BIP

TrickReport2929

The next BIP needs to add the option to live in it

SpendHefty6066

Quite a few areas of improvement. Generate entropy non digitally. Dice rolls or cut the 2948 BIP39 Words out, put them in a hat and pick 12. Don't use Trezor. Use CokdCard or DIY Seedsigner.

FuturesSoDank

Electrum uses its own nonstandard seed phrase system which is not compatible with BIP39. Once you get your funds into your own wallet (Electrum or any other) you can always transfer them to a new wallet later, if you decide you don't like Electrum. Personally I like Electrum and have been using it for four years without any problems.

KeySpecialist9139

Why? Because most bitcoiners are delusional. When you strip all the layers of maxitalk, you are left with a useless technology that nobody needs and is severely flawed, ergo "don't dare point out the flaws we are going to the moon" attitude. Bitcoin, the digital leviathan hailed as the future of finance, rests on a brittle cryptographic pedestal. It relies on ECC, a foundation now vulnerable to Shor’s algorithm. When a wallet’s public key is exposed on-chain, it becomes a potential target for quantum-powered private-key attack. Studies and industry roadmaps now converge on 2028 to 2030 as the window when quantum computers could feasibly break ECC. This is the moment when Bitcoin becomes a worthless monument to human stupidity and greed. Maxis answer to that is the argument that only old legacy wallets are at risk. BUT, even if only one massive wallet (like Satoshi’s) gets hit, the impact would be explosive. Current Bitcoin lacks Quantum-safe cryptography, an urgent upgrade path via BIP or soft fork, and most importantly a consensus for transition. So, if we’re talking about the first truly viable hack into bitcoin guts, a realistic estimate would be around 2029, with a broader risk window extending late 2028 through 2032. When that happens bitcoin won't be worth the paper it's printed on. 😉 Cult is are there it's left, I am afraid.

Azzuro-x

Yes, that is actually potential strategy #1 (out of 3) outlined in this draft BIP.

pop-1988

> Nobody wanted to have that conversation when I posted about it a couple months ago There was a thorough debate in Feb 2025, when the QRAMP BIP proposal was written, a proposal to confiscate "quantum vulnerable" coins https://mailing-list.bitcoindevs.xyz/bitcoindev/08a544fa-a29b-45c2-8303-8c5bde8598e7n@googlegroups.com/ Dishonestly, the author refers to the proposal as "Address Migration", when in fact it's a confiscation plan, with a limited period for coin owners to spend their coins to safer addresses Unfortunately, the debate is biased in favor of confiscation, as though there's some unstated consequence everybody agrees with, but nobody states explicitly. This consequence is a fear of the price falling if the new owner of those coins sells them Before this, in spite of pressure relating to other issues - such as "Bitcoin security budget" - Bitcoin developers have never coded anything which relates to protecting the price. The price market is entirely the risk of investors and hoarders. It's completely irrelevant to the consensus protocol > Wouldn't it be cool if there was a company that could demonstrate that they had the world's strongest quantum computer to do something ethical - stealing satoshis coins then moving them to a quantum-proof burner wallet? I guess so. But why would you trust their ethics in advance? I think it would be cooler if nonprofit quantum researchers (university or similar research foundation) won the race and used the profit to fund further research More than that good-guys fantasy, it doesn't actually matter if the unspent quantum-vulnerable coins are recovered and spent by quantum computer researchers. The consensus protocol allows them to be spent. The original owners of those coins can move them any time in the next hundred years before quantum computers are real. There's no need for a protocol change You've missed the technical issue - any coin which has an exposed public key is vulnerable. This includes all addresses which have been reused for more than one coin, and where one coin has been spent. The public key is exposed by spending. People (including some large crypto exchanges) reuse addresses against all the advice that a Bitcoin address is single-use. By ignoring that advice, they're recklessly offering their unspent coins to quantum computer researchers. Of course, they have about 80 years to correct their foolishness anyway > Nobody wanted to have that conversation Nobody here maybe. But even in the Lopp article, there's a quote from a public discussion which expresses the view that the coins should be quantum spendable > I don't see why old coins should be confiscated. The better option is to let those with quantum computers free up old coins. While this might have an inflationary impact on bitcoin's price, to use a turn of phrase, the inflation is transitory. Those with low time preference should support returning lost coins to circulation -- Hunter Beast In that discussion, that side of the argument was at least equal to the knee-jerk "gotta do something" brigade

coinfeeds-bot

tldr; Developers warn that quantum computers could compromise 25% of Bitcoin's supply due to exposed public keys. A Bitcoin Improvement Proposal (BIP) by Jameson Lopp suggests a three-phase quantum-resistant upgrade. The plan includes blocking quantum-vulnerable addresses, freezing unsecured funds, and potentially recovering frozen assets. The initiative aims to protect approximately 4 million BTC, including Satoshi Nakamoto's holdings, from future quantum attacks, which could cause significant economic disruption and market instability. *This summary is auto generated by a bot and not meant to replace reading the original article. As always, DYOR.

frozengrandmatetris

jamesson lopp has submitted a BIP to deal with quantum resistance. the things that need to happen will be extremely uncomfortable for the community but they need to happen anyway. I think ETH and SOL will achieve a good level of quantum resistance first, LTC and XMR will achieve this some time after, and BTC may only get it as late as possible with a huge amount of drama and bikeshedding.

Charming-Designer944

Passphrase very much is standard terminology. Defined in BIP39. And I naturally assume a passphrase wallet is a wallet using a passphrase in addition to the mnemonic / seed phrase. Seed phrase is not well defined. But nearly all have at least a vague understanding what it is about, and especially if combined with some specification (BIP39 seed phrase, SLIP39 seed phrase, electrum seed phrase etc).

NiagaraBTC

You certainly can use any words but in general using the BIP-39 words will make recovery easier in the event of poor handwriting or misspellings. Some wallets will auto fill BIP-39 words on entry which makes entering long passphrases a lot easier.

na3than

The confusion starts with wallet manufacturers (both hardware and software) who use whateverthefuck terminology they want when describing their product and how to use it. The original BIP39 spec calls it a **mnemonic code** or **mnemonic sentence**, but does anyone call it that? No, they call it a recovery code, or recovery words, or seed words, or seed phrase, or something else that they think their dumb users will understand better than mnemmemonoonicc. **Passphrase** is in the spec but **seed phrase** is not, so whenever you say **seed phrase** you're contributing to the problem.

meowboiio

SPV is helpful for clients, but full nodes still define consensus rules, so nodes are who really contribute to the decentralization, because without them, miners can cheat. If only the miners had power, they would have rolled back blocks by now, turned on inflation, and censored whoever they wanted. We've been through this before — BIP148 in 2017 — nodes defeated miners who didn't want to activate SegWit. And as L2s grow, they’ll still require L1 blockspace — which means miners still get paid. It’s just a different fee flow.

