Search the site

Seed phrase as a modern cryptocurrency security standard

05.04.2021 Michael Golikov Michael Golikov

Keep the seed phrase as the apple of your eye - that's the advice you can give to anyone starting their journey in cryptocurrencies. A seed phrase is usually a set of random English words that you can use to regain access to your wallet. It is a kind of password that is very hard to find the key to.

A seed phrase has made the life of cryptocurrency users much more convenient. For example, in bitcoin and similar blockchains, it is common to generate many new addresses within one wallet. To improve privacy, users try to use a new address for each new incoming payment. For this reason, the wallet accumulates an array of pairs (address-private key). And, if a wallet is lost, all the keys are lost as well.

In the past, to ensure the safety of funds and to restore the wallet, you had to keep and regularly update a backup copy of the key file. Doing it in hard copy was quite problematic because of the large number of keys. And for electronic storage, it was necessary to look for a reliable secure device that would not fail.

In order to make life easier for cryptocurrency users, HD wallets were created, which have one master key, from which all possible pairs (address-private key) are already generated. And seed phrases became the main way of storing this key. When we perform the procedure to restore the wallet from a seed phrase, we recover the master key. Then the algorithm generates a pair (address-private key) and checks the balance of these addresses.

Today, almost all popular wallets support this function, and many even have the same format. This allows you to restore access to your assets even in another wallet. And it is really convenient, because it is not so difficult to remember a seed phrase, also it is easy to store it and make it inaccessible to intruders.

Here's a simple example. Let's assume that your seed phrase for restoring access to your wallet is as follows:

crawl crew opinion lady snake cabin note lizard magnet stadium expose enough

What can you do to keep it safe?

  • Memorize it. Thanks to a set of simple English words, it won't be that hard to do.
  • Write it down on a piece of paper and hide it.
  • Divide it into 2-3 parts and hide the pieces of paper in different places.
  • Write down one part of the phrase and memorize the other.
  • Use a device for backup, such as CryptoSteel.

As we can see, it is quite easy to save a seed phrase, but there is also a risk of total loss of funds, if attackers find it out.

Therefore, the key recommendation for all users is as follows:

Use the phrase only to restore access to the wallet, and, the rest of the time, keep it only on an external storage medium!

In order to understand how to restore access with a seed phrase, we need to go over the basics of cryptocurrencies and blockchain technology once again. To begin with, the seed phrase is created before we start working with the wallet. And if you used a wallet that doesn't support this technology before, you can't “connect” a seed phrase to it to improve security. You will have to create a new wallet on the basis of the seed phrase and transfer funds from the old wallet to it.

There are a total of 3 main standards on the basis of which wallets work with the seed phrase:

  • BIP32. Generation of a private key tree from a master key;
  • BIP39. Encoding 128-256 bits of random data into 12-24 words and converting the resulting phrase into a 64-byte hash;
  • BIP44. Private key tree structuring for easy usage, finding and recovery of multiple accounts.

How is a seed phrase generated?

  1. To create a seed phrase, the entropy method is used, that is, the generation of a large random and unique number. This number must be a multiple of 32 bits, so that it can be divided into even segments and converted into a mnemonic phrase later.
  2. The entropy is then encoded into mnemonics, or words. A checksum is added to the number using the SHA-256 hashing algorithm, then we take 1 bit of the checksum hash for every 32 bits of entropy and add it to the end. We get a sum multiple of 33 bits, divide it into groups of 11 bits, convert it into numbers and use them to select words from a special dictionary, which contains 2048 words. These are not just random words. They are chosen so that the first 4 letters of each word are unique in the list.
  3. We have generated entropy and converted it into mnemonic code. The last step is the direct generation of a seed phrase. To do this, the mnemonic code is placed in the function PBKDF2, which hashes the mnemonic sentence many times and gives the final result.

A seed-phrase protection scheme is typically used in hierarchical deterministic wallets. In such wallets, all addresses are related to each other and are derived from one main 12-word seed key. You can use one address to derive another, and you can use a seed phrase to create multiple wallets. Such wallets generate secure addresses automatically, saving the user the trouble of creating them themselves and allowing them to manage their assets by only paying attention to creating a competent backup. After a one-time backup, you can always use such a wallet. In classic Bitcoin Core this technology is implemented starting from version 0.17.0, moreover, such wallets as Mycelium, Trezor, Electrum, Exodus, Jaxx and Ledger also support it.

It is convenient to use devices like Cryptosteel for safe storage of a seed phrase. They will reliably protect it from fire, flood and other mechanical impacts. Cryptosteel uses the aforementioned method of encoding entropy into mnemonics, where 4 symbols are allocated to each word of the seed phrase, that is, the first 4 letters of each word are unique, which provides increased protection for the cryptocurrency user.

Let's summarize

A seed phrase is a convenient way to regain access to your funds. Whether your hard drive burned out or you lost your hardware wallet, all you have to do to get your coins back is enter a simple set of words and your assets are back with you. The most important thing is to take due care that no one finds out about your seed phrase, and then your funds will be safe.