Author: BitPLATES (Chris) 2021-05-11 17:45:13
Published on: 2021-05-11T17:45:13+00:00
The email conversation discusses the proposal of an optional method of producing a BIP39 passphrase, using only BIP39 'mnemonic' seed words. This method is designed to provide two-factor authentication, to protect a Bitcoin wallet using only 24 seed words, and providing plausible deniability about the existence of this separate second layer passphrase. The proposed 'quantum' passphrase offers an exponential increase in the level of protection, as that offered by the original BIP39 mnemonic seed words (≈2048^23 possible combinations). With existing computer capabilities, this level of protection is far greater than required; however, this does provide a sufficient level of protection for each separate layer of a two-factor Bitcoin wallet, should any one layer be accidentally exposed. The well-established practice of preserving up to 24 seed words for the purpose of reproduction of a Bitcoin wallet suffers from a major flaw, exposure of these mnemonic seed words can cause catastrophic loss of funds without adequate multi-factor protection. Whilst it is recognised that a number of multi-factor solutions are available, including the standard BIP39 passphrase, and hardware wallet multi-signature functionality, this proposal aims to provide an extremely safe and secure 'low-tech' option, that requires minimal (non-destructive) adjustments to the seed words.The 'quantum' passphrase is based on the well-established security of the existing BIP39 standard. There are 2048 possible words that can be chosen from the BIP39 word list. Therefore, to derive a seed from a string of 24 BIP39 words, is exactly the same as deriving a seed from the full 24 words. If both, seed words and quantum passphrase, are stored on two separate metal backup storage plates, in two separate locations, then the accidental disclosure of either one provides 2048^23 (or 10^76) possible combinations of words to decrypt. The quantum passphrase provides the same degree of security as the original 24 seed words.The proposed 'quantum' passphrase offers a number of advantages over the existing methods of multi-factor protection. Firstly, this method of creating a passphrase leaves no evidence of its existence on any backup devices, providing plausible deniability in case of coercion. It presents a way of discouraging user-created words or sentences (also known as 'brain-wallets'), which often provide a drastically reduced level of passphrase security, unbeknown to many users. The large amount of data required to produce a 'quantum' passphrase (up to 96 characters long), encourages the physical backup of the passphrase. Furthermore, the use of BIP39-only words provides a higher degree of standardization, which can help to avoid potential mistakes made by creating unnecessarily complicated combinations of letters, numbers, and symbols.The proposed method of passphrase generation consists of two parts: First - generating the BIP39 mnemonic seed words, using a BIP39-compatible hardware wallet. Second - Converting these seed words into the 'quantum' passphrase, following four simple rules, which most importantly, do not destroy the integrity of the initial data. Following just four (non-destructive) BIP39-compatible rules, the 24 seed words can also function as a 'quantum' passphrase. In essence, the 'quantum' passphrase is simply a single string of all 24 seed words, set out using the above rules.
Updated on: 2023-06-14T21:47:50.841429+00:00