Topic: What's the best way to create a super/meta/mother/master mnemonic seed? - page 2. (Read 432 times)

This brings me to the next problem: the seed phrase is a human readable interpretation of a long random number. It's easy to write down, without a high risk of making mistakes.
Your password doesn't have that luxory. If you make a mistake, you're screwed.

I have several seed phrase but I decided to use this for my online wallet when the seed phrase is getting too much for me. I have offline wallet that I used passphrase with also and I have muitisig which I have for different purposes but their seed phrase are not many unlike my online wallets. The purpose for the 3 wallets with the same seed phrase are for online reasons and I use it for small amount of money.

The passphrase is something like this @_++3$+sbsgsvsvsghsgshs$$((_-466-4;$$;3-_+32-$-dbdhsvshshjjdjdhshdhe+_+4+33-$-$;3-3&$-$;3;3;;3-nsbshdbrjsusbendkdudbebdbdhhddb$$7_63;$!38!;_+4!3++ which will be very difficult to brute force.

Anyone that will brute force the seed phrase would have spent more money that is far more than the coins on it.

Offline wallet seed phrases should be different from online wallet seed phrases.

Why? Writing down multiple seeds is a small effort to keep your funds safe.

That means you'll enter your seed on multiple devices, which (by definition) increases the risk of exposing your seed.

As Stalker22 suggested, the closest solution to what you are looking for is BIP85.

To summarize, BIP85 makes it possible to derive from the original seed infinite seeds, WIF or XPRIV through indexing from 0 to what is allowed by this BIP similar to what an HD wallet does to derive the private key addresses via index i.e: m/0/0/0 address1, m/0/0/1 address2 and so on. But in BIP85 it's directly from a number that goes from 0 to unknown, for example 999999.

When choosing an index number, it'll always generate the same seed, WIF or XPRIV, if the seed is protected by the BIP39 passphrase it'll generate completely different seeds and the rest.

In BIP85, the seeds generated are unique and the child seed cannot reach the mother seed, so there is no problem if an attacker discovers your child seeds if your funds are in the mother seed (this is just an example), because with the child seeds they'll not be able to calculate up to the mother seed.

You can use this for plausible deniability, for example, generating a BIP39 seed, protecting it with Passphrase BIP39 and generating a new seed using this seed in BIP85, with this you can safely store your original seed, because even if an attacker physically accesses your original seed, he still needs to know the BIP39 Passphrase and in addition, he still needs to know which index you used to access the seed that contains your funds, and you can still protect this child seed with BIP39 Passphrase making it even more difficult for any attacker.

Realize that your security increases, but with great power comes great responsibilities, the risk also increases a lot:

• There is a high chance that you will make a mistake in the middle of the setup.
• Will you remember how to recover the funds if many years pass?

I think that an extended seed (seed + passphrase) would already meet your demand, because a wallet protected with BIP39 passphrase, even if the attacker physically accesses your seed, unless he doesn't know your BIP39 Passphrase, it will be useless for him to try anything.

Furthermore, as some mentioned, passphrases make it possible to create infinite wallets using a single seed.
Be careful, do your research before making any decision, because in bitcoin, one slip-up can cost you all your funds.

This is a very good initiative, to even make it better I will have to go through the process of even sending a little amount into the single wallet without passphrase so that should it be compromised the scammer can be lure to thinking that’s the only thing behind that seed phrase and that gives one the opportunity to create a new seed phrase and move funds out of those in the encrypted with passphrase.


This seems to be a good idea for those looking to have many different wallets with different seed phrases but the only problem I have is that the master seed phrase is still a single point of failure to all the other parent seed phrases, just like we currently have with master private key in HD wallets

Your question sounds a lot like the proposal described in BIP-85:
https://github.com/bitcoin/bips/blob/master/bip-0085.mediawiki

According to this article post, AirGap Wallet uses this method to manage multiple mnemonics: Secure Mnemonic Management with BIP85

When I was having to many seed phrases, I was thinking about this. But the solution I went for at the time was that I created several passphrase from a single seed phrase. Presently I have just one of it which is a seed phrase with 3 strong passphrase which I backup separately in different places that people can not notice.

That is going to be hard because you can't convert the master private key to a seed. What wallet software are you using by any chance?

Have you tried using a single seed phrase, but with different seed passphrases for each one (so called 13th word)?

Thank you very much for your solution, and sorry if I was not clear enough in my topic but I want to derive BIP39 mnemonic seeds. I don't want to cope with keys because (almost) all wallets accept BIP39 seeds currently. But not all of them accept master keys unfortunately. In addition it's more easy to deal with mnemonic seeds than with BIP32 hexadecimal or base58 keys actually.  

Your answer is to use the Hierarchical Deterministic (HD) derivation technique used inside most wallets.

When you make a seed phrase, it encodes a Master private key. From this, you can derive more Master private keys given a non-negative number, and a Boolean (hardened or not hardened).

That means you can derive the seed phrase at m/0', m/1', and so on, depending on how many seeds you need, to create your child seed. The ' quote stands for hardened derivation. It prevents the parent key from being reverse-engineered.

IanColeman website should be able to help with that.

Hello
For obvious privacy concerns, I would like to be able to use several wallets based on different seeds. But it's very difficult to safeguard and safely manage multiple seeds.
So I would like to be able to deterministically produce several bip39 standard mnemonic seeds from an initial one I can protect. But I don't want to be able to find back the initial seed in any way from one or several daughter seeds. And I don't want to be able to find any sister seed from one or several other ones.
What is the most convenient way to do that please?