Good Morning!
Delivering interesting content every single week on Web3, Security, Crypto, NFTs, Design & AI.
It's FREE, Takes less than 5-minutes to read, and you are guaranteed to learn something.
Subscribe to get valuable News, Useful Resources and Insights every week to your Inbox!
BIP-32 and BIP-39: Simplifying Bitcoin Wallet Key Management
In the early stages of Bitcoin, there were no user-friendly methods available for remembering Bitcoin wallet keys or creating paper backups with mnemonic words. To address this challenge, two standards, namely BIP-32 and BIP-39, were developed. These standards have gained widespread adoption and will be the focus of this discussion.
The concept of BIP-32, known as hierarchical deterministic wallets, was proposed and eventually embraced as a solution. Subsequently, an extension called BIP-39 was introduced.
What is BIP-39?
BIP-39 defines a mechanism for converting a random list of bytes (known as a seed) into a list of human-readable words that are easy to memorize and write down. Unlike raw binary or hexadecimal representations, the word list provides a more readable format, enabling better human management and storage of the seed.
The BIP-32 standard, also referred to as hierarchical deterministic wallets, outlines the process of deriving or generating a key pair from a seed. This key pair is used to secure your cryptocurrency assets. The derivation path, a crucial element, determines each unique key pair. As a result, a single seed can be utilized to generate and manage multiple separate accounts.
The "BIP39 Passphrase" is an optional and advanced security feature that enables the creation of a new wallet by adding an additional passphrase to the existing 24-word Secret Recovery Phrase.
Originating from the 39th Bitcoin Improvement Proposal (BIP), this feature has become a standard within the wider cryptocurrency community. Think of it as an extra word, the 25th word, added to your seed or Secret Recovery Phrase. However, unlike the other 24 words that must be selected from a predefined dictionary, the BIP39 Passphrase allows you to choose any combination of characters: A-Z, a-z, 0-9, and special ASCII characters.
By default, when you create a new wallet, the 24-word Secret Recovery Phrase functions as a wallet with an empty ("") passphrase. However, when you introduce a passphrase, it generates an entirely new and separate wallet.
This means that you can have a single Secret Recovery Phrase associated with multiple passphrases, resulting in the creation of multiple distinct wallets.
WHY?
The "BIP39 Passphrase" is primarily used to provide a concept known as "Plausible Deniability." This term, as defined by Wikipedia, refers to the intentional arrangement of circumstances that allows individuals to potentially avoid taking responsibility for their future actions or knowledge.
In the context of cryptocurrency wallets, the BIP39 Passphrase offers an additional layer of security and privacy. By creating multiple wallets with different passphrases, it becomes possible to have plausible deniability regarding the existence or ownership of specific wallets. In the event that someone gains unauthorized access to one of the wallets or demands access, users can provide an alternative passphrase that leads to a different wallet, keeping their other assets secure and hidden.
This feature provides users with an added level of control and protection, ensuring that their cryptocurrency holdings remain private and safeguarded.
The term typically implies forethought, such as intentionally setting up the conditions for the plausible avoidance of responsibility for one’s future actions or knowledge.
In the case of a wallet containing cryptocurrencies and assets, the usage of the "BIP39 Passphrase" is particularly relevant in scenarios where an attacker gains access to your Secret Recovery Phrase or attempts to coerce you into revealing your wallet password and/or the 24-word Secret Recovery Phrase. This type of attack is often referred to as the "$5 wrench attack."
By employing the Passphrase feature, you can enhance the security of your assets and protect your physical safety by leading the attacker to believe that they have gained access to your entire wealth. However, in reality, the Passphrase ensures that your funds remain secure and inaccessible to unauthorized individuals.
By creating multiple wallets with different passphrases, you can provide the attacker with one passphrase that leads to a wallet with a minimal amount of funds, giving the impression that they have obtained the complete amount. Meanwhile, the majority of your assets are safely stored in wallets associated with different passphrases, safeguarding your wealth and maintaining your physical safety.
The Passphrase feature offers a valuable strategy to protect your financial resources and maintain control over your assets in high-stakes situations.
"BIP39" is named as such because it is the 39th Bitcoin Improvement Proposal (BIP) within the cryptocurrency community. The BIPs are technical design documents introduced to propose improvements and changes to the Bitcoin protocol. BIP39 specifically addresses the generation of mnemonic codes for deterministic keys. The formal title of BIP39 is "Mnemonic code for generating deterministic keys," but it is commonly referred to as "BIP39" for brevity. This naming convention allows for easier identification and referencing within the cryptocurrency community. BIP39 has gained significant adoption and is widely implemented by various wallet manufacturers. It has also expanded beyond Bitcoin and is utilized by numerous cryptocurrencies due to its practicality and benefits.
Advantages of BIP39
1. Human Readability: BIP39 allows for the representation of private keys in a human-readable format using mnemonic words. This makes it easier for individuals to recognize and remember their keys. For example, the mnemonic phrase "page library glow curious sight music erupt limit miss father tobacco rifle" corresponds to a private key, providing a more user-friendly representation than a random list of characters.