Bred_Slippy

There's already what's called a BIP (Bitcoin Improvement Proposal) to make it quantum resistant if this ever becomes a serious threat. Considering the underlying physics of quantum computing, there's huge hurdles to overcome before they get anywhere near to being able to hack Bitcoin. I have my doubts they'll get to a proper commercial level of usefulness in my lifetime, and quite possibly never will. 

NiagaraBTC

>Depends completely on the length of the phrase. A 25+ character phrase will not be brute forced with current technology. A 25 character phrase that exists as a piece of poetry is (relatively) easily brute-forceable. That's what, a six word piece of a poem? Six random BIP-39 words, on the other hand, are extremely secure.

NiagaraBTC

Use BIP-39 words selected randomly. 4 is okay but I prefer 5 or 6. It doesn't matter much if you use capital letters or lower case or spaces or no spaces. Just be sure that however you do it is how you do ALL your passphrases you ever make. PS be sure you don't accidentally add an extra space at the end of the passphrase.

UnsersGottaGo

#2 say you use BIP-39 bitcoin wordlist of 2048 words. if five out of your six words are known, suddenly you go from 2x10^18 combinations, to 2048 combinations. password manager would be a juicy target, but it may be worth it to gain a 99.99999999999999999% advantage in cracking your passphrase. a 386 laptop should be able to do 2048 combinations in a second.

Aussiehash

Letter stamps would be faster, less prone to data loss and less prone to human transcription errors (hence the reason we stamp BIP39 words and not hexadecimal numbers/letters)

MonitorNo2607

I didn’t type my actual seed phrase — I typed an obfuscated list of 72 BIP-39 words, shuffled and hidden using a personal pattern that only I know and that isn’t written or stored anywhere. I stored it in an open-source app, encrypted locally using AES-256 and Argon2. The app has no cloud sync, no iCloud backup, no linked account, and the password I use for it is unique. The real seed isn’t even highlighted or isolated in the file — it’s buried within the 72-word list and only extractable if you know the specific pattern I used. How is hacking my Apple ID Puts me in danger?

xpresstuning

My setup consists of the following: - 12 word seed-phrase and derivation path stamped on a stainless steel plate. - Passphrase stamped on another stainless steel plate. - Both kept separately. I wouldn't buy overpriced garbage you see on the internet. You need a word set, a couple of steel plates, and a hammer. This is multi-generational wealth we're talking about it; use a little physical effort to secure it indefinitely. You don't need to ever change it. If the BIP39 standard becomes obsolete, then you transfer to another standard. But I assume that is multiple decades away.

fkn-internet-rando

I think the BIP38 format uses only 58 characters. If you see the picture it has the exact same number characters as the real key, I just changed the characters with random text.

procabiak

Perhaps it is a BIP38 encrypted private key.

HuntlyBypassSurgeon

Devices using the BIP39 standard will be compatible with each other, meaning there will be no need to do a transfer on the blockchain to load the wallet on a second device. It might be a good idea to understand and know the so-called derivation path of the wallet you initially created; if the coin does not appear when you restore to the second device, it will likely be because of mismatched derivation paths. Repeating the restore process and specifying the derivation path manually should fix it.

jkl2035

Just sag the talk with Hunter Beast & Jameson Lopp on YouTube - would love to had the Chance to See it Live, I Like the Concept of BIP360 - just the right time to discuss it and come up with a solution https://m.youtube.com/watch?v=0Xqow-DGHSs

NoSkidMarks

Wow, what happened to move the price, did a new BIP take effect, or did Trump sign a bill that removes KYC and AML? No... Uh, okay, then why is it up? Because people keep throwing money at it. Before ETFs, people were throwing their own money at it, now they're throwing other people's money at it. Pretty soon central banks will be throwing money at it. But until consumers decide it's what they prefer, it's all just a bunch of hot air. That's not going to happen until merchants begin accept it, and that's not going to happen until KYC and AML regulations are eliminated, and that's not likely to happen within my lifetime (\~60 years), so this Zeppelin of all Zepplins is likely to keep growing for a long time before it finally bursts into flames.

Tom_B88

Yep, that is a valid BIP39 mnemonic! The hash of 256 bits where all bits are 1 is exactly are you said - when the first 8 bits of this are added to the end, that makes the final 11 bit chunk 11110101111, which is 'vote'. I would not recommend storing any Bitcoin on the resulting seed 😀 Thanks for this, glad I'm not only one who got minesweeper vibes.

KelvenKing

Not sure if it's supposed to do that, but when you get minesweeper vibes and want to change all the entropy characters to 1 in the checksum visualizer then the checksum is: **10101111**10010110000100110111011000001111011100100110001101011111101111011011010001001010010110100000101001100011110000111001111100010010101011110011000011111001010100001010011011101110010111001001011100011011111000011000100011101000100111000100000001010001 Which is a valid BIP39 mnemonic as zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote

Crypto-Guide

Electrum uses a different seed standard and doesn't generate BIP39 seeds. (But does use the BIP39 wordlist) What makes things more confusing is that for a few years it was possible that a seed could have a valid checksum for both (1/16 chance as the checksum for BIP39-12word is so pointlessly weak) BIP32 is a different standard entirely and doesn't relate to mnemonics, but rather from the key that is created from the BIP39/Electrum2/SLIP39 process. (You can export the xprv from Electrum and then import this into Sparrow as a BIP32 wallet) Basically the question of whether Sparrow should support Electrum seeds is best directed at the Sparrow Dev. (There are other wallets that support Electrum standard seeds)

xpresstuning

What? I said that he could import the seed-phrase in any wallet. Software or hardware. Then send to exchange. And sell. My point was that his seed-phrase is backwards compatibile indefinitely; as long as BIP39 support exists. He could use the "Watch-Only" indefinitely for decades and accumulate with absolutely 0 risk. Once he decides to withdraw - he could use his seed-phrase with a hardware wallet. Or he could use any software wallet. Send to exchange. And sell. Or make a new wallet. Good job on the thumb down.

Scared-Ad-5173

You can't read. This sentence is in the comment I replied to - "But that also can be solved by another BIP." It Is referring to the idea that we can lock coins that live in non quantum resistant addresses after upgrading to quantum resistant addresses. Locking coins is reducing supply. But he clearly didn't understand that. Lmao

ultron290196

Quantum resistant forks will be out before it's ever a threat. However lost coins are at risk of being moved. But that also can be solved by another BIP. You need to realise BTC is a living organism. It can adapt.

rumi1000

Don't know Safepal. Trezor has passphrases though so you should be using that. Choose a passphrase you can memorize, but also back it up. Just don't back it up in the same place as your seed as this would defeat the purpose. I recommend having passphrase memorized and in password manager. BIP85 is a bitcoin thing. I have my main seed in Passport, then derived a BIP85 child seed for my Trezor which I use for everything non-Bitcoin.

rumi1000

It allows you to deterministically derive child seeds from a main seed. Backup main seed in steel, use BIP85 to derive child seeds > use this for mobile wallets, shitcoin wallets etc Supported by Coldcard and Passport.

rumi1000

Passphrase is your friend. Also checkout BIP85 so you only have to backup one seed phrase.

