Author

Topic: What is the relation between the Seed Words and the Private key? (Read 248 times)

legendary
Activity: 2268
Merit: 18711
Do most wallets have both seed word and private key?
All wallets use private keys. If your wallet generates a seed phrase, it still generates private keys too, even if you don't see them. In some cases, such as Ledger devices as you mentioned, it is impossible to view the private keys since the device will not let them leave the secure element for safety reasons, although you can still derive manually from your seed phrase if you so desired.

Actually, a private key and a seed phrase have a lot in common: they are both a representation of a random number (entropy) that is used to generate public keys and addresses.
Important to note they are representations of different random numbers and they are not interchangeable.

For example, you can convert your private key to a seed phrase using the same BIP39 standard.
You can convert a private key (or anything else) to a phrase using the BIP39 wordlist, but it will not a be a seed phrase nor will it be following the BIP39 standard.
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
My aim is only knowledge. Until now I thought the seed was actually a private key converted for easier memorization.

Actually, a private key and a seed phrase have a lot in common: they are both a representation of a random number (entropy) that is used to generate public keys and addresses. The only distinct difference is that a private key is used directly for generating the corresponding key, whereas seed is more like input data for a specific function that generates many and many private keys that in turn result in public keys and addresses. Moreover, I believe you can still convert a private key to a human-readable format. After all, a private key is nothing else but a set of ones and zeroes, which can be represented as something humans can better understand and write down. For example, you can convert your private key to a seed phrase using the same BIP39 standard.

Do most wallets have both seed word and private key? 

It depends. For example, if you take a software wallet and use it as an interface for your hardware wallet (so-called watch-only wallet), it won't have access to seed phrases or private keys.

full member
Activity: 1750
Merit: 186
Do most wallets have both seed word and private key?  Example nano ledger you get the seed phrase when you first start it up.  I don't recall there ever being a seed phrase.  Now with waves wallet for example, there is a seed phrase and a private key.  But I am not sure why anyone want to write the private key as oppose to seed phrase because the private key seemed at be at least 50 characters long?
jr. member
Activity: 46
Merit: 66
#WeAreAllHodlonaut
Anyway, what's your aim on getting the private key from your seed phrase?

My aim is only knowledge. Until now I thought the seed was actually a private key converted for easier memorization.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Anyway, what's your aim on getting the private key from your seed phrase?. Both let you access the wallet when you import to a wallet provider that supports it. You can try using https://iancoleman.io/bip39/ but first you must open the site and then turn off your internet connection just to be safe before typing the seed phrase and to get the private key of your bitcoin wallet or other crypto. Take note, I am not responsible if you may lose your crypto funds. I also tried it and I did get the private key of my wallet with the same address from my seed phrase and you can also check the private keys of other wallet address from same seed phrase.
legendary
Activity: 2268
Merit: 18711
I have read somewhere that knowing one or more private keys of the same seed may lead to the discovery of all the private keys.
I'm not sure exactly what this information is, but it's something close to that.


The case was related to the sale of one of your private keys (hardforks days) and keep using the wallet seed to generate other addresses/pvtkeys
You are almost there.

Having any number of child private keys does not let you calculate any sibling private keys, as you cannot move up the derivation path and reverse the HMAC-SHA512 function.

However, if you have revealed the master public key from your wallet (which you might have done when importing a watch only wallet, generating additional addresses, signing up for some service which requires new addresses, and so on), then the combination of the master public key plus a single child private key does indeed allow you to reverse engineer the master private key and then from there generate all the child private keys in the wallet. Since master public keys are generally not treated as secret by many pieces of wallet software, and may not be encrypted or password protect as your private keys are, then you cannot rely on them being secure. For that reason, it is never safe to reveal a single private key from your wallet, as if your master public key has been leaked, then all the addresses in your wallet are now at risk.
legendary
Activity: 1596
Merit: 1288
The master private key is used to generate a master public key via elliptic curve multiplication.
I have read somewhere that knowing one or more private keys of the same seed may lead to the discovery of all the private keys.
I'm not sure exactly what this information is, but it's something close to that.


The case was related to the sale of one of your private keys (hardforks days) and keep using the wallet seed to generate other addresses/pvtkeys
legendary
Activity: 2268
Merit: 18711
This is exactly what I was looking for, but nowhere could I find the steps so simply summed up in a few lines as in your answer. Thanks.
No problem. You can find all this information in Chapter 5 "Wallets" of Mastering Bitcoin, although it obviously goes in to the details I have glossed over so can be a bit more technical. I'm happy to try to simply explain any bits you get stuck with. It is available here: https://github.com/bitcoinbook/bitcoinbook/blob/develop/ch05.asciidoc

In terms of BIPs (these will get much more technical and are over a lot of people's heads), then you'll want to read the following sections:

BIP39: From mnemonic to seed. This explains the first step I described above, of turning a seed phrase in to a 512 bit seed number.
BIP32: Master key generation. This explains the second step I described above, of turning a 512 bit seed number in to a master private key and master chain code.
BIP32: Child key derivation (CKD) functions. This explains turning master keys in to child keys.
BIP44: Path levels. This explains the derivation tree we work down to generate the final child keys which your wallet then turns in to addresses.
jr. member
Activity: 46
Merit: 66
#WeAreAllHodlonaut
A BIP39 seed phrase is first passed through PBKDF2 using 2048 rounds of HMAC-SHA512, alongside the word "mnemonic" concatenated with any additional passphrase as a salt. This produces a 512 bit number.

This seed number is hashed again using HMAC-SHA512. The resulting 512 bit number is split in to a master private key (left 256 bits) and a master chain code (right 256 bits).

The master private key is used to generate a master public key via elliptic curve multiplication.

The parent private key (for hardened paths) or parent public key (for unhardened paths) is then combined with the parent chain code and an index, again hashed using HMAC-SHA512, and further combined with the parent private key to generate a child private key.

This continues down the derivation path as described in BIP44 to generate all the private keys in your wallet.

This is exactly what I was looking for, but nowhere could I find the steps so simply summed up in a few lines as in your answer. Thanks.

Thank you bitmover, good sources to read.
I will probably have more questions in the future.
legendary
Activity: 2268
Merit: 18711
A BIP39 seed phrase is first passed through PBKDF2 using 2048 rounds of HMAC-SHA512, alongside the word "mnemonic" concatenated with any additional passphrase as a salt. This produces a 512 bit number.

This seed number is hashed again using HMAC-SHA512. The resulting 512 bit number is split in to a master private key (left 256 bits) and a master chain code (right 256 bits).

The master private key is used to generate a master public key via elliptic curve multiplication.

The parent private key (for hardened paths) or parent public key (for unhardened paths) is then combined with the parent chain code and an index, again hashed using HMAC-SHA512, and further combined with the parent private key to generate a child private key.

This continues down the derivation path as described in BIP44 to generate all the private keys in your wallet.
legendary
Activity: 2156
Merit: 2100
Marketing Campaign Manager |Telegram ID- @LT_Mouse
Seed key- Few words which have the record of all your private keys mean you can have one seed key (12, 18,24 words) which will allow you to access all the private keys.
Private key- Will allow you to access one address mean one private key for one address. Actually, it's one address from one private key.

So, if you have one wallet with a seed key which has 10 addresses for example-
1. You can access all the addresses by the seed key.
2. You can't access all the addresses with one private key, you need all the 10 private key to access 10 addresses if you don’t have the seed key.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
Hello friends,

I have the following question:

What is the relation between the seed words and the private key and how can one convert the seed into a private key?
Taking BIP39 as an example.

I read the following:
Quote
A simplified explanation of how seed phrases work is that the wallet software has a list of words taken from a dictionary, with each word assigned to a number. The seed phrase can be converted to a number which is used as the seed integer to a deterministic wallet that generates all the key pairs used in the wallet.

Quote
This compares well with writing down a raw private key where a single letter being unreadable or incorrect can make the private key useless (depending on the serialization format).

Quote from: https://en.bitcoin.it/wiki/Seed_phrase

Quote
A deterministic wallet is a system of deriving keys from a single starting point known as a seed. The seed allows a user to easily back up and restore a wallet without needing any other information and can in some cases allow the creation of public addresses without the knowledge of the private key. Seeds are typically serialized into human-readable words in a seed phrase. The BIP 0032 standard for hierarchical deterministic wallets is used by all good wallets as of 2019.
Quote from: https://en.bitcoin.it/wiki/Deterministic_wallet


I posted this some time ago, and it explains the relationship between seeds and private keys, i.e., a deterministic wallet.

