Here is what happens:
1. Generate the Seed Phrase:
• The wallet software generates a random 128-bit number (entropy).
• This entropy is passed through a hash function (SHA-256) to produce a checksum.
• The original entropy and a portion of the checksum are combined to create a 132-bit number.
• This 132-bit number is split into 12 groups of 11 bits each.
• Each group of 11 bits is mapped to a word from the BIP-39 word list, resulting in a 12-word seed phrase.
2. Convert Seed Phrase to Seed:
• The 12-word seed phrase is converted into a binary seed using a key stretching function called PBKDF2 (Password-Based Key Derivation Function 2).
• The 12-word seed phrase is used as the input password for PBKDF2, and “mnemonic” is used as the salt.
• The PBKDF2 function runs 2048 iterations of HMAC-SHA512, producing a 512-bit seed.
3. Add the Passphrase:
• The passphrase (if provided) is concatenated with the 12-word seed phrase to form a new “mnemonic + passphrase” string.
• This combined string is again fed into the PBKDF2 function, with the same salt (“mnemonic”).
• PBKDF2 runs another 2048 iterations of HMAC-SHA512, generating a new 512-bit seed.
4. Derive the Master Key:
• The 512-bit seed is used as the input to HMAC-SHA512, generating a master private key and a master chain code.
• These are used to create a hierarchical deterministic (HD) wallet structure, according to BIP-32.
5. Generate Child Keys:
• From the master private key and master chain code, child private keys and chain codes are derived for different account levels (e.g., account 0, account 1).
• Each private key corresponds to a Bitcoin address.
By adding a passphrase, you’re effectively creating an entirely different seed, which results in a completely different set of keys and addresses. This additional layer of security is sometimes referred to as a “13th word” or a “seed extension.”
In short;
1. Generate entropy (random 128-bit number).
2. Convert entropy to a mnemonic seed phrase using the BIP-39 standard.
3. Use PBKDF2 with the mnemonic seed phrase and passphrase to create a 512-bit seed.
4. Derive master private key and chain code using HMAC-SHA512.
5. Generate child keys and addresses using BIP-32. 🎯🙌🫡
BTC / Codex
npub14s6…pq47
2024-06-07 15:39:20
in reply to nevent1q…w794
Author Public Key
npub14s6q5rl6fpvfax90s4mh23ffarze7l73zrcmeqedp6x5cnfarpfss0pq47Published at
2024-06-07 15:39:20Event JSON
{
"id": "09a022f23a14656565a02eeb1c48a38e5675952c053c1361c8dfa037d9babe7b",
"pubkey": "ac340a0ffa48589e98af8577754529e8c59f7fd110f1bc832d0e8d4c4d3d1853",
"created_at": 1717767560,
"kind": 1,
"tags": [
[
"e",
"131165fcea137f96a6d2c18a113a419a83499ac438262066fb88030d63260633",
"",
"root"
],
[
"p",
"64ad753bb77817d5b6e94e2d44ee8acf9e5b8867d90c8e03501e5b4e53098a05"
]
],
"content": "Here is what happens:\n\n\t1.\tGenerate the Seed Phrase:\n\t•\tThe wallet software generates a random 128-bit number (entropy).\n\t•\tThis entropy is passed through a hash function (SHA-256) to produce a checksum.\n\t•\tThe original entropy and a portion of the checksum are combined to create a 132-bit number.\n\t•\tThis 132-bit number is split into 12 groups of 11 bits each.\n\t•\tEach group of 11 bits is mapped to a word from the BIP-39 word list, resulting in a 12-word seed phrase.\n\t2.\tConvert Seed Phrase to Seed:\n\t•\tThe 12-word seed phrase is converted into a binary seed using a key stretching function called PBKDF2 (Password-Based Key Derivation Function 2).\n\t•\tThe 12-word seed phrase is used as the input password for PBKDF2, and “mnemonic” is used as the salt.\n\t•\tThe PBKDF2 function runs 2048 iterations of HMAC-SHA512, producing a 512-bit seed.\n\t3.\tAdd the Passphrase:\n\t•\tThe passphrase (if provided) is concatenated with the 12-word seed phrase to form a new “mnemonic + passphrase” string.\n\t•\tThis combined string is again fed into the PBKDF2 function, with the same salt (“mnemonic”).\n\t•\tPBKDF2 runs another 2048 iterations of HMAC-SHA512, generating a new 512-bit seed.\n\t4.\tDerive the Master Key:\n\t•\tThe 512-bit seed is used as the input to HMAC-SHA512, generating a master private key and a master chain code.\n\t•\tThese are used to create a hierarchical deterministic (HD) wallet structure, according to BIP-32.\n\t5.\tGenerate Child Keys:\n\t•\tFrom the master private key and master chain code, child private keys and chain codes are derived for different account levels (e.g., account 0, account 1).\n\t•\tEach private key corresponds to a Bitcoin address.\n\nBy adding a passphrase, you’re effectively creating an entirely different seed, which results in a completely different set of keys and addresses. This additional layer of security is sometimes referred to as a “13th word” or a “seed extension.”\nIn short;\n1.\tGenerate entropy (random 128-bit number).\n\t2.\tConvert entropy to a mnemonic seed phrase using the BIP-39 standard.\n\t3.\tUse PBKDF2 with the mnemonic seed phrase and passphrase to create a 512-bit seed.\n\t4.\tDerive master private key and chain code using HMAC-SHA512.\n\t5.\tGenerate child keys and addresses using BIP-32. 🎯🙌🫡",
"sig": "39d06866ef13d5df078e01c049ce5e55516a5b4814f1b1c2531294f8b42fc58892b59af34cd24d97dfc5984068cd4efee40fa9710fbbea3f11ef78f886f7eb1c"
}