they not BIP-39 words? My Umbrel doesn’t use them. (I forget the name.)

cbelliott

Caution is absolutely needed for any attempts to recover lost funds. Back then, Blockchain did not give you a 12- or 24-word BIP39 seed phrase is what I finally learned. The Mnemonic Phrase that I had looked a heckuva lot like a seed phrase and it was very confusing because I thought I had a damn see phrase, but it was filled with non-standard words. Blockchain.info (back then) used this to help users recover their *password*, not their actual wallet. It was a clever workaround for forgotten login credentials and isn't a BIP39 seed. Again, I agree with you, and would never suggest anyone put or share a seed phrase with any tools online.

Jammy13

You could also use the BIP number that corresponds to the word, so you just have numbers and no words. probably make it a little less recognisable.

rupsdb

Use Ian Coleman's BIP39 html file in offline mode.

diradder

For something to be outdated you would need to offer something better and more popular. So what do you suggest? Until then seed words and all its extension are not outdated. All the current alternatives imply more complex and demanding solutions than writing down 12 words, and many of them imply more trust/requirements/risks... but if you prefer them they exist (and unsurprisingly many of them still use seed words and just abstract them at some point, because BIP39 is a great standard): social recovery wallets, HW wallets secured with PIN/Pass, Smart Contract wallets on chains that support them.

twitch-switch

Seed phrases (the code that's used to access a wallet) are called BIP39 and are listed here. If most of your words are on this list, then that's likely what they're for. The others could be added for some other reason like a passphrase. https://bitbo.io/tools/bip39-word-list/

TheGreatMuffin

> This week’s newsletter describes how the selfish mining danger threshold can be calculated, summarizes an idea about preventing filtering of high feerate transactions, seeks feedback about a proposed change to BIP390 musig() descriptors, and announces a new library for encrypting descriptors. Also included are our regular sections with the summary of a Bitcoin Core PR Review Club, announcements of new releases and release candidates, and descriptions of recent changes to popular Bitcoin infrastructure projects.

Head_Performance2432

BIP85 is the way for you,

Azzuro-x

Yes, for example BIP 360.

phattie242

While a script can't directly "fix" a compromised or lost seed phrase, it can help in specific scenarios like recovering a phrase with minor errors or missing words. For example, PySeedRecover is a Python script designed to recover BIP-39 mnemonic seed phrases, especially when there are typos, missing words, or incorrect word order, particularly within the Cardano ecosystem. However, if the seed phrase is completely lost or stolen, the only way to recover access to your wallet is to replace the compromised key entirely.

DramaNo2881

**Use Ian Coleman’s BIP39 tool on Linus Liveness distributive without WAN**

shleebs

Just because knots uses Core code upstream does NOT mean that that it inherits core's maintainers and rigorous review process. Core maintainers do NOT review knots patches, so it is fair to say that knots has only one maintainer. Anyone who says different is either stupid or malicious. The idea that Luke is somehow a brilliant coder is also total bullshit. He is borderline incompetent and lost his own Bitcoin by storing them on an insecure gentoo server. He attempted a hostile takeover of the transifex site. Also a lot of influencers attribute the UASF to him, but that is wrong. Shaolin Fry proposed the UASF and created the relevant BIP. On top of all this, Luke has consistently hurled baseless accusations at other developers for years and years. One recent example were his accusations over the taproot activation mechanism, which he ended up being completely wrong about. If you ask him though, he's right about everything, and he'll block you if you point any of this out. Don't be a dumb puritanical bitcoiner. Be a smart bircoiner who has followed the development history instead of influencer and podcasters. 

user_name_checks_out

> It’s key derivation so although it’s technically the same thing it’s a hell of a lot easier to explain it this simplistic term. In bitcoin, "key derivation" has a very specific meaning which is different from how you are using the term. [Specification: Key derivation](https://en.bitcoin.it/wiki/BIP_0032#Specification:_Key_derivation) I think that what you are trying to say is that the seed phrase (a list of words) allows you to derive the private key (a number between zero and 2^256 ). I would say that both of these values are identical, they are just represented in different formats. > You lose the map (mnemonic), you lose the treasure (coin). You changed your analogy. Previously you said > If you buried treasure (private key) What is the treasure in your analogy? The bitcoins? Or the private key? > I’m happy to learn better ELI5 examples? I am not sure that an analogy is called for in this case. I would put it like this: - Make a backup of your seed phrase, and keep it safe. - Your hardware wallet is a signing device. Digital media, including hardware wallets, is susceptible to failure and should not be relied on as a backup.