2. Multiple Accounts: BIP39 enables the management of multiple separate accounts derived from the same seed. By modifying the derivation path, different private keys can be generated. For instance, using the standard derivation path for Bitcoin, "m/84'/0'/0'/0/0" results in one private key, while a slight change to "m/84'/0'/0'/0/1" generates a completely different private key. These keys are independent and not linked to each other.
3. Plausible Deniability: BIP39 offers a feature known as plausible deniability, which adds an extra layer of security. By utilizing an additional passphrase when creating an account, it is possible to create a "hidden" account that remains unknown to others. In the event of a threat or loss of the mnemonic, this hidden account remains protected. Users can create a "decoy" account without a passphrase and allocate a small amount of funds to it, while keeping the majority of their funds in the hidden account. In case of an attacker gaining access to the mnemonic, they would see the funds in the decoy account and potentially be satisfied, unaware of the hidden account. Monitoring the decoy account and promptly moving funds in case of suspicious activity further enhances security.
4. Security Benefits of Passphrase: With BIP39, the passphrase adds an additional layer of security. If someone gains access to the physical copy of the recovery seed, they would still need the passphrase to access the passphrase-protected wallet. This provides an extra level of protection against unauthorized access.
5. Plausible Deniability and Hidden Wallets: The combination of passphrase and plausible deniability allows for the creation of hidden wallets. By adding both a normal account (decoy account) without a passphrase and another account with a passphrase, users can maintain a hidden account with the majority of their funds. In case of a mnemonic compromise, the attacker would only see the funds in the decoy account, potentially leading them to believe they have accessed the entirety of the funds. This hidden wallet setup provides an additional security measure for storing large amounts of funds.
6. Ease of Passphrase Generation: Passphrases can be generated freely in combination with the recovery seed, providing flexibility and convenience. Users can create multiple passphrases to enhance security without incurring additional costs or complexities.
By leveraging BIP39 and its associated features, individuals can enhance the security, manageability, and privacy of their cryptocurrency wallets.
How likely is your BIP39 seed phrase to be guessed?
The likelihood of guessing a BIP39 seed phrase constructed from random inputs is extremely low, bordering on practically impossible. A BIP39 seed phrase typically consists of 12 or 24 words chosen from a predefined list of 2048 words. With a 24-word seed phrase, there are approximately 3 x 10^79 possible combinations of words, which is an incredibly large number.
To put this into perspective, the estimated number of atoms in the known universe is around 10^80. The number of possible BIP39 seed phrases is of a similar magnitude, making it virtually impossible to guess a specific seed phrase through random attempts.
With today's technology and computational power, it is highly improbable that someone could guess a BIP39 seed phrase correctly. As long as the seed phrase is kept secure and not exposed to potential attackers, the level of security provided by the large number of possible combinations is considered extremely robust.
As a user of a cryptocurrency wallet, you don't need to have a deep understanding of the intricate mathematics behind BIP39. The mathematical aspects of BIP39 primarily involve the generation of a checksum and the use of one-way functions.
The checksum is a small piece of data derived from random numbers that acts as an integrity check. It helps ensure the accuracy of the mnemonic sentence by validating its correctness. The checksum is incorporated into the final word of the mnemonic sequence. If a user enters a set of words and the checksum doesn't match the expected value, it indicates a potential typing error.
BIP39 also employs one-way functions, which are mathematical operations that transform inputs into outputs in such a way that it is computationally infeasible to reverse-engineer the original inputs from the outputs. These one-way functions guarantee the security of the process, ensuring that the private keys cannot be derived from the public keys.
While having a basic understanding of the purpose and importance of checksums and one-way functions in BIP39 can be helpful, it is not necessary for most users to delve into the intricate mathematical details. Cryptocurrency wallets implement BIP39 in a user-friendly manner, allowing individuals to generate and securely manage their mnemonic seed phrases without requiring in-depth mathematical knowledge.
How to set up a passphrase in AirGap Vault?
A mnemonic phrase, in the context of BIP39 (Bitcoin Improvement Proposal 39), refers to a set of words generated from a random set of numbers called a seed. This mnemonic phrase serves as a human-readable representation of the seed and is designed to be easier to remember and manage.
In the case of BIP39, the seed is typically 128 to 256 bits long, and the corresponding mnemonic phrase consists of 12 or 24 words chosen from a predefined list of words. These words are carefully selected to ensure they can be uniquely identified and accurately reproduced.
By translating the seed into a mnemonic phrase, it becomes more accessible to users, allowing them to write it down, memorize it, or store it securely. This human-readable representation enables users to recover their private keys and access their cryptocurrency wallets if needed, without relying on complex binary strings.
The use of mnemonic phrases simplifies the backup and recovery process, as users can write down or remember a set of words instead of dealing with lengthy and difficult-to-remember binary codes. However, it's important to keep the mnemonic phrase secure and confidential, as it grants access to the associated funds and accounts.
Since your private key, which allows you to spend your bitcoin, is an exact, ordered string of 256 bits, you must always keep those 256 bits in the same order if you want to spend.
Can I change my BIP39 passphrase?
Yes, you can change your BIP39 passphrase at any time. Most crypto wallets provide an option to modify or update your passphrase within their settings. Remember to update your backups whenever you make changes to your passphrase.
What happens if I forget my BIP39 passphrase?
Forgetting your BIP39 passphrase can lead to irreversible loss of access to your funds. It is crucial to store your passphrase securely and consider using memory aids or mnemonic techniques to aid in remembering it. Failing to recall your passphrase may result in the permanent loss of your crypto assets.
Here's a step-by-step guide to creating and adding a BIP39 passphrase:
1. Understand BIP39: BIP39 is a standard that defines how mnemonic phrases (a sequence of words) are generated from an entropy value. It also allows for the addition of a passphrase to enhance security.
2. Generate a mnemonic phrase: Use a BIP39-compliant tool or library to generate a random mnemonic phrase. This phrase typically consists of 12, 18, or 24 words chosen from a predefined list. Ensure you obtain a secure and reliable source for generating the mnemonic phrase.
3. Choose a passphrase: Select a strong passphrase that you will remember but is difficult for others to guess. The passphrase acts as an additional layer of security on top of the mnemonic phrase. Make sure the passphrase is unrelated to the words in your mnemonic phrase.
4. Combine the mnemonic phrase and passphrase: Concatenate the mnemonic phrase and the passphrase together, separating them with a space or another chosen delimiter. For example, if your mnemonic phrase is "apple banana cat" and your passphrase is "MySecurePassphrase," the combined value would be "apple banana cat MySecurePassphrase".
5. Derive a seed: Use a cryptographic function, such as PBKDF2 or HMAC-SHA512, to derive a seed from the combined mnemonic phrase and passphrase. This seed should be a fixed-length binary value.
PBKDF2 - Password Based Key Derivation Function 2
PBKDF2 is basically a hash function that is designed to be slow (by hashing the data multiple times before producing the result). This has the benefit of making it more difficult for anyone to brute-force mnemonic sentences to try and get seeds that people have actually used.
In addition, PBKDF2 also allows you to provide a second input called a salt (“passphrase”, “seed extension”) along with the data you want to hash, which allows you to produce completely different seeds from the same mnemonic sentence.
Links.
6. Derive private keys: Utilize the seed to derive private keys following the BIP32 and BIP44 standards. These private keys can be used to generate addresses and perform cryptographic operations within a hierarchical deterministic wallet.
To add the passphrase to your wallet:
1. Ensure your wallet supports BIP39 and passphrase functionality. Many popular wallets, such as Electrum or Ledger Live, offer this feature.
2. During wallet setup or account creation, look for an option to add a passphrase. It might be called "BIP39 passphrase," "25th-word passphrase," or something similar. Enable or select this option.
3. Enter the passphrase you previously created into the designated field during the wallet setup or account creation process. Make sure to enter it accurately to avoid potential access issues later.
4. Follow any additional instructions provided by your wallet software to complete the setup process.
Remember to keep your mnemonic phrase and passphrase secure. Consider storing them in separate physical locations and employing additional security measures, such as encryption or hardware wallets, to safeguard your assets. Losing your mnemonic phrase or forgetting your passphrase can result in permanent loss of access to your funds or data.
Summary
LINKS
BIP 39 (Marek Palatinus, Pavol Rusnak, Aaron Voisine, Sean Bowe)
Ian Coleman BIP39 Tool (Fantastic)
Pete Corey Elixir BIP39 (Elixir is a good language for working with binary)
HOW TO FIND YOUR FINGERPRINT (XFP)
1. Download BIP39 offline tool at https://github.com/iancoleman/bip39/releases
2. Open it in a browser
3. Paste your seed into the "BIP39 Mnemonic" field, and your passphrase into "BIP39 Passphrase (optional)"
4. Scroll down to "Derivation Path" and switch to BIP32
5. Copy "BIP32 Extended Public Key"
Note that the XPUB you copied in step 5 was derived at "m/0", under "BIP32 Derivation Path". The XFP of your master key is contained in this XPUB.
To extract the XFP:
6. Convert the XPUB from Base58 to hex format, for example using this online tool: https://www.better-converter.com/Encoders-Decoders/Base58Check-to-Hexadecimal-Decoder
7. The XFP is 4-byte long, from byte 6 to byte 9
For example, if the converted hex string from the XPUB says this: >
0488b21e01c86ae02300000000...
Then your XFP is: c86ae023
(Each byte is 2 hex characters, so skip the first 10 characters).
RELATED RESOURCES:
If you're enjoying today's newsletter, why not share it with your friends? They might find it just as informative and entertaining as you do.
Sharing is caring, and by spreading the word about this newsletter, you're helping to support ME and ensure that more great content gets produced in the future. Plus, you'll get to have even more conversations with your friends about the interesting topics covered in each edition.
There are three ways to show me that you enjoyed reading this article:
Share this post with your friends
Subscribe to my newsletter
Collect this post (only 100 mints available)
I hope this was helpful!
Thank you for reading!
Let’s bust some more in next article.
If you want more, be sure to