Author

Topic: How important is keeping a copy of your Bitcoin Core wallet seed? (Read 392 times)

legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
As usual achow101, an absolute fountain of knowledge & upmost trust.

Locking this now/
staff
Activity: 3458
Merit: 6793
Just writing some code
This thread is full of people who don't know what they're talking about.

First of all, let's clarify some terminology as people are misusing mnemonic and seed. A mnemonic is something that is completely different from a seed. A mnemonic is any way to encode a sequence of bits (aka a number) as a sequence of words. A seed is very specifically defined by BIP 32 as being a "byte sequence S of a chosen length (between 128 and 512 bits; 256 bits is advised) from a (P)RNG)." A mnemonic can be used to encode a seed or be used to produce a seed. BIP 32 also specifies how to go from the seed to the master private key via hashing. Because it is hashed, you cannot go from an xprv to the seed.

Both Electrum's mnemonics (which they confusingly call seeds but are not actually BIP 32 seeds) and BIP 39 are specifications for mnemonics and how to go from some initial entropy to a mnemonic, and from the mnemonic to a seed. Specifically, both specify that the BIP 32 seed is produced by hashing the mnemonic using SHA512. Because the seed is produced by hashing, you cannot go from a known 512 bit seed to a BIP 39 mnemonic or an Electrum mnemonic because hashing is a one way function.

Bitcoin Core does not use mnemonics. It does have a BIP 32 seed, but this seed is 256 bits in length is not produced as the result of hashing or of a mnemonic. This seed is used to generate the master private key which is then used to derive the child private keys that are actually used. This seed is never shown to the user, and for the most part, users really don't know that this seed even exists.

The only way to get Bitcoin Core's seed or the corresponding master private key is to use the dumpwallet command and find them in the wallet dump. Once you have the seed, you can import it into another Bitcoin Core wallet using the sethdseed command, thereby restoring your wallet from the seed.

But you would not be able to use this seed in any other wallet software. You cannot go from a seed to either a BIP 39 or Electrum mnemonic, so you can't get some mnemonic that could be imported to some other wallet software. And for importing the seed by itself, I don't think any other wallet software will let you do that.

As for the master private key, it is absolutely and utterly useless for backup and restore scenarios. You absolutely should not backup that as you will find that it will be difficult for you to recover your Bitcoin. Bitcoin Core does not allow you to import master private keys so you would not be able to import it into another Bitcoin Core wallet to restore your wallet. You could import it into another wallet software, but Bitcoin Core does not use the standard derivation paths used by other software nor does it use different derivation paths for different address types as most other wallet software do. So what you will find is that whatever wallet you use probably won't be able to derive the keys  that you are actually using due to the nonstandard derivation path. If you are able to derive the keys, you probably won't see all of your addresses unless your wallet will generate all of the address types for a given key, which I don't think any other wallet software does. So in general, the master private key really isn't going to be useful and is just going to be painful to try to restore from.

Now you could still save the seed and do sethdseed as I mentioned above. But the seed would only be useable in Bitcoin Core, and it would be formatted like any other WIF private key. You'll need to store and write down that seed somewhere and know that it is a seed for Bitcoin Core and not just some random private key. You probably won't be able to memorize it like a mnemonic so you need to save it somewhere. You could encode it as a mnemonic using some other software, but you will need to know how it was encoded as a mnemonic, be sure that you don't mistake that mnemonic for a BIP 39 or Electrum mnemonic, and be sure that the mnemonic is invertible. Furthermore, by using some other software, you are exposing your seed to another potential attack vector. So in general, storing your seed is going to still be more complicated than just a mnemonic and you still have special considerations for it. It will probably be easier to just store your seed as a digital file.

But at that point, you might as well just store the wallet.dat file. This is by far the easiest backup method. You won't lose your seed, and if your seed has changed (which it will when you encrypt your wallet), you will still have that. You'll also have your transactions, transaction metadata, and address labels backed up which just storing your seed cannot do. And a wallet.dat is unambiguously for Bitcoin Core so you know exactly where to restore your wallet.dat file and be able to get restored way faster than any other method which would require rescanning. So I would instead recommend that you backup your wallet.dat in multiple places instead of your seed or master private key.

tl;dr backing up your seed or master private key and then trying to restore from them is way more difficult and introduces more room for error than just backing up the wallet.dat file. Just backup your wallet.dat file and you'll be far better off.
HCP
legendary
Activity: 2086
Merit: 4361
You guys are missing the point... you can't see the Bitcoin Core "seed". At most, all you can see is the "xprv", but as this is derived from hashing the seed... you can't go xprv -> seed.

@hcp it doesn't have to be a number devisible by 32 imo as abdusammad was doing it with an 11 bit seed a while ago (afaik) ...
If it was abdussamad, then it was likely Electrum... which isn't BIP39 by default anyway Wink

If it doesn't adhere to the BIP39 spec, then it isn't truly BIP39 compatible... And I think you may be confusing Entropy and Seed... you start with 128-256 bits of entropy... then convert that to a mnemonic sentence and then from the mnemonic sentence you convert to the binary seed.

