Author: Jonas Schnelli 2016-07-26 20:10:15
Published on: 2016-07-26T20:10:15+00:00
The article explains how a master mnemonic is generated from standard mnemonic as described in BIP39. A new string is created from the master mnemonic using Count and Strength, where Count denotes the different derived mnemonics of a given strength and Strength is calculated based on the number of words desired for the derived mnemonic. The string is then hashed using sha512. The author suggests using sha512_hmac with a passphrase and salt and highlights security downsides of using checksum based on predetermined wordlist. They propose an alternative idea of deriving a child key after bip32 and using the derived 256bits to encode the mnemonic. The author also expresses concerns about users only storing and backing up the bip39 mnemonic as reconstructing funds from a seed can be difficult without access to a trusted TX-indexed full node, and novice users might underestimate the risk of losing metadata coupled with their transactions when they only store the wallet seed.
Updated on: 2023-06-11T19:13:17.927465+00:00