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: •No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. •Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. •If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. •The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: •Keeping your seed and passphrase offline and safe •Not reusing the passphrase elsewhere •Being alert for phishing attempts

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: • No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. • Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. • If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. • The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: • Keeping your seed and passphrase offline and safe • Not reusing the passphrase elsewhere • Being alert for phishing attempts

Rubalien

Yeah, your setup is absolutely solid. You’re using a 12-word seed phrase + a 10-character passphrase — that combo is already way beyond anything anyone can realistically brute-force. A 12-word seed gives you 128 bits of entropy, which means about 3.4×10³⁸ possible combinations. Add in a strong passphrase on top (assuming it’s not something like “password123”) and you’re stacking even more entropy and protection against phishing or physical compromise. To answer your question directly: • No, you don’t need to upgrade to 24 words. That gives you 256 bits of entropy, yes — but 128 bits is already overkill for human lifetimes. It’s not the weak point. • Brute-forcing either a seed phrase or a private key is practically impossible. Even if someone could guess billions per second, they’d still get nowhere in millions of years. • If an attacker were to try anything, they’d go straight for the private key, because it’s faster to compute and doesn’t require dealing with BIP39 wordlists, checksums, derivation paths, etc. But again — doesn’t matter. Both are absurdly secure. • The real risk isn’t the math — it’s you getting phished, infected, or storing your seed somewhere unsafe. So in terms of “how long will this last?” — your setup is future-proof for the foreseeable future, including the post-quantum era (because even then, we’d get a heads-up before wallets are vulnerable, and you’d just migrate your funds). Unless you’re storing millions or setting up ultra-long-term cold storage, there’s no practical benefit to switching to 24 words. Just focus on: • Keeping your seed and passphrase offline and safe • Not reusing the passphrase elsewhere • Being alert for phishing attempts

crunchyeyeball

According to their site, the Safe 3 does support a 12-word (BIP39) option if you prefer that. It just uses 20-word (SLIP39) option as a default: > The first version of the Trezor Safe 3 was released while we used the term recovery seed instead of wallet backup. The 2023 version came with 12-word wallet backup cards labeled as recovery seed, while the 2024 version includes 20-word wallet backup cards. > > ***Both devices are identical - the only difference is the blank wallet backup card. Both devices are capable of using 12, 20, and 24 word backups.***

CatatonicMan

Huh. You're right. I thought SLIP39 was an implementation of Shamir's Secret Sharing over BIP39, but they made it a separate thing.

Aussiehash

>You can always convert SLIP39 to BIP39 Nope

CatatonicMan

SLIP39 is an open standard supported by several wallets, including Electrum. It's not exclusive to Trezor, and you shouldn't worry about not being able to use it if Trezor goes belly up. Regardless, you can always convert SLIP39 to BIP39, since SLIP39 is just a specially-encoded BIP39 seed phrase.

ac4346e2

You can choose 12/24 word it's in some hidden menu it's also called BIP39

Dettol-tasting-menu

Most welcome! And thank you for going self custody instead of buying some ETF, which is easier on surface but it's not real bitcoin. If everyone just buys ETF or MSTR, bitcoin might die. I don't personally memorise the 24 words, but I have some good copies. And yes finding the best place to hide the plates is the main headache for most people. Think of it like, in the ancient world, where would a wealthy person hide their gold bars and bullions? It's always a bit tricky. But fear not. There is a good solution to that too. It's a called a Passphrase (often called the 25th word). So once you have understood the idea of the seed phrase (24 words private key), the next step would to add a passphrase to the seed phrase (note the unfortunate names people often get confused). Passphrase is also a BIP39 standard, think of it as the 25th "word" added on top of the 24, but this 25th word doesn't have to be picked from the standard word list. It can be anything (much like our normal login passwords, we can make it however long and however complex we want). Once you enable a Passphrase, the resulting private key would be completely different from the original 24 words alone. So 24 words by themselves, you can think of it as a wallet holding some bitcoin, but once you add your passphrase on top, you get a completely different wallet. Every different passphrase gives you a different \[empty\] wallet. So imagine, I have my steel plates with 24 words stamped, I hide it in my house somewhere, preferably more than one copy. I am not too worried about someone finding my plates, because I have only a small decoy amount kept on that 24 word wallet. A bigger (main) stash is actually kept on my Passphrase enabled wallet - still the same 24 words, but it also needs the 25th (my passphrase) to get to it. And if your passphrase is a reasonably long and complex one (much like any email password), then it's difficult to brute force by trail and error. But that's the next step. Most wallet would allow you to enable the passphrase, but many wallet would call it an "advanced" feature because if you're just getting started, it could be confusing. First get the good understanding on how the basic seed phrase work, then move on to passphrase to better protect yourself. Good luck!

Dettol-tasting-menu

Your private key is actually very simple. It’s just a very very large number. That’s it. It’s a 256 bit number, so that’s just 101110101011101 etc etc. All 1s and 0s, 256 digits long. The words are just a human readable representation of this 256 bit number. 256 bit would translate to 24 standard English words (from a standard list), and some wallets choose to use a 128 bit private key (half as long) so that translates to 12 words. Both are plenty secure. Note no SHA256 is involved here. It literally transcribes a random binary number 1011001000101…. into words. Each word represents a 11 bit binary. You can google BIP39 word list and look at the mapping. 00000000000 is ABANDON, 00000000001 is ABILITY, 00000000010 is ABLE, etc etc. You can flip a \[fair\] coin, head being 1, tail being 0, do it 128 or 256 times, write down the result on paper and then manually refer to this word list and find out the English words, then you have your seed phrase aka private key. No SHA is needed. \>shares it safely when I need to authorize a transaction No your cold wallet never \*shares\* your private key, not sharing the key is the whole point of a cold wallet. It \*knows\* your private key but it will never disclose it. When you want to spend your coin, you put together a transaction -- like A (you) send 0.1 BTC to B (on this address). Once you (really it's your software paired with the cold wallet) put together this transaction details, it get sent to the cold wallet for signature. Cold wallet \*signs\* it with the private key, but never tell the software what the key is. Think of it like, your cold wallet is a guy hiding inside a secret room with a secret authorisation code, you slip a piece of paper (the transaction details) under the door, the guy picks it up and use the authorisation code to \*sign\* the paper. Once done, he slips the paper back out to you. You now have a signed transaction, fully authorised, ready to broadcast to the world, but you (your software) never get to see the authorisation code (your private key), you only get to see the final produce which is the signature, the signature can go public to the worlds. You must always make good back up of the words. Write it down on paper, or better yet stamp the words on steel plates. Never type it out on a computer, never take pictures of it with a phone (otherwise it defeats the purpose of using a cold wallet!) If you lose your hardware wallet (which holds your key) that's ok because it's impossible (or at least extremely hard) to extract your keys from the hardware, and your hardware is protect by your PIN, if the person picked up the hardware and key in wrong PIN a number of times your hardware just wipes itself clean. etc. So losing your hardware is ok as long as you have a copy of the words, again, that's your private key. You can buy another hardware wallet (even another brand, most are BIP39 compatible) and restore your private again using your words. so ultimately your 12/24 words are what you need to safekeep, everything else can be replaced, you can buy a new phone, a new cold wallet, new PC... as long as you have your words your coins will be safe. \>that is why I can use them to “restore” my wallet? Except that isn’t really restoring my wallet, just allowing me to authorize a new device to use Yes, you're restoring your private key, into any compatible wallet software or hardware. Your bitcoin is just information, it's not physical. It's just a bunch of words that you can memorise in your head and your coins follows you. And no one in the world can stop you from remembering 12 words.

