Topic: Question regarding SEED! (Read 210 times)

Even though i understand term "mnemonic" is bad name, but there's no standard term and there are even few wallet don't even use word "seed"/"mnemonic", example

Exodus calls it Secret Recovery phrase (also mention other term) - https://support.exodus.io/article/925-everything-you-need-to-know-about-the-secret-recovery-phrase#
Samourai calls it passphrase (even though they use different term on few page) - https://docs.samourai.io/en/wallet
Mycelium calls it master seed - https://wallet.mycelium.com/service.html
Keepkey calls it 12-word recovery sentence - https://shapeshift.com/keepkey
Coldwallet calls it seed words (also mention other term and passphrase meant 25th word) - https://coldcardwallet.com/
Blockchain.com calls it backup phrase - https://www.blockchain.com/learning-portal/security

On a side note there are few other service/wallet which use word "mnemonic"

Wasabi wallet calls it mnemonic words - https://docs.wasabiwallet.io/FAQ/FAQ-UseWasabi.html#how-do-i-back-up-my-mnemonic-words
Bluewallet calls it mnemonic - http://help.bluewallet.io/en/articles/2847190-how-to-backup-export-and-import-your-wallet
Blockstream calls it mnemonic (also mention other term) - https://help.blockstream.com/hc/en-us/articles/900001392563-What-is-a-mnemonic-backup-
iancoleman calls it mnemonic (passphrase and seed meant different thing) - https://iancoleman.io/bip39/

We might as well as mention all possible term if we don't know which wallet when a user ask question.

Because no one else calls them keyrings. It would cause confusion because it would be a fringe use of that phrase. Just like if I started using a different name to refer to addresses to emphasize their one time nature, such as invoice, no one would know what I'm talking about.

Conversely, plenty of people and places, including the biggest exchanges in the world and the most popular wallets in the world, use the term seed phrase, and everyone immediately knows what you are talking about when you use it.

If it helps prevent newbies from trying to commit their seed phrase to memory and losing all their coins, then that's a good idea in my book.

Regardless, as long as we are talking about BIP39:


If we want to "correctly" name everything, we should start with lots of basic things.
"Wallets" shouldn't be called "wallets" too. They are actually keyrings similar to PGP. But they are called wallets, and we all call them by their name.

I never saw you calling them keyrings. Probably because it would cause a lot of confusion (even tho it could solve lots of confusion about where the BTC are "stored") ?

Why would BIP39 be something completely different then?

I disagree.

Coinbase call it a seed phrase - https://help.coinbase.com/en/more/coinbase-commerce/privacy-and-security/seed-phrases
Binance call it a seed phrase - https://academy.binance.com/en/glossary/seed-phrase
Electrum calls it a seed phrase - https://electrum.readthedocs.io/en/latest/seedphrase.html
Ledger call it a recovery phrase or a seed phrase - https://www.ledger.com/academy/crypto/what-is-a-recovery-phrase
The Bitcoin Wiki calls it a seed phrase (and also notes that mnemonic is a bad name) - https://en.bitcoin.it/wiki/Seed_phrase
Even Trezor, the people who wrote BIP39 in the first place, have started calling it a seed phrase - https://blog.trezor.io/how-to-memorize-a-seed-phrase-building-narratives-from-nonsense-a306e48dfb39

Seed phrase describes it more accurately as a phrase which is used to generate your seed (number). Mnemonic code is a bad name as it is neither a code nor is it supposed to be memorized. Unfortunately since the word mnemonic is used in PBKDF2, we will never escape this bad name.

Don't get me started in why bitcoin address is a bad name too.

After all, if it follows BIP39, it is a mnemonic code. It is not the seed and definitely not a seed phrase.
People mix these things up all the time, but there is a difference between these terms. If we'd finally use the terms as they are meant to be, there might be less confusion.

I always saw mnemonic as an abbreviation for mnemonic code. But seed or seed phrase never has been correct in my eyes.

I actually hate the term "mnemonic", and prefer to use term "seed phrase" whenever possible. Mnemonics are memory aids for things you should memorize, and the last thing you should do with your seed phrase is rely on your memory as a back up. Using the term "mnemonic" is very misleading to newbies.

Your numbers are the wrong way round. It's 2048^12 combinations.

Thanks alot guys for taking time to answer my questions!! I really enjoyed reading your explanation! Thanks again and have a great week-end

I believe most of your questions come down to these two:


No. That's not possible.
There isn't even the fraction of the smallest chance you could imagine if you'd use all computers world wide for your lifetime.



No, definitely not.
Most of these people believe they had their mnemonic code stored securely. But at the same time they made a photo of it, or used a compromised device to generate it or even entered it into a website.
Then there are others who generated the seed wrong in the first place. They used malware, manipulated RNG's, etc..

Practically, it's not even close to be possible to crack/bruteforce a mnemonic/seed/private key.

Seed phrase is generated from random number generator while the seed is generated from the seed phrase through key stretching function PBKDF2 using HMAC-SHA512. The seed generates the master private key which is later generates to generate private keys. The seed phrase, the seed and the master private key can be used to recover back Bitcoin or other fund balance if properly imported on another wallet with the same derivation path. So, the seed is used to create HD wallet. To know about this, you can read the wallet aspect of mastering bitcoin, check the link below for the link.

https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05.asciidoc

Seed is generated from the seed phrase in a HD wallet, not through swapping or any other thing. Read the link above to understand more.

I will first have to tell you that if using iamcoleman, you need to used if offline, not online. If you input your wallet seed into iamcoleman, the addresses generated are the address generated from you wallet, they will correspond. Yes, your it means your seed is correct if anyone of the address is correct already, but if the seed is not wrong, it will definitely generate your wallet addresses.

That is how HD wallet is, millions of addresses are even generated which can be controlled by the private key of the seed that leads to the address by using it to unlock bitcoin from blockchain.


Yes, but with what I know, the seed generate the private key that will unlock bitcoin from blockchain. Seed phrase, seed, master private key and private keys are good security, so far it is not revealed to attackers, they are safe and can not be compromised. No technology can yet brute-force them which makes them maintain being safe. If you generate your seed in a safe and secure environment but offline and online, then it is completely (100%) safe.

Yes

No, but there are possible ways many address can be connected together by experts using UTXO of the addresses. If you want to know the total balance, the master public key can be used, and that is why it is not good to give people because it can be used to know the whole transaction history.


BIP32: It determines the hierarchical dertermistic wallet, all HD wallets are BIP32 wallets.
https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki

BIP44: Multi-account hierarchy for deterministic wallets. This BIP defines a logical hierarchy for deterministic wallets based on an algorithm described in BIP-0032 (BIP32 from now on) and purpose scheme described in BIP-0043 (BIP43 from now on). This BIP is a particular application of BIP43.
https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki

BIP49: This BIP defines the derivation scheme for HD wallets using the P2WPKH-nested-in-P2SH (BIP 141) serialization format for segregated witness transactions.
https://github.com/bitcoin/bips/blob/master/bip-0049.mediawiki

BIP84: This BIP defines the derivation scheme for HD wallets using the P2WPKH (BIP 173) serialization format for segregated witness transactions.
https://github.com/bitcoin/bips/blob/master/bip-0084.mediawiki

BIP141: This BIP defines a new structure called a "witness" that is committed to blocks separately from the transaction merkle tree. This structure contains data required to check transaction validity but not required to determine transaction effects. In particular, scripts and signatures are moved into this new structure. The witness is committed in a tree that is nested into the block's existing merkle root via the coinbase transaction for the purpose of making this BIP soft fork compatible. A future hard fork can place this tree in its own branch.
https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki

BIP summary
https://github.com/bitcoin/bips

If the old wallet is HD, then it will have a seed, but non HD wallet has no seed.

You can get good answer using master bitcoin, wallet.
https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05.asciidoc

Seed phrase can 12, 15, 18, 21 or 24 depending on the bit of entropy generated.

CS = ENT / 32
MS = (ENT + CS) / 11

|  ENT  | CS | ENT+CS |  MS  |
+---------+----+---------------+--------+
|   128   |  4 |      132     |  12  |
|   160   |  5 |      165     |  15  |
|   192   |  6 |      198     |  18  |
|   224   |  7 |      231     |  21  |
|   256   |  8 |      264     |  24  |

ENT= Entropy
CS= Checksum
MS= Mnemonic sentence in words

https://bitcointalksearch.org/topic/m.54789038

It depends if the wallet is HD or not, all HD wallet generate seed while non HD wallet does not, they have corresponding private key paired with address.

People that lost their bitcoin was either due to their wallet being compromised through malware or through stealing it offline. Seed can not be bruth-forecd. If saved in safe environment, the wallet is safe.

1. You'll want to refer to BIP32 and BIP39 for commonly used HD standards and mnemoric seed phrase system. With BIP39, you'll have a seed phrase and the seed is used with PBKDF2 and HMAC-SHA512 to generate a seed. The 512bit seed will then be used with a derivation path and it can be used to generate the addresses with a child key derivation function.
2. Depends. If the checksum is enforced, then there's a high chance the seed will be rejected. If it's not enforced, then you will still get a working seed.
3. No. You have to compare the keys being generated with the ones that you're shown. That's the only certain way that you'll be sure.
4. The chances of you having a wrong key and still passing the checksum check is roughly 6.25% (checksum of 4 bits for a 12 word mnemoric), which is fairly high.
5. It is safe. If you're talking about 12 word BIP39 seed, you have 128bits of security which is more than sufficient.
6. Yes.
7. Your wallet can. I wouldn't put it in any online website though. I'm not sure about any online website that does this without it being a web wallet.
8. BIP 32 is the standards for hierarchical derivation wallet, BIP39 is the mnemoric system, BIP44 is the standardized derivation path for legacy wallet, BIP49 is the P2PWKH-P2SH wallet (those segwit addresses starting with 3), BIP84 determines the bech32 derivation path, BIP141 is Segwit.
9. See 5. For BIP39 mnemoric, there are 12^2048 2048^12 possible seeds for a 12 word seed.
10. Higher but potentially negligible security. There is an ongoing discussion in the Development & Technical Discussion section.
11. Nobody knows. Most dormant addresses are not derived from HD seeds because they didn't exist that early.
12. Derivation path. A seed can be used with many derivation paths and each derivation paths will yield different results. You'll get the same problem if you input it into a wallet that has a different derivation path. Most wallet lists their derivation path in their Support section.
13. Unlikely. The probability is astronomically low. There's a higher chance that it was compromised through other means.


Made a mistake with the numbers. Thanks @o_e_l_e_o.

ty man   sorry i don't have knowledge regarding these things that why am asking, any possiblity to answer my questions ? and explain to me where i misunderstood? thanks btw for link, i will read that!!

Try it! Really, try it Convince yourself how a Bitcoin mnemonic is. Here's a list of all funded Bitcoin addresses. Good luck!

Hi guys i hope you are doing well, i have few question regarding seed "btc"

1- How actually Seed works ?

2- Is their possiblity to swap 12 words and get working seed in the first few attempts?

3- If you past ur random 12 seeds in https://iancoleman.io/bip39/ and you get thousands of Derived Addresses, is this mean your Seed are working and they are in correct order ?

4- Why https://iancoleman.io/bip39/ show thousands of derived adress when you enter a correct Seed (if question "3" is YES" ?

5- So i pretend that question 3 & 4 is right, is it possible that 12 SEED can unlock thousands of adresse ? if "YES" is this mean that SEED are not good security for our coins ? I mean if someone can just play with random seed for fun until he got working SEED which can take coin from others ?

6- https://iancoleman.io/bip39/ show long list of adresse with their PRIVAT KEY, are this Privat key actually working ?

7- Is their a websites that can scan all derived adresse to check their balance at same time ?

8- What Derivation Path (BIP32 BIP44 BIP49 BIP84 BIP141) mean ?

9- Is their a chance to get randomly seed for OLD dormant BTC Wallet "rich wallet" ?

10- What difference between 12 words and 24 ?

11- Old Dormant wallet are they using 12 words or 24 ?

12- Last question, why when you enter your random 12 seed and u press BIP32 in "Derivation Path" it show different adress than "BIP44" even if you still using same 12 words ?

13- I read before that many person lost their Wallet, mean they got hacked even if they confirme that their SEED are in safe place "paper for ex" not even in their computer, do you think "get random seed by chance" is a possibility that why their wallet got hacked ?

Sorry guys for my bad english and long questions.