brtastic

You should study how Bitcoin and hardware wallets actually work under the hood. Hint: BIP39 mnemonic and BIP44 derivation scheme are standardized solutions and hardware wallets don't do anything special if all you want to do is keep coins stored securely. Generating a mnemonic together with a couple addresses is really easy to do with just a couple lines of code and a crypto library. The one I wrote and use is here, you can read its documentation as it contains security hints: [https://metacpan.org/dist/App-Bitcoin-PaperWallet/view/bin/paper-wallet](https://metacpan.org/dist/App-Bitcoin-PaperWallet/view/bin/paper-wallet) it looks something like this after printing, and it is completely compatible with any HD wallet which properly implements BIP39: [https://imgur.com/a/837Oogj](https://imgur.com/a/837Oogj)

Unfair_Wallaby666

I've been using Claude AI to decode words.  It's been a godsend.  I encoded the words using numbers (z,a,q are #1... x,s,w are #2, c,d,e are #3).  If you look at your keyboard and imagine the space bar is a sun with rays sticking out.  So the word "bitcoin" for example would be "7853987".  Problem is I created a lot of noise that is surrounded by cells with words personal to me that are meant to confuse anyone else that might have stolen the file, but its starting to give me a headache even with the help of AI.  The total document has over 150 different BIP39 words and I know there are several that are intentionally noise.

riscten

My preferred way of using Jade is [entirely stateless](https://help.blockstream.com/hc/en-us/articles/20144489592857-Use-Jade-as-a-stateless-signing-device). The device will forget your mnemonic after each power down. Every time you start it up, you'll set up a temporary signer and enter your 12/24 words. This is supremely secure as Jade basically holds no information about your wallet. If you lose it or it gets stolen, there's no way for anyone to retrieve your coins as the data isn't even there. It's also possible to make your own [SeedQR](https://help.blockstream.com/hc/en-us/articles/10426338606873-How-do-I-create-a-SeedQR-from-my-recovery-phrase). You can then point Jade camera's at the SeedQR instead of typing the words. If you do want to keep the mnemonic saved on the device, you'll need to set up a PIN and use the blind oracle. You can also set up [your own blind oracle](https://help.blockstream.com/hc/en-us/articles/12800132096793-Set-up-a-personal-blind-oracle) if you don't trust Blockstream services. But even then, if no blind oracle is available, you can always restore your wallet from the 12/24-words and passphrase, either in stateless mode, or on any other BIP39-compatible wallet (like Trezor). In other words, the blind oracle is only used to access the mnemonic and passphrase saved on the device, it is not tied to the actual Bitcoin wallet. It's as if the Jade was a safe, that you stored your mnemonic and passphrase in that safe, and the PIN+BO acted as the lock for that safe. If you have the mnemonic+passphrase also stored elsewhere, then you can still access your coins.

Prosecutor1313

Why not memorize it? I don’t mean memorize it as the only form for retrieval, but as a redundant method of retrieval? If I travel to different countries and will going thru customs or staying in a hotel, or if someone has to flee their country, the worst thing then would be to be carrying a seed phrase. Though, you could do it coded. You could carry a bible and put a very small dot over letters to spell words with a blank page between each word, or assign words their BIP39 number and dot letters in a way that remark that number. No one is going to notice a small pencil dot within a Bible in which only you know which page the sequence begins on. And you could do that redundantly with a calendar or schedule book as well, in case one were lost. All while keeping a metal seed in a safety deposit box as a final backup to go to.

brtastic

you take a mnemonic, generate the first address of the first account in BIP44 hierarchy and send coins to that address

red98GTSR

What do you mean fill a BIP39 mnemonic with coins?

Unfair_Wallaby666

Thanks! Best response (and most on point so far). I am wondering if AI could look at the hints and figure out the pattern. They've used it to decode ancient languages...so it must be decent at pattern recognition. I'm positive the first few lines are a clue as to how to solve it. I know I used a 2 step process because I used numbers to indicate where to find them in the sequence as well as which number they actually are for the seed phrase. I used dummy words not knowing that there was a set BIP list. For example, I'm pretty sure "password" followed by 12345678 is saying that when there is a sequential number, the highest number is the # of letters in that seed word. The first lines are are as follows: 123456 Password 12345678 qwerty 123456789 12345 1234 111111 \----------------------------------------------------------- 1234567 dragon - BIP39 SEED 123123 baseball abc123 football monkey - BIP39 SEED letmein shadow -BIP39 SEED master - BIP39 SEED 696969 mustang 666666 qwertyuiop

brtastic

I think you meant a hardware wallet. Do you want to only buy a device and not fill it with any btc? Since if you want to also buy btc, I think it would be better to fill a BIP39 mnemonic with coins and carve it on a metal plate. Will be cheaper than a device, so you can buy more btc, and more durable long-term. Unless she already has a metal plate of course.

Zombie4141

Take out all the words that aren’t part of the BIP39 protocol first.

rupsdb

How creating a seed myself and a seed created by hw wallet is different? It must be using BIP39 right?

Fiach_Dubh

Thanks for BIP 324 by the way.

Azzuro-x

Right. Including BIP-360 should be similar when Taproot has been added.