lgopenr

You’re asking exactly the right questions, and they’re very common when people first get into Bitcoin self-custody — so let’s break it all down step by step, ELI5-style: ⸻ ✅ First, you are correct about this part: My actual crypto/wallet is stored on the blockchain. Viewable publicly, but any transactions from that “wallet” can only happen if I know the “keys”. YES. The Bitcoin lives on the blockchain, not inside your wallet. What your wallet gives you is control over it — by holding the private key. ⸻ 🗝 What are keys and seed phrases? • A private key is like your password to spend BTC. • A public key (derived from the private key) is like your bank account number, used to receive BTC. • The 12 or 24-word seed phrase is a human-readable backup of your private key. So, what determines if you get 12 or 24 words? • It’s usually a setting when creating a new wallet. • 24 words = more entropy = theoretically more secure. • 12 words = still secure, but shorter and easier to write down. • Both are recoverable across most wallet systems. ⸻ 💾 What does the Jade (or any cold wallet) actually store? Your Jade hardware wallet stores the private key, securely. Here’s what it does: 1. Generates and stores the private key inside the device. 2. Never lets it leave the device. 3. Signs transactions within the device. This means you can sign a transaction to send BTC, without exposing your key to the internet. So: • Yes, you set up a PIN on the Jade to prevent someone else from using it. • The Jade stores your key and requires PIN access to use it. ⸻ 🔌 What about plugging the Jade into a computer? Yes, you need to connect it to a computer (or use it wirelessly) to interact with the blockchain via a wallet interface (like Sparrow or the Blockstream Green app). BUT: • The Jade is designed to be “air-gapped”: your private key never leaves the device. • Even though it connects via USB or QR codes, all the signing happens internally. • This means even if your computer has malware, it can’t steal your private key — the Jade never exposes it. ⸻ 🔐 Can I receive or spend BTC without unlocking my Jade? • Receiving BTC? ✅ Yes! You can generate your receive address ahead of time and give it to others to send you BTC. (Your address = derived from your public key = not sensitive.) • Spending BTC? ❌ No, not without unlocking Jade. You must connect and use your PIN to sign any outgoing transaction. ⸻ 🔥 What if my Jade is destroyed in a fire? This is where your 12/24-word backup comes in. That is your wallet. • You buy a new Jade (or any other wallet that supports BIP39 — which is nearly all of them). • You enter your 12/24 words to restore your private key. • Boom: You now have access to all your BTC again. The Bitcoin is still sitting on the blockchain, and your seed phrase is the key to it. ⸻ ❓So… why do I need the Jade if all I need is the seed phrase? Good question — here’s the answer: • You can use the 12/24-word phrase directly in a “hot wallet” (like a phone app), but… • Then the private key lives on an internet-connected device, which can be hacked or infected. The cold wallet (Jade) protects your private key by: • Keeping it offline. • Never exposing it. • Letting you sign safely. So it’s like putting your money in a vault with one tiny opening — you can drop in money (receive BTC), but to take it out, you need your hardware device + PIN. ⸻ TL;DR: Cold wallet basics Thing What It Does Blockchain Stores all Bitcoin balances + transactions. Public ledger. Your wallet address A public identifier that can receive BTC. Anyone can send BTC to it. Private key Gives you control over spending the BTC tied to your address. Keep it safe! Seed phrase (12/24 words) A human-readable backup of your private key. Jade (cold wallet) Stores your private key securely + signs transactions without exposing it. PIN Prevents others from using your Jade even if they steal it. ⸻ 🔐 Why it protects you from online attacks Because: • Your computer or phone never holds the private key. • Only the Jade signs transactions. • So even if a hacker controls your computer, they can’t move your BTC without the Jade and your PIN. ⸻ If you’d like, I can walk you through a step-by-step process of buying BTC on Strike, setting up the Jade, and moving it safely. Let me know if you want that!

keefyboy452

I think SLIP39 is an improvement upon BIP39 from practical stand point. Trezor created BIP39, btw. I wish this SLIP39 would be submitted as a new BIP to get greater adoption.

fllthdcrb

I'm not sure if this has been emphasized enough: Whatever you do, **don't just delete the wallet with your seed phrase in it**. Otherwise, you will never be able to do anything with the bitcoin you receive. You need to have the seed phrase recorded in some form. Make sure it's stored in as secure a manner as possible, since if anyone finds it, they will be able to "restore" the wallet and steal your coins, and you most likely won't know they found the seed phrase until it's too late. And yeah, a hot wallet is potentially insecure. It's best to avoid generating the seed phrase on a system that is connected to the Internet, or even that *will* be connected to the Internet, in case some malware captures the sensitive data and uploads it somewhere later. > buying a cold wallet would cost me a lot "Cold wallet" is not the same as "hardware wallet". "Cold" just means not having an Internet connection. If you can't afford a hardware wallet, there may be other possible solutions. Not as good, probably, but maybe good enough for your purposes. If you have some sort of PC, you can use a "live operating system", which should reduce malware risks. 1. Take a bootable medium, like a USB drive, and put a live OS on it, with suitable wallet software installed. 2. Shut down. 3. For extra security, disable the network capabilities at as low a level as possible (if by chance you are connected solely through a wired connection, or you use wireless but the adapter is not built-in, just unplug it; if you're connect through wireless with a built-in adapter, though, disabling it would have to be at the BIOS/firmware level). 4. Boot the live OS. 5. Run the wallet software, and use it to create a new wallet. 6. Write down both the seed phrase and the xpub/zpub (used to generate the watch-only). 7. **Test that you can restore from the seed.** If this fails, generate a new wallet, and try again. 8. Write down the first one or two addresses in the wallet. 9. Shut down (and re-enable Internet if you disabled it before). 10. Create your watch-only based on the xpub/zpub. Check that the first one or two addresses match what you wrote down before. What is suitable wallet software? Well, a popular choice is [Electrum](https://electrum.org/). Do note, however, Electrum generates its own seeds that are incompatible with the BIP 39 standard most other wallets use. So only use it if you plan to use only it when you eventually need to spend the coins. You can still use many different applications for the watch-only. Another choice I can vouch for is [Sparrow](https://sparrowwallet.com/), which does fully support BIP 39, so you would be able to use most any other wallet for spending later. It's less popular, though, and is less likely to be installed in a live OS image. Expect to have to install it yourself, and maybe an appropriate Java VM as well; you could download it/them from within the live OS (but only if you haven't disabled Internet), or put the downloadables on the medium beforehand. The interface is also less straightforward, though there is documentation (you may ignore the parts about configuring a server for now).

ToneCapwn

If quantum computing breaks SHA-256 then your BANK account and all encrypted logins and passwords and every other sensitive account is compromised. At that point BTC will be leaps and bounds ahead of the ancient legacy systems. There is already a BIP in process for quantum resistance

jkl2035

Klar, dafür bietet BIP360 einen möglichen Ansatz, die spannende Frage für mich ist wie man für BTC hinbekommt und wie der Weg dahin aussieht

fllthdcrb

Yes, that's all correct. A lot of Bitcoin security is based on the space of keys being so large that we never have to worry about collisions between wallets. And the space of keys in a BIP 32 wallet is so much smaller as to be almost nothing by comparison.

fllthdcrb

> If you have two sets of infinite values, they can both contain completely different values and still be infinite. This is true. However, there aren't infinite numbers of Bitcoin keys and addresses. The numbers are unimaginably large, but not infinite, so the special properties of infinite sets (e.g. subsets having equal cardinalities) don't apply. In reality, any sequence of derivations of keys will produce a cycle. It's hard to say how large such cycles are, though. There may be multiple disjoint cycles for a given pattern of paths, or there could be a single cycle of 2^512 extended keys (though I think this latter isn't too likely). That said, for a given BIP 32 "chain" (defined as the sequence of keys derived from a given parent key using consecutive indices), there are only 2^32 in the chain, since the index is a 32-bit number, and the chain is divided into two halves, one with normal derivation and the other with "hardened" derivation, where the widely used BIP 44 scheme for derivation paths uses only one for a given level of the path. Also, BIP 44 provides for two leaf chains per wallet, for receiving and for change; when either one is exhausted, further use of the wallet may not be possible. This means a single wallet (on a single account) can have between 2^31 and 2^32 key pairs and addresses, making running into a cycle or colliding with other wallets highly unlikely.

Aussiehash

Each BIP32 level is limited to {1 - 2,147,483,647} so nowhere close to infinity

Evening-Patience9801

I like it👌👍👍 sins i have my BIP39 Mnemonic and seed, would be very good to wire in BIP-32 (and BIP-44/49/84) to spit out xprvs/xpubs and on-chain addresses, also would be good to allow a user-supplied passphrase so I can derive the same wallets each time.

rgnet1

You’re right. Electrum did its thing, then the BIP39 standard came along. I assume raw private keys and paper wallets were still more popular during the Casascius coin minting years…

mk0aurelius

BIP 40,000

WhisperCrystal

Then you're blind - I quote: "Now I recently discovered Tinyseed and love it. Unlike standard metal plates that display your seed phrase in plain text, Tinyseed encodes it using a clever numerical system. Each number corresponds to a word in the BIP39 list - meaning the phrase is hidden in plain sight, significantly increasing privacy and reducing theft risk."

fllthdcrb

This implies the first word is numbered at 1. But BIP 39 starts the numbering at 0. This is critical to get the correct encoding for the mnemonic, which starts by splitting the raw seed into 11-bit chunks. (You can't have 2048 as a possible value for 11 bits, at least in the normal way.) The numbers you see at that link **are not index numbers in the BIP 39 encoding**! They are line numbers that GitHub displays for all text files, using the same 1-based numbering scheme that all source code tools do. If you download that file, or use the [raw view](https://raw.githubusercontent.com/bitcoin/bips/refs/heads/master/bip-0039/english.txt), you can see there are actually no numbers in it. Why is this a problem? Well, I'm assuming Tinyseed comes with the word list, along with the number for each. What if you lose that? Well, then you have to go look up the numbers elsewhere. Is it 0-based or 1-based? That would be a point of confusion.

Mercurius88888

2048 represents the last word in the BIP-39 word list, which is "zoo": https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

fllthdcrb

Not that I like this solution (reversing the encoding of bits as words that BIP 39 uses to make handling seeds much less error-prone), but there is one thing I'm wondering about: why is there a "2048" column? The word indices go from 0 to 2047, so that 12th bit is useless as far as I can tell. As we can see in the picture, it goes unused.

fllthdcrb

The use of metal for its durability is sound. The issue is with the encoding. Words are used for good reasons. Humans handle them better than numbers (especially in binary), and are a lot less likely to make mistakes when copying them than they are with something like this. Just think about the process required when stamping it: you have to look up each word of your phrase to find its index value, figure out the binary encoding (though maybe they give that to you for convenience), then punch the correct cells in the correct row. What happens if you get the wrong value for a given word? You have encoded entirely the wrong word, which is not immediately obvious. What happens if you make a mistake when recording the letters of a word? Most likely, you got one letter wrong, which is easy to spot and correct when reading it back. Now, BIP 39 does use a checksum, and there is a good chance the checksum won't match if you get a word wrong. But it doesn't help you find which one is wrong. Also, if you punch this thing wrong, you may have ruined the whole plate. A mistake in punching something with letters shouldn't be terrible, for the reason I gave above.

fllthdcrb

The point of using metal is that it is very durable. In case of fire or flood, it's highly likely to survive. Any BIP 39-compliant wallet can be used to recover based on the seed phrase, so you don't rely on any single electronic device to keep your money safe.

Full_Possibility7983

Or use BIP-85, with an ultra-cold back-up of your main seed, and "throw-away" hardware signers with derived seeds.

sto7

> Tinyseed encodes it using a clever numerical system. Each number corresponds to a word in the BIP39 list - meaning the phrase is hidden in plain sight, significantly increasing privacy and reducing theft risk. Security through obscurity is pointless.

Head_Performance2432

They should apply via a BIP instead to solve those issues ?

Business_Smile

I was a bit surprised that SLIP39 is a way less broadly supported thing. Would make me feel a lot better, having the broad BIP39 support and I'm trying to get a feel for if this will change going forward

Business_Smile

This is great. I used to engrave BIP39 seeds on a metal plate and seal it with another, but next time I will use this: [https://www.cardwallet.com/](https://www.cardwallet.com/) and add a nice gift package together with the coin like OP. Sadly, I've gotten quite disillusioned/ disencouraged doing this since it's often met with indifference or even unspoken disdain. Though I know of cases where it turned people hodlers and that's really awesome, but I'm not sure I want the social baggage of trying anymore.

DonisKadonis

There was a shitcoin with a wallet extension called Coindefi and it used to generate seeds with words outside of BIP protocol. Could be the case too

r_a_d_

It doesn’t matter. You need to record the first four for each word, as specified by BIP-39 itself for various languages. Even three letter words may coincide with longer words with the same letter. So the fourth letter would be a <blank>. Do you otherwise propose to look up every word in the BIP wordlist and then decide whether to write down 2, 3 or 4 letters? Risking mistakes instead of just writing simply writing down 4 letters for all words?

Mercurius88888

No, it doesn't store the private key. When you add up the numbers in each row, you'll get a number which corresponds with the number of the particular word in the BIP39 word list.

Aneizi

I like how they added decimal 2048 for symmetry when BIP39 is just 11 bits

stblack

lol do you even own a Ledger? When entering words it auto-completes. lol Some words like yard or oak or ill require just two letters — the very fact that three letter words exist in BIP39 kinda indicates that you really should get out more.

Fearless-Sherbert-40

Y’all should have immediately known some of those words aren’t even on the BIP39 word list.

InevitableRip4613

What he said. Given the one incorrect word that you memorized, you can probably guess the missing word on the BIP39 list. Saves you the hassle of creating a new seed and transferring

ToTheBatmobileGuy

🔤 Input Letters: NEVERGONNAGIVEYOUUPNEVER 🔐 BIP39 Mnemonic: need ecology violin evoke robust grid oppose name nice antenna grab identify voyage eagle you orient usage useful prepare next embark vote exile refuse

ToTheBatmobileGuy

🔤 Input Letters: ROBOTSWILLKILLUSALLAGAIN 🔐 BIP39 Mnemonic: reform oblige bicycle opera tennis sad width inner limb load kid infant loyal lake upper shiver album liquid labor absent grain aerobic inherit night

ToTheBatmobileGuy

🔤 Input Letters: RECONSIDERLIFECHOICESNOW 🔐 BIP39 Mnemonic: regular ecology chair omit nothing state innocent draw east rate lava item foil empty child hint original invest clever end super name october welcome This is actually kind of fun.

ToTheBatmobileGuy

🔤 Input Letters: HAVEFUNSTAYINGPOORFUCKER 🔐 BIP39 Mnemonic: host ahead voyage eye frame unlock nation speak turn analyst you immense news grape pencil oppose old repair first use catalog kingdom emotion rich Made a script with ChatGPT that will generate a random BIP39 seed with the specified first letter of each word. It lowers the entropy significantly, but it is as secure as it *can* be........ (still not very secure, do not actually use these phrases.) const bip39 = require('bip39'); const crypto = require('crypto'); // Use BIP39 English wordlist const wordlist = bip39.wordlists.english; /** * Get a cryptographically secure random integer in [0, max) */ function cryptoRandomInt(max) { if (max <= 0) throw new Error("max must be > 0"); const byteLength = Math.ceil(Math.log2(max) / 8); let rand; do { rand = parseInt(crypto.randomBytes(byteLength).toString('hex'), 16); } while (rand >= max * Math.floor(256 ** byteLength / max)); // Avoid modulo bias return rand % max; } /** * Generate a BIP39 seed phrase where each word starts with a given letter * @param {string} input - 12 or 24 letter string (spaces allowed) * @returns {string} - Valid BIP39 mnemonic with correct initials */ function generateCustomMnemonic(input) { const cleaned = input.toLowerCase().replace(/ /g, ''); if (!/^[a-z]+$/.test(cleaned) || (cleaned.length !== 12 && cleaned.length !== 24)) { throw new Error("Input must be 12 or 24 letters, a-z only (spaces allowed)"); } let mnemonic; do { const words = []; for (const char of cleaned) { const candidates = wordlist.filter(word => word.startsWith(char)); if (candidates.length === 0) { throw new Error(`No BIP39 words start with "${char}"`); } const index = cryptoRandomInt(candidates.length); words.push(candidates[index]); } mnemonic = words.join(' '); } while (!bip39.validateMnemonic(mnemonic)); return mnemonic; } // === CLI Usage === const input = process.argv[2]; if (!input) { console.error("Usage: node seed-speller.js \"your 12 or 24 letter string\""); process.exit(1); } try { const mnemonic = generateCustomMnemonic(input); console.log("🔤 Input Letters:", input.replace(/ /g, '').toUpperCase()); console.log("🔐 BIP39 Mnemonic:", mnemonic); } catch (err) { console.error("❌ Error:", err.message); }

stblack

This may be helpful to know: With BIP39, it’s just the first three, sometimes four first letters of each seed word that matter. So the word itself might be wrong, but the first three or four letters could be right, in which case you’re fine. If you’re not fine, then the wrong word may provide clues to a limited set of words to pick from. Again, first three or four letters is what to consider with BIP39 and, with that knowledge, you can find, maybe reckon, the word.

Aussiehash

>I suddenly realized that one of the words in my seed phrase does not even appear on the BIP 39 word list Well that narrows down which word is incorrect, but memory is fallable, so maybe you have other mistakes in there too Just buy a hammer and letter stamps and punch your mnemonic seed into steel washers.

TheGreatMuffin

> This week’s newsletter summarizes research about fingerprinting full nodes using P2P protocol messages and seeks feedback about possibly removing support for `H` in BIP32 paths in the BIP380 specification of descriptors. Also included are our regular sections summarizing top questions and answers on the Bitcoin Stack Exchange, announcing new releases and release candidates, and describing notable changes to popular Bitcoin infrastructure software.

DinnerPuzzled9509

He probably either has the words stored somewhere and he’s memorized a number sequence to know the correct order or he has memorized the sequence of his appropriate words in the BIP-39 word list (ex: D32=depart) or something of the sort.

TheQuantumPhysicist

Creating a BIP is on my todo list. First I want to see what people think.

pythosynthesis

Did you create a BIP? I'm not technically knowledgeable enough to comment on the goodness of the proposal, but Bitcoin is open source and if you believe this is valuable, you should do it. I hope you're not posting this to say "someone else should implement this" because it will never happen. So go ahead, prepare a well detailed BIP and submit it for review. Same goes for the code - You say you contributed already, off you go, create your branch and implement the changes you want to see. Good luck.

low_contrast_black

Bitcoin is open source and a decentralized development effort. That means there are caretakers of the source, but no singular author. To make changes, you must submit something called a BIP (bitcoin improvement proposal) - a notable one was BIP39, which gave us the standard for mnemonic seed phrases. But BIPs are subject to review. If we ignore the fact that changing the number of total bitcoin flies in the face of finite supply, something like modifying the total number of bitcoin would be a deep cut. There’s a halving schedule, block rewards, etc. it would be a complex mess.

Mercurius88888

The sum of the numbers for each seed is the number / location of the word in the BIP39 word list. The fact that people don't immediately know what to do with this is an additional layer of security.

longonbtc

Lol definitely don't want to do that. It would be very insecure. Besides that, most of the lyrics would not be on the BIP39 word list and the last word of a BIP39 seed phrase is a checksum that is calculated from the preceding words in the seed phrase. And if you were actually able to use song lyrics for your seed phrase, then it wouldn't take long for your bitcoin to be stolen. You want to use a seed phrase that was actually randomly generated.

WVBitcoinBoy

My complaint isn’t that they are in the space, my complaint is that “Bitcoin dropped, Bitcoin went up, Bitcoin is going to $21 million in 21 years.” is all I hear anymore. What happened to the bar tab-on-Bitcoin (lightning Network) talk, the BIP talk, the things we can build on Bitcoin. I feel like nowadays everyone asks what Bitcoin can do for them instead of asking what they can do for Bitcoin.

MittenSplits

Sure. When you enter your 12 or 24 word seed phrase, that will create one private key. After Bitcoin improvement proposal 39 (BIP-39), you can also add a passphrase. When you take your seed phrase and add "_______" to it as a passphrase, that creates a new wallet. Maybe each of your kids can have their own sub wallet with their name as the passphrase, and you hold the master key. Except you wouldn't use a simple word like a name. It should be a relatively long phrase, or preferably you pick your own 4-5 words from the bip-39 word list. This makes sure it can't be brute forced, which would actually be pretty trivial for a short passphrase. A good passphrase means someone can't steal your funds with just the seed phrase, but too short of one could theoretically be brute forced with some more know-how. Just make sure to be careful with the passphrase, don't lose it, make sure you have the cases right. It's a great tool, but equally unforgiving as anything else in cryptography.

riscten

You got me digging and realize that PSBT is actually **not** limited to BIP32, so you can ignore the last two paragraphs of my previous reply. Sorry about the misinformation and thanks for sharing this info! AFAIK Sparrow does not allow importing single public addresses, which would be required to create a watch-only wallet to sweep from a legacy wallet. But as you found out in the CryptoGuide video, this is possible with Electrum. The entire sweeping process needs to be done using Electrum, as while Sparrow can open a PSBT file generated by Electrum, it won't be able to sign the transaction, since it cannot import a single private key, only wallets (or if it does, I never found how). So your plan would be: 1. \[no change\] 2. Online Transaction Preparation: On an online computer, using Electrum, import the legacy wallet as watch-only by using its public address. Create a PSBT file for the desired transaction (Send > enter tx info, using the receiving address from the new wallet you created in Sparrow > Pay... > Share > Save to file). There is no xpub in this step as only hierarchical deterministic wallets (BIP32) have xpubs. Single addresses do not. 3. Offline Signing: Transfer the PSBT to your offline computer. In Electrum, import the legacy wallet, but this time using the private key. Go to Tools > Load transaction > From file and open the PBST. Click Sign, then Share > Save to file, which will save a signed, Complete Transaction file in the TXN format. 4. Returning to Online and Broadcasting: Return the completed transaction TXN file to the online computer. In Electrum, go to Tools > Load transaction > From file. Open the TXN then click Broadcast to broadcast the transaction to the Bitcoin network. From there your funds should be sweeped to the new HD wallet you generated in Sparrow, without ever exposing your private key.

riscten

That makes sense. You're doing everything right as far as I can tell! To be perfectly clear, to sweep, you'll use Tools > Sweep on your *online* laptop. From there you'll enter your private key and pick your new watch-only wallet as the destination. So for this particular operation (sweeping), you wouldn't use a PBST, as PBSTs are not part of the feature set of single private addresses. You need your funds to first be in a hierarchical deterministic wallet (BIP 32), commonly defined by a 12-24 words mnemonic (like the new wallet you created) to be able to use PBSTs.  And once the funds are in your new wallet, you'll be able to use PBST via Send.

riscten

Same reply I gave for the French post you made last week that got removed: The problem with Ledger isn’t that it’s made in China. The problem is that it’s proprietary hardware running proprietary software. Even if Ledger were entirely designed and manufactured in the West, it would still be the same junk. As for centralized exchange platforms (CEXs—which I assume is what you mean by "purchasing hubs"), the issue is that they are essentially banks. But Bitcoin was created to solve the problem of banks, particularly that they operate behind closed doors, with nobody knowing what’s happening behind the curtains. Bitcoin is meant to be 100% transparent. All transactions are visible on the blockchain. When you use a CEX, you lose the connection to the blockchain. They record how much Bitcoin you have in a traditional database, and then they do whatever they want with it, all while collecting a ton of very personal information about you under the guise of “security.” And in the past, several of them — including some very large and supposedly trustworthy ones — have gone bankrupt, taking most of their users' assets with them. So if you’re going to rely on CEXs, you might as well just stick with the current fiat system. You mentioned paper wallets. Yes, some people have lost their money that way, but only because they didn’t follow the fundamental rules that come with using a paper wallet. Of course, if you write your information on a piece of paper and don’t take proper care of it, you might lose your money or have it stolen. With Bitcoin, you are your own bank—that’s the whole idea. So it’s up to you to learn how to use it and to do so wisely. Today, if you want to secure your Bitcoin, you generate a BIP39 mnemonic. This is a set of 12 to 24 words that identifies your place on the blockchain. This mnemonic lets you receive and send Bitcoin. If you have access to it, you have full control. Generally, knowledgeable Bitcoiners use a hardware wallet that is open-source in both hardware and software (so the entire system can be verified). The hardware wallet generates the mnemonic from a high-entropy source (as random as possible), to minimize the chances that a malicious actor could guess it. Once the mnemonic is generated, it's engraved on a steel or titanium plate and hidden somewhere. The mnemonic should never come into contact with a system connected to the Internet (airgapped). Using a metal plate protects the key from incidents like fires or floods. To go even further in terms of preservation, it’s possible to use 2-of-3 multisig. In this system, the wallet is not represented by a single mnemonic but by three, and any two of them are required to spend from the wallet. The mnemonics are again engraved on metal and placed in three different locations (for example: one at home, one at a friend’s place, and one at a secondary residence). This provides a very high level of security, protecting against both destruction (fire, flood) **and** theft, since if one key is compromised (e.g., a burglar gets hold of a plate), they can’t do anything with the mnemonic alone. Similarly, if your house burns down and the plate is lost, it’s still possible to recover your Bitcoins because the other two plates are still safe. So that’s how you properly store your Bitcoin. Not by entrusting it to a third party like Coinbase or Binance. Remember: with Bitcoin, it’s “Don’t trust, verify”, there should never be any trust. As for open-source hardware wallets, the big names are Coldcard, Jade, Trezor, and Seedsigner. With Jade and Seedsigner, you literally have the option of assembling the wallet yourself, just so you know exactly what’s inside and what code is running on it.

longonbtc

I recommend you to use Electrum to restore your wallet. I'll explain how to restore your wallet with Electrum below. When restoring your wallet on Electrum, you must choose BIP39 and then specify the derivation path. The derivation path is different for your "deposit", "bad bank", "pre-mix", "post-mix", and "ricochet" bitcoin balances in the wallet you were using with Samourai. So you must restore each of those balances separately. If you used a passphrase on your Samourai wallet, then don't forget to use it when restoring each of these wallets. I'm going to list the derivation path for for your "deposit", "bad bank", "pre-mix", "post-mix", and "ricochet" bitcoin balances below. Deposit: m/44'|49'|84'/0'/0' Bad Bank: m/84'/0'/2147483644' Pre Mix: m/84'/0'/2147483645' Post Mix: m/84'/0'/2147483646' Ricochet: m/84'/0'/2147483647' If you still have not recovered 100% of your balance by restoring all 5 of those wallets, then you need to increase your gap limit.

Thanis_in_Eve

Wasn't that BIP originally introduced by seagate? /s

Bruno_Alejandro

This should be the cond for they bitcoin keys generstor that follows BIP39 https://github.com/KeystoneHQ/keystone3-firmware/blob/master/src%2Fcrypto%2Fbips%2Fbip39.c

SecularAdventure

Matthew Kratter has addressed the divisibility issue already. Basically, there would be a BIP (Bitcoin Improvement Proposal) to increase the amount of sats per bitcoin (more zeroes after the decimal). That way, there would be even more divisibility, people would retain their current stack undisturbed, and the 21 million is never contested. Right now, there's 100,000,000 sats per BTC, so if it went to 100 billion (three more zeroes), people would have 1,000x the sats, but the same number of BTC. I can't find the original video, but rest assured, this issue has been thought of and there is a solution.

ecafyelims

**BIP-38** encryption is used to encrypt the wallet private key with a passphrase. The encrypted private key is printed on the paper wallet instead of the plaintext private key. In order to access the wallet contents, you now need the paper wallet AND passphrase.

micronfilter

Those are not BIP-39 words. All 2,048 English BIP‑39 words are uniquely identified by their first 4 characters Here’s the wordlist: https://gist.github.com/DMeechan/9761fea1031c95f71c39ac2b80884bc5 Other sources: https://www.nasdaq.com/articles/understanding-your-bitcoin-keys%3A-bip39-seed-words https://www.blockplate.com/pages/bip-39-wordlist?srsltid=AfmBOopY_7n56QaD5854-PjRdUynPbepYOP6XryXhozysF16VdzDQ2Dw

riscten

Le problème de Ledger n'est pas que c'est fabriqué en Chine. Le problème est que c'est du hardware propriétaire qui roule un logiciel propriétaire. Même si Ledger était entièrement concu et fabriqué en Occident, ça serait la même cochonnerie. Pour ce qui est des plateformes d'échanges centralisées (CEX, ce que j'imagine que tu veux dire par "hub d'achat"), le problème est que ce sont essentiellement des banques. Or le Bitcoin a été créé pour corriger le problème des banques, notamment qu'elles magouillent à portes closes, sans que personne ne soit au courant de ce qu'il se passe derrière les rideaux. Le Bitcoin se veut 100% transparent. Toutes les transactions sont visibles sur la blockchain. Lorsque tu utilises une CEX, tu perds le lien avec la blockchain. Ils enregistrent sur une base de donnée traditionnelle combien de Bitcoin tu possèdes, et ensuite ils font ce qu'ils veulent, en plus d'accumuler une tonne d'informations très personnelles sur toi, sous prétexte de "sécurité". Et dans le passé plusieurs d'entre elles, dont certaines très grosses et considérées très fiables, ont fait faillite, emportant avec elles la majorité des actifs de leurs usagers. Donc tant qu'à adopter les CEX, autant rester sur le système fiat actuel. Tu mentionnes le paper wallet. Oui, certaines personnes ont perdu leur argent de cette façon, mais uniquement car elles n'ont pas suivi les règles fondamentales qui viennent avec un paper wallet. C'est certain que si tu écris tes infos sur un bout de papier et que tu ne fais pas attention, c'est possible que tu perdes ton argent, ou que tu te le fasse voler. Avec le Bitcoin, tu es ta propre banque, c'est toute l'idée. Donc c'est à toi d'apprendre à t'en servir, et de l'utiliser judicieusement. Aujourd'hui, si tu veux sécuriser tes Bitcoin, tu génèreras une mnémonique BIP39. Il s'agit d'un ensemble de 12 à 24 mots qui identifie ta place sur la blockchain. Cette mnémonique te permet de recevoir et d'envoyer des Bitcoins. Si tu y as accès, tu as le contrôle total. Généralement, les Bitcoiners avertis utiliseront un hardware wallet à matériel et source ouverte (afin de pouvoir vérifier le fonctionnement entier du système). Le hardware wallet génèrera une mnémonique à partir d'une source d'entropie élevée (la plus aléatoire possible), afin de minimiser les chances qu'elle puisse être devinée par un agent malveillant. Une fois cette mnémonique générée, elle sera gravée sur une plaque d'acier ou de titane et cachée quelque part. La mnémonique ne doit jamais entrer en contact avec un système qui est connecté à Internet (airgap). L'utilisation de la plaque de métal permet de protéger la clé d'incidents comme les incedies et innondations. Pour pousser la préservation plus loin, il est possible d'utiliser le multisig 2-of-3. Avec ce système il n'y a pas qu'une seule mnémonique pour représenter un wallet, mais bien 3, et 2 de celles-ci sont requises pour pouvoir dépenser du wallet. Les mnémoniques seront encore une fois gravées sur métal, puis placées à 3 endroits differents (par exemple une à la maison, une chez un ami, et une dans une résidence secondaire). C'est un niveau de sécurité très élevé, qui protège à la fois de la destruction (incendie, innodation) ET du vol, puisque si une des clés est compromise (par exemple, un cambrioleur mets la main sur une plaque), il ne peut rien faire avec la mnémonique qui y est inscrite. Pareillement, si ta maison prend feu, et que la plaque est perdue, c'est toujours possible de récupérer les Bitcoins puisque les 2 autres plaques sont toujours là. Donc voîlà, c'est comme ça qu'on conserve son Bitcoin. Pas en le confiant à une tierce partie comme Coinbase ou Binance. Rappelles-toi: Avec Bitcoin, c'est "Don't trust, verify", il ne devrait jamais y avoir de confiance). Pour ce qui est des hardware wallets à matériel et source ouverte, les grands noms sont Coldcard, Jade, Trezor et Seedsigner. Pour Jade et Seedsigner, tu as litéralement l'option d'assembler le wallet toi même, question de savoir ce qu'il y a dedans, et le code qui y roule.

GreedyScumbag

Lil BIP39

DarthBen_in_Chicago

This can’t be right. Are they not BIP-39 words? My Umbrel doesn’t use them. (I forget the name.)

cbelliott

Caution is absolutely needed for any attempts to recover lost funds. Back then, Blockchain did not give you a 12- or 24-word BIP39 seed phrase is what I finally learned. The Mnemonic Phrase that I had looked a heckuva lot like a seed phrase and it was very confusing because I thought I had a damn see phrase, but it was filled with non-standard words. Blockchain.info (back then) used this to help users recover their *password*, not their actual wallet. It was a clever workaround for forgotten login credentials and isn't a BIP39 seed. Again, I agree with you, and would never suggest anyone put or share a seed phrase with any tools online.