I know Ian Coleman's converter will generate 3, 6 and 9 word seed mnemonics... but it does warn you that they are low entropy. Again, because it is outside the 128-256 bit spec.

Have a re-read of: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I'm curious to know if anybody knows if you can convert the xprv into a mnemonic phrase. I think i've seen somebody do it here, but i can't find it anymore.
Given that BIP mnemonics are just a way to encode a number, then as long as you can convert the xprv into a number that satisfies the requirements of BIP39, then you could convert it to a mnemonic phrase following the BIP39 algorithm...

Can anyone confirm this? Bitcoin Core don't support BIP 39 (https://bitcoin.stackexchange.com/a/88244), so i doubt xprv/seed generated by Bitcoin Core could be generated to mnemonic.

It's just a number used for encryption and the mnemonic is essentially a number base (like how English use base 10 mostly, bakers use base 13, the ancient Greeks used base 12 and computers use base 2)... You're converting a number from base 58 to hovmwever big your wordlist is.

@hcp it doesn't have to be a number devisible by 32 imo as abdusammad was doing it with an 11 bit seed a while ago (afaik) ...
legendary
Activity: 2730
Merit: 7065
Having a copy of your wallet.dat should be the way to go but it doesn't hurt to write down your xpriv and keep a physical copy of it someplace safe.
What if for some reason your wallet.dat malfunctions or the storage where you keep it. Note down your xpriv as well for to sleep safer Wink
HCP
legendary
Activity: 2086
Merit: 4361
As far as I'm aware... you can't actually see the "wallet seed" in Bitcoin Core. Or at least, not easily. It isn't ever displayed... even when doing a "dumpwallet". All that does is give a Master Private Key (xprv). So you'd need to go digging about in the wallet.dat and/or modify the code to be able to access it.

The Bitcoin Core philosophy has always been that you simply need to create backups of your wallet.dat.

I'm curious to know if anybody knows if you can convert the xprv into a mnemonic phrase. I think i've seen somebody do it here, but i can't find it anymore.
Given that BIP mnemonics are just a way to encode a number, then as long as you can convert the xprv into a number that satisfies the requirements of BIP39, then you could convert it to a mnemonic phrase following the BIP39 algorithm...
The mnemonic must encode entropy in a multiple of 32 bits. With more entropy security is improved but the sentence length increases. We refer to the initial entropy length as ENT. The allowed size of ENT is 128-256 bits.

So, as long as it converts to a 128, 160, 192, 224 or 256bit number, then it should be fairly easy to then convert into a mnemonic.


However, you should note that any "number" you convert the xprv to will likely NOT be the same as the original seed... as seed -> xprv involves hashing. So you wouldn't be able to use your mnemonic in a BIP39 compatible wallet and restore a copy of your Bitcoin Core wallet.

copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I'm curious to know if anybody knows if you can convert the xprv into a mnemonic phrase. I think i've seen somebody do it here, but i can't find it anymore.

Not sure if this is relevant but people were doing this sort of thing with private keys.

This of a mnemonic seed phrase as a remainder function starting from right to left. Every time you take the mod of the number using the number of avaliable words to reproduce a key. I haven't seen a seed from bitcoin core but it is just a number...
legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
Good information here.

I always wrote down the seed phrases for my Electrum wallets and kept them in safe places, but I've since moved away from using Electrum (except for bitcoin occasionally).  For the other coins I own, I always just keep a backup of the wallet.dat file and it works just fine.  I have to say, though, I do like those sets of words as opposed to the backup wallet file, but that's just me.  You can scamble them, do all sorts of things with them to make them confusing to anyone who might come across them.
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
None. The wallet.dat is sufficient enough for you to restore the entire wallet since the seed is inside it. Besides, the seed can change when you change your password; you would have to update your seed everytime you do that.

The only possible advantage that I could think of is if you keep a physical copy of the seed. As with any other backing up, keeping a physical backup would be the best way to protect against potential hardware failures. Physical backup is pretty redundant if you keep more than 2 backups on different storage media.
legendary
Activity: 1946
Merit: 1427
The hdseedid is the same as the hdmasterkeyid (the latter is retained for legacy reasons, it was renamed to hdseedid for better clarity). It is the HASH160 of the HD seed.

<...>
In the dumped wallet, you should find an xprv key, which is your master extended key. Note that Bitcoin Core does not support BIP39, and the xprv cannot be converted to seed words.

Anyway, my point is, the seed is basically the xpriv, which is saved in every wallet.dat

So dumping your wallet file just to get only the xpriv out, only to then encrypt it again and store it.. seems redundant.


I'm curious to know if anybody knows if you can convert the xprv into a mnemonic phrase. I think i've seen somebody do it here, but i can't find it anymore.
legendary
Activity: 3556
Merit: 9709
#1 VIP Crypto Casino
If I’m honest I’ve never bothered, I password encrypt my wallet & keep multiple copies of my wallet.dat in very secure, different locations. What advantage would there be to bothering to keep a copy of the wallet seed?
Jump to: