- 1. How to generate a seed phrase with Vault12?
- 2. How to generate a seed phrase with a calculator?
- 3. How to generate a seed phrase with dice?
- 4. How to generate a seed phrase with software crypto wallets?
- 5. How to generate a seed phrase with hardware wallets?
- What goes on behind the scenes of generating a seed phrase?
- How much entropy should your seed phrase have?
- How are SHA256 and BIP39 word lists used to generate a seed phrase?
- What are some different ways to perform Random Number Generation (RNG)?
- What are the security considerations of generating your own seed phrase?
How to generate a Seed Phrase.
Here are five possible ways to generate a seed phrase, and a more in-depth discussion on the importance of randomness in ensuring security.
Here are some common ways to generate seed phrases. Please click through the links provided in this article to get more detailed instructions.
Your seed phrase is a mnemonic code consisting of 12-24 words that is used to recover your cryptocurrency wallet. It is sometimes called a backup phrase, recovery phrase, or mnemonic sentence. It is the foundation of most modern wallets and the crypto universe in general.
A Mnemonic phrase is an encoded source of entropy, or randomness, that identifies your wallet within the digital universe.
Even when you have your own crypto wallet, you have a few choices for how to generate your seed phrase.
It is extremely important that your seed phrase be randomly generated, so that it cannot be guessed or reverse-engineered.
Seed phrases with more words have more entropy / randomness than those with fewer words.
You can let your wallet generate a seed phrase for you.
You can also use the Vault12 app to generate a more robust seed phrase for you.
For added security, you can "roll your own" seed phrase with dice, or use a calculator, as offline methods.
Computer-generated methods of random number or seed phrase generation are simpler, but can be hard to verify as safe and effective.
The BIP39 standard determines how random numbers are securely translated into a seed phrase. This is explained in further detail.
Vault12 allows you to create is an encrypted and distributed digital vault. Vault12 secures digital assets including cryptocurrency seed phrases, and also generates your seed phrase for you. You can be absolutely sure that your seed phrase is generated safely and automatically backed up in a secure manner. Please read our guide to learn more.
Generating a seed phrase by using a calculator is done offline, and this removes a wide range of potential attacks. You'll need a calculator that has a RANDOM function to generate entropy. This also introduces new risks, however - instead of using one device to generate your seed phrase, you'll need to use two devices: the calculator and an air-gapped computer. Learn more about generating a seed phrase using an offline calculator here.
The humble dice can be used for a non-digital and completely offline method of seed phrase generation. To do this, you'll need dice, a pen and paper, and the BIP39 word list - be prepared to do some math! You can use a single die if you want, but it is recommended to use multiple dice. You'll be creating entropy by generating a large random number by using the dice. Learn how to generate a seed phrase with dice here.
With very few exceptions, most modern wallets will create your seed phrase for you when you create your wallet. This process is usually automatic, with limited options for setting the parameters of your seed phrase. For most users this one-time approach is sufficient, and it won't be thought of again.
Please keep in mind, that in any potentially high net-worth use case, generating seed phrases manually on your own - especially offline - is an excellent choice for much higher security and greater control over the process.
Please take a look at the article, "Using crypto wallets to generate seed phrases" to get an overview of how seed generation is done inside wallets during the set up phase.
See Crypto Wallet Guides for step-by-step instructions on how specific wallets accomplish this.
Hardware wallets provide an extra level of security compared to software wallets and provide methods to generate a seed phrase within the wallet itself. Hardware wallets strike an excellent compromise between usability and extra security. We are currently working on "how-to" guides to bring you through the steps needed to securely generate and back up seed phrases using hardware wallets - please stay tuned!
Here are some hardware wallets that we recommend:
- Ledger Nano X
- Ledger Nano S
- Trezor One
- Trezor Model T
- ColdCard MK3
- BitBox 01/02
What goes on behind the scenes of generating a seed phrase?
The process of generating a seed phrase starts with generating random data, called entropy. The entropy is then run through a hashing function, specifically SHA256, to generate the checksum. Part of the checksum is then added to the random data. The resulting output is then split into chunks of 11 bits, where each 11-bit chunk maps to a single word on the BIP39 word list.
Confused about anything in the above paragraph? Don't worry, each step will be explained in an easy to understand format below. You can also get a higher-level understanding of seed phrase construction by checking out "What is BIP39?".
How much entropy should your seed phrase have?
Generating a seed phrase HAS to begin with a RANDOM SOURCE OF DATA, otherwise an attacker could possibly steal funds by regenerating your seed phrase. Entropy is a measure of how random a set of data is.
Which is more random? Rolling 1 dice, or rolling 2 dice? Since 2 dice have more possible outcomes, the measurement of randomness is higher. It is the same for your seed phrase. The more words that are in your seed phrase, the higher the entropy will be.
To successfully generate a seed phrase, the entropy generated has to fit certain parameters. The random data must be between 128 bits and 256 bits of entropy, and divisible by 32.
128 bits of entropy maps to a 12 word seed phrase
160 bits of entropy maps to a 15 word seed phrase
192 bits of entropy maps to an 18 word seed phrase
224 bits of entropy maps to a 21 word seed phrase
256 bits of entropy maps to a 24 word seed phrase
How are SHA256 and BIP39 word lists used to generate a seed phrase?
A hash function is a computer program that takes an input of data and returns a verifiable result, called a checksum. The input can be any source of data, and running the same hash function again will always return the same checksum as the result.
For example, running your random source data of 128 bits of entropy through a hash function will always return the same result as the checksum. If you change anything in that source data, you will get a different result from the hash function.
In this step, the random source data is run through a SHA256 hash function. The first X digits of the checksum are then added to the random source data/entropy, where X is equal to: (amount of bits of entropy / 32).
256 bits of entropy (256/32 = 8) - add the first 8 bits of the checksum to the random data
224 bits of entropy (224/32 = 7) - add the first 7 bits of the checksum to the random data
192 bits of entropy (192/32 = 6) - add the first 6 bits of the checksum to the random data
160 bits of entropy (160/32 = 5) - add the first 5 bits of the checksum to the random data
128 bits of entropy 128/32 = 4) - add the first 4 bits of the checksum to the random data
It's important to note that BIP39 generates the seed phrase from binary code, which is made up of 0's and 1's. However, the SHA256 hash function returns the checksum as a sequence of numbers and letters, called a hexadecimal. So in order to get the seed phrase, you have to convert the checksum from hexadecimal format to binary format.
Here's the next step: We slice the result into 11-bit chunks of data. Each 11-bit chunk of data will map to a word from the BIP39 word list
You have seen the word "bit" used a few times in this article. A bit represents 0's and 1's. It is the smallest representation of data we have, and it is expressed in a language our computers understand.
Your original source of random data (or entropy) plus the SHA256 checksum is divisible by 11. The BIP39 word list contains 2048 words, and each word on the list maps to 11 bits of data. In this next step, you break your entropy+checksum combo into sequential chunks of 11 bits.
It is important that you slice the 11-bit chunks in sequential order. This means going from left to right, every 11 bits is grouped together. Every 11 bits represents a word in your seed phrase, and the order of the words has to be correct.
The next step is to convert your 11-bit sequence into decimal format. This will give you a number that maps to the BIP39 word list. Now, in the correct order, map each 11-bit sequence to the matching word in the BIP39 word list. Finally, this is your seed phrase!
It's important to highlight that some word lists for BIP39 might start with 1. In code, the first number is always 0. This means that 2048 words are listed as 0-2047, not 1-2048. If your BIP39 word list starts with 1 instead of 0, you will need to subtract 1 from the word list numbers to get the correct word.
What are some different ways to perform Random Number Generation (RNG)?
Going back to generating your initial source of randomness: Once you generate the needed entropy, the remaining process of getting the seed phrase is simply math and cryptography. In practice, this means that when generating a seed phrase, the initial source of entropy is both the most important step, and also the step in which you have the most control over the result.
There are many ways to generate entropy: flipping a coin, rolling dice, dealing a deck of cards, recording ambient sound, and many more. The goal here is to get as close to true randomness as possible. If you are using a process that is not sufficiently random, an attacker can recreate your seed phrase.
In the following sections of this article, we will cover different approaches for how to generate entropy, and thus generate your seed phrase.
What are the security considerations of generating your own seed phrase?
Taking control over the generation of your seed phrase provides the ability to increase the entropy of your seed phrase, thus increasing the security of your entire wallet. This does not come without risks - a single mistake can result in a less secure wallet, even lost funds.
When generating your own seed phrase, security must be top of mind throughout the whole process. The most crucial part of generating your seed phrase rests with the generation of entropy, which is the first step of generating your seed phrase.
Your seed phrase can have 12, 15, 18, 21, or 24 words. The more words in your seed phrase, the higher the entropy, which means higher security. A correctly generated 24-word seed phrase will ALWAYS produce a wallet that is more secure than a 12 word seed phrase. Many wallets today only produce 12-word seed phrases in their built-in wallet creation workflow, but it's important to note that 12-word seed phrases are still very secure.
The key concept here is `correctly generated`. The only parameter that can be changed is the source of entropy. This is very important because if the source of entropy is corrupted, an attacker can potentially regenerate your wallet and steal your funds.
Generating entropy can be done manually or with a computer. Both methods have pros and cons. When generating entropy, care has to be taken to ensure the process is being done correctly and is free from outside manipulation.
A basic example of manually generating entropy would be flipping a coin. In this example, if an attacker gives you a coin that is weighted slightly in favor of heads, your initial source of entropy will have been corrupted.
When using a computer to generate entropy, the attack vectors (or corruption attempts) can be both over the internet and physically in-person. The computer being used should not be connected to the internet, as that provides an opportunity for attackers to compromise the process. However, even if the device was ever connected to the internet, this allows for an opportunity to corrupt this process.
Part of being in a security mindset means limiting opportunities available for bad actors. A device not connected to the internet is considered air-gapped, which means an attacker has to be physically present at the device to be successful at manipulating the entropy.
If you don't have a spare device that you can airgap, don't worry - you can use a "live" Linux environment. Many Linux operating systems are able to be run off of a portable USB stick or flash drive. These are called `live` distributions and they're released with verification signatures, so you can easily verify that the operating system has not been tampered with. We highly recommend Tails OS - a portable OS that protects against surveillance and censorship. To run the operating system, just plug in the flash drive and boot it up. When you're done, simply remove the flash drive and return it to your normal operating system.
Next Up From Vault 12
Inheritance and self-custody for CryptocurrencyVault12 Explainer
Vault12 Product Demo
Vault12 Digital Inheritance is the first solution to offer a simple, direct, and secure way to ensure cryptocurrency, NFTs and other Web3 digital assets can be inherited by future generations.
Digital Inheritance enables investors to designate an individual or a mobile device as a guardian that will inherit their entire portfolio of digital assets inside a secure digital Vault once the time comes, eliminating undue risk and the need to continually update an inventory or issue updated instructions which result in privacy leakage.
Designed to be used alongside traditional hardware, software, and online wallets, Vault12 helps cryptocurrency owners, professional crypto traders, and high-net-worth investors safeguard their digital assets without storing anything in the cloud or in fact, any one single location. This increases protection and decreases the risks of loss.
The Vault12 app enables decentralized self-custody, back up, and provide legacy inheritance for all your web3 digital assets, including NFTs, wallet seed phrases, secrets like keys, PIN codes, DAO project keys, and digital art.
Whether your digital art is suitable for a phone, or represents much higher resolution multimedia, make sure that you have backed up a copy in case the resource link is disrupted in the future. Digital art can easily be added to the Vault either via the mobile app or via the desktop utility. Once you have stored your artwork in your Vault, it will also benefit from inheritance once you activate that in your app.
As a creator you can use Vault12 to safeguard not just your NFT and crypto wallets, but also original digital artwork. Project creators will always have to deal with multiple wallets - inventory, treasury as well as future royalty wallets.
Vault12 safeguards your project assets, increasing protection and decreasing the risks of loss, whilst ensuring that everything is ready to go to be passed onto future generations, when the need arises.