A seed is basically a master key, which will derive all other private keys of that wallet. All those private keys are mathematical related to the seed. From the seed, you can derive all private keys. This is why you just need to save and back up  the seed, not each private key individually.

The seed is the sequence of words that contains the mathematical relation needed to generate all your private keys.
Private keys are not linked , but there is a mathematical relation in the private keys generated from the same seed.

If the seed leaks, all the private keys are compromised.


From mastering bitcoin book https://www.oreilly.com/library/view/mastering-bitcoin/9781491902639/ch04.html#hd_wallets

At first I thought the conversion of the seed into a numeric value will result into a private key, but I seem to be mistaken.
What are the steps to convert a seed to a private key?

Code:
mnemonic seed > binary seed > deterministic wallet > deterministic address > private key ?

This is what a seed is. Each word is a number:

Code:
1 abandon
2 ability
3 able
4 about
...
2045 zebra
2046 zero
2047 zone
2048 zoo
https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

I don't know exactly how that process work, but this is the main schema for generating private keys from a seed:

Quote
HD wallet creation from a seed
HD wallets are created from a single root seed, which is a 128-, 256-, or 512-bit random number. Everything else in the HD wallet is deterministically derived from this root seed, which makes it possible to re-create the entire HD wallet from that seed in any compatible HD wallet. This makes it easy to back up, restore, export, and import HD wallets containing thousands or even millions of keys by simply transferring only the root seed.

Figure 4-10. Creating master keys and chain code from a root seed

source: https://www.oreilly.com/library/view/mastering-bitcoin/9781491902639/ch04.html#hd_wallets
legendary
Activity: 2254
Merit: 1377
Fully Regulated Crypto Casino
What's the purpose of converting Seed words to Private key if they are both important?
In altcoin, some third party wallet needed private key in order for you to import your wallet(like metamask: if you are doing importing another wallet aside from the 1st oen you did which uses seed phrase) . Now there are other platforms such as ImToken that you can use to get your private key even you created the wallet and saved the seed phrase.

They are both important actually. But converting one to another is probably based on the application or app that will require just like the one Ive mentined aboved.
full member
Activity: 1303
Merit: 128
What's the purpose of converting Seed words to Private key if they are both important?

I'm really curious about this one since Seed words can't be change or else you have to reformat everything or have another wallet if you want to change it. Some wallet provides both, Seed word and Private key changing it might complicate things and doesn't guarantee any additional security.
jr. member
Activity: 46
Merit: 66
#WeAreAllHodlonaut
Hello friends,

I have the following question:

What is the relation between the seed words and the private key and how can one convert the seed into a private key?
Taking BIP39 as an example.

I read the following:
Quote
A simplified explanation of how seed phrases work is that the wallet software has a list of words taken from a dictionary, with each word assigned to a number. The seed phrase can be converted to a number which is used as the seed integer to a deterministic wallet that generates all the key pairs used in the wallet.

Quote
This compares well with writing down a raw private key where a single letter being unreadable or incorrect can make the private key useless (depending on the serialization format).

Quote from: https://en.bitcoin.it/wiki/Seed_phrase

Quote
A deterministic wallet is a system of deriving keys from a single starting point known as a seed. The seed allows a user to easily back up and restore a wallet without needing any other information and can in some cases allow the creation of public addresses without the knowledge of the private key. Seeds are typically serialized into human-readable words in a seed phrase. The BIP 0032 standard for hierarchical deterministic wallets is used by all good wallets as of 2019.
Quote from: https://en.bitcoin.it/wiki/Deterministic_wallet

Quote
This BIP describes the implementation of a mnemonic code or mnemonic sentence -- a group of easy to remember words -- for the generation of deterministic wallets.
It consists of two parts: generating the mnemonic and converting it into a binary seed. This seed can be later used to generate deterministic wallets using BIP-0032 or similar methods.
Source: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki

At first I thought the conversion of the seed into a numeric value will result into a private key, but I seem to be mistaken.
What are the steps to convert a seed to a private key?

Code:
mnemonic seed > binary seed > deterministic wallet > deterministic address > private key ?
Jump to: