Bitcoin Forum

As far as I know, bip39 is the most standard way to memorize your HD wallet but I don't like it for at least two reasons :

• it's not compatible with the bitcoin core client
• I don't find the generated words easy to memorize

So lately I've been learning about mnemonics in order to memorize the bitcoin core seed.  After experimenting quite a bit, I concluded that at least for me, the the PEG system works better than the method of loci.

What is the PEG system?  Well it seems that there are several definitions of it on the web, but the one I like is an analogy with what is done when you leave your shirt to a dry cleaner.   They will stick a number to it and give you a receipt with that number.   That's how the PEG system differs from the method of loci : you don't really memorize a sequence of things, instead you memorize associations between numbers and things.   That's why people who use this method can recall the things they memorized in any order.  I'm not sure that is possible with the method of loci.

So what worked for me is the combination of the PEG system and the so-called major system (https://en.wikipedia.org/wiki/Mnemonic_major_system).

So to memorize a seed, I first converted it to decimal, from which I made 38 integers from 0 to 99.

Each of this numbers is turned into a word with the major system.  Then each of these words is "pegged" to something that represents the position index in the list.   These things representing the indices form what is called the recall table.  This recall table doesn't have to be secret.

For instance, the second entry in my recall table is Elizabeth II :

https://upload.wikimedia.org/wikipedia/commons/thumb/b/b6/Queen_Elizabeth_II_in_March_2015.jpg/220px-Queen_Elizabeth_II_in_March_2015.jpg

So for instance if the second number you had to memorize was say 53, then you can picture Elizabeth II riding a lama (because "lama" is 53 in the major system), or you can think of the sentence "the queen is lame".  I personally like using images of animals, but to each his own.

https://www.agence-bolivie.voyage/wp-content/uploads/2017/04/faune-lipez-lamas-4-450x350.jpg

Whatever method you choose to build your recall table with, I think it is important that you do not use the major system, since you will associate two numbers, you want a way to know which is the index and which is the seed chunk value.  Only the latter will be built with the major system.  For the former, you can use anything.   Since the recall table does not have to be secret, you can take inspiration from public knowledge data.

For the 33rd entry of my recall table for instance, I looked up the wikipedia page for 33 :

https://en.wikipedia.org/wiki/33_(number)

and then I picked the islamic prayer beads as a PEG for that position (as it has 33 beads) :

https://commons.wikishia.net/images/thumb/0/03/%D8%AA%D8%B3%D8%A8%DB%8C%D8%AD_1.jpg/300px-%D8%AA%D8%B3%D8%A8%DB%8C%D8%AD_1.jpg


Memorizing a bitcoin seed with this method implies building a recall table of size 38.  It's perfectly doable.  The main hassle I think is to type all these numbers : it is tedious and stressful because you're typing sensitive information you can't save anywhere and if you make a typing mistake you have to start over again.

Would it be possible to make an example of this being used to show how big the mnemonic for a seed would be (eg the standard 12 word (128bit) seed).

Why using PEG system or something to remember the seed? How is it having good advantage over knowing the seed phrase. With the seed phrase, you can know the seed as seed phrase generated the seed through key stretching function PBKDF2 using HMAC-SHA512. It is not good to memorize anything be it the seed or the seed phrase. Complicating the whole thing can lead to loss of coins. Best to backup (like 3 backups) the seed phrase offline, safe from attack and damage in different locations.

The seed phrase can be used synonymous with the seed, but they are not the same, as stated in OP that it will first convert it (the seed) to decimal (seed are in hexadecimal), that means he meant the real seed.

A bip32-compatible seed is 32 bytes long (or rather, it should contain 32 bytes of entropy).   As I wrote, that is 38 numbers for 0 to 99.  Here is a random exemple to get an idea of what that looks like :

38 56 21 6 4 95 81 77 72 67 36 60 91 59 2 65 44 31 34 76 61 10 99 49 12 74 32 89 66 10 89 90 49 7 84 88 95 98

Why not? I see it as another fail-safe mechanism, as even something stored offline can be lost/destroyed. After all, it's not like it hasn't happen already to bunch of people, even those that had shit load of BTC.

@grondilu an interesting topic, exactly at the time when I was thinking about some thing like that.

Some more examples of my recall table :

23 is Michael Jordan

https://1.bp.blogspot.com/-Cry4R-TLcGA/T7EBGK7tzrI/AAAAAAAAC6M/Y18uuOYbe8g/s1600/michael+jordan+-+01.jpg

31 is a French animated series I used to watch as a kid :

https://www.wcostream.com/wp-content/catimg/249653.jpg

14 is the most famous French king :

http://laflocelliere-stjoseph.fr/wp-content/uploads/2016/07/1004964-Louis_XIV_par_Rigaud.jpg

Building a recall table is actually kind of fun.

If I get this right (I mean OP), the final result will not be memorizable, the 128 bit hexadecimal seed will be converted to decimal and split into 32 which he regarded as the size. This will result to getting of 32 pictures or words which you can use for each number (decimal numbers splitted into 32) to remember.

But, is there any wallet the pictures or words can be imported and it will generate the right keys and the addresses? No. This will make it very difficult to access the keys especially as a means of inheritance. It is not in accordance to any BIP or any reputed wallet standard.

In my opinion, I just see this as a means of someone toying with his or her coin. But we all have different opinions about how to protect our coin, I will prefer the seed phrase (+ passphrase).

Better still to go for multisig wallet. There are BIP options that makes this above approach not necessary, and yet highly not recommendable.

You´d do it with bitcoin core.  It can create a wallet from a seed, can´t it?

Apart from bitcoin core the only thing you need is some code to turn the seed from hex to decimal and back, but that can be done with most programming languages in one line or so.

What I am suggesting is actually conform to a bip : bip32.  It's a way to memorize a bip32 seed.

It is not supposed to be memorized. Mnemonics, despite what the term may sound like, is a way of converting a hard-to-write bitstream to a human-readable string so that the user can easily write it down on a physical medium and later on enter it in a computer program.

The entropy size for BIP32 is between 16 and 64 bytes and I believe the seed that bitcoin core uses is actually 256 bits which means if you convert it with your scheme you should end up with at least 70 values.
The problem with this idea is that memorizing this many values is very hard for people unless they have eidetic memory. As time passes you will forget parts of it or the order of some values and will be screwed.

So you end up with 38 things to memorize, but you have no way of memorizing the order? So in 5 years' time even if you somehow manage to recall all 38 things without forgetting a single one (which is incredibly unlikely), you now end up having to brute force 38! possible combinations, which is impossible. Even if you could brute force a trillion combinations a second, it would take you over a trillion times longer than the age of the universe to even calculate 0.1% of all possible combinations.

Your system also has no way of covering duplicates?

All in all, as with any system which relies on memory alone, this sounds like a great way to lose your coins. Just write your seed phrase on paper like you are supposed to.

It's not compatible with core wallet, but you could still use offline version of iancoleman mnemonic code converter to convert BI39 words to any other supported formats.
Bitcoin core recently added support for hardware wallets so maybe it could still support BIP39 indirectly.

I would not count so much on my memory and brain to remember anything important long term like seed words, with age memory gets worse and there is always a chance you get strike by Alzheimer's or something similar disease.
One more flaw is that we are all going to die one day and we don't know when exactly, so you (and your family) are screwed if you don't have backup written on paper or metal.
Don't get me wrong, I think it's interesting that people are creating their own alternative systems for bip39, and you can use whatever you feel comfortable with.

No. Not for memorizing. It's the modern way to write down your "keys" (especially because common English words are less prone to error than "random" strings)
Memorizing such things are not advised, since accidents and strokes are far too common. Of course, you are free to do what you want with your own money...

The point of the recall table is precisely to encode the order.

Heck, here is my full recall table.  As I said, it does not have to be secret.

1 is Attila, leader of the Huns.  Because "Hun" sounds like one in French.

https://www.msxlabs.org/forum/attachments/60806-attila-attila.jpg

2 is Elizabeth II.

https://i.ebayimg.com/images/g/u1oAAOSwve5XN1F7/s-l400.jpg

3 is anything related to the Troyan war.  Because "Troy" sounds like three in French.

https://comicvine1.cbsistatic.com/uploads/square_small/13/131179/2822595-h4.jpg

4 is Chaterine Deneuve.  Because that first name sounds like four in French and as a kid I saw a movie with Catherine Deneuve wearing a donkey skin and I found the image very striking.

http://images.jedessine.com/_uploads/_tiny_galerie/20150417/vign-peau-d-ane-de-jacques-demy-1970-reference-1-87s_42q.jpg

5 is a hand because it has five fingers.

http://www.handsurgeonlondon.co.uk/images/hand-surgery.jpg

6 is any insect.  Because insects have six legs.

https://pngimg.com/uploads/ant/ant_PNG19349.png

7 are Disney's seven dwarves.

https://3dprint.com/wp-content/uploads/2018/01/Seven-dwarves.png

8 is Spiderman.  Because spiders have eight legs and I didn't want to pick an animal to avoid confusion with 6.

http://www.gifsanimes.fr/fonds-ecran/iphone/spiderman/spiderman-gifs-animes-127110.jpg

9 is anything evoking an egg.  Because "an egg" in French sounds like 9.   For instance I can use Lewis Caroll's Humpty Dumpty.

https://www.thusimbu.com/wp-content/uploads/2020/05/images-54.jpeg

10 is Charlton Eston in "the ten commandements"

https://www.biblicalarchaeology.org/wp-content/uploads/2017/06/moses-ten-commandments.jpg

11 is anything related to soccer.  Because a soccer team has 11 players.

https://whatthingsweigh.com/wp-content/uploads/soccer_ball-300x300.jpg

12 is Jesus Christ and his twelve apostles.

https://news.artnet.com/app/news-upload/2018/03/Young-Leonardo-Last-Supper-Canvas-Painting.jpg

13 is mother Theresa.  Because her first name vaguely sounds like 13 in French.

http://lusile17.l.u.pic.centerblog.net/o/df2032d1.jpg

As mentioned previously, 14 is Louis XIV

https://static.lexpress.fr/medias_10559/w_1437,h_625,c_crop,x_19,y_328/w_480,h_270,c_fill,g_north/v1441097767/louis-xiv-of-france_5406583.jpg

15 is anything related to rugby, as there are typically 15 players in a rugby team.  I picked a famous French rugbyman :

http://resources2.news.com.au/images/2012/09/06/1226466/830862-sebastien-chabal.jpg

16 is Louis XVI and the way he died.

https://jaimelesmots.com/wp-content/uploads/2020/09/guillotine-e1599589946231.jpeg

17 is Louis XVII.  This child died in jail so I imagine him there.  It's striking enough of a mental picture for me but there is none on the web.

I struggle with 18.  So far I'm using a symbol for something NSFW as it's often marked as "18+", but I'm not too happy with this entry.

https://i.ytimg.com/vi/rEchCYhi62s/hqdefault.jpg

I struggle with 19 too.  I pick a place where I used to live as the door number was 19.  No pictures for this on the web of course.

20 is anything related to wine, because "wine" in French sounds like 20.

https://www.thebestbrainpossible.com/wp-content/uploads/2012/01/red_wine5.jpg

21 is Tarot.  Because in tarot there are 21 trump cards.  I can also use a card trick discussed in this numberphile episode (https://youtu.be/d7dg7gVDWyg).

https://tarot.lesbubars.net/img/21@2x~iPad.png

22 is police.  Because in French there is a famous saying "22, v'la les flics"

https://i.pinimg.com/236x/92/4a/91/924a91d80406bb489878996de09a42f2--police-uniforms-police-officer-uniform.jpg

23 is Michael Jordan, as mentioned previously.

http://es.globedia.com/imagenes/noticias/2013/1/28/posible-regreso-canchas-michael-jordan-anos_1_1549860.jpg

24 is anything related to the French car race "les 24 heures du Mans" :

https://e-tourismepdl.fr/wp-content/uploads/2014/04/24heures-du-mans-300x225.jpg

25 is Santa Claus.

https://cdn.newswire.com/files/x/97/93/9900ab9b0955036c30f6e556d07f.jpg

I couldn't pick anything better than iron for 26.  Iron's atomic number is 26.  I picture an iron sword for instance.

https://gbf.wiki/images/thumb/a/a9/Weapon_b_1010001200.png/462px-Weapon_b_1010001200.png

27 is the day number of my birthday so I picture a birthday gift.

https://birthdaypresent.org.uk/wpimages/wp1e248f64_06.png

I haven't found anything truly satisfying for 28, so for now I think about four number sevens or something.

29 is the atomic number of copper.  So I think of copper wires.

https://www.roboelements.com/wp-content/uploads/2018/11/bare-enameled-copper-wire.jpg

30 is Judas Iscariot.  Because he is said to have betrayed Jesus Christ for thirty silver coins.

https://alchetron.com/cdn/judas-iscariot-e2edcddc-b11c-404d-9f8e-a080e601e5e-resize-750.jpg

31 is anything related to this animated series I mentioned previously.

https://static.fnac-static.com/multimedia/Images/FR/NR/ec/f8/8b/9173228/1540-1/tsp20171201164619/Ulye-31.jpg

32 are a full set of teeth.

https://image.shutterstock.com/image-illustration/healthy-human-teeth-normal-occlusion-260nw-1408362521.jpg

33 again as mentioned above is a misbaha.

https://i.ebayimg.com/images/g/dV0AAOSwFu1b7udU/s-l300.jpg

34 is the atomic number of Selenium, which means moon in Greek.  So, the moon.

https://static.scientificamerican.com/sciam/cache/file/1A27A1E2-D445-4AD8-8B798CFF85F09FD6.jpg

I'm not entirely satisfied with what I found for 35.  On wikipedia I learned that it is a tetraedral number so I went with the corresponding picture.

https://www.numbersaplenty.com/pics/tetrah.png

For 36 I went with the Jewish belief that the first light created by God shone for 36 hours.  So I imagine an empty space irradiated by light.  No web picture for this.  Obviously this is not a very satisfying entry but it works.

37 is the human body temperature in Celsius.  So I pick a thermometer.

https://medinstrum.com/wp-content/uploads/2017/02/Acuset-Thermometer.jpg

38 is the American roulette, as it has 38 slots.

https://online-francais.top/wp-content/uploads/2020/06/roulette-casino-450x254.jpg

But you'll need 2048 words and associations between them. It's going to take a significantly long time for you to figure out words to associate with each of those numbers. Also, if someone can figure out a few common guesses on what word you'd assign a number (the Michael Jordan bulls jersey really stands out in this regard) then you lose one of the main advantages of this PEG system - that people don't know your words, as BIP39 wordlists are public for everyone to see.

Your brain is much more susceptible to damage, and inaccuracies than other physical items. Our memory as humans is absolutely awful, and that's even at the beginning of our life spans, though as we age the brain, and therefore the memory also deteriorates along with it, this is without including the possibility of brain diseases which can effect your memory.

This memorization technique is fun, and although it might be suitable for certain people, I wouldn't count on my memory even if I did. I've also practiced the memorization techniques of loci, and while I might have thought or even used it with a Bitcoin private key, I certainly wouldn't rely on it as a single point of failure. I actually got into the technique via Derren Brown, who's an expert of misdirection or mentalist if you'd prefer.  He uses this technique multiple times in his shows, one show he uses it to memorise a large part of London streets, and it almost works flawlessly on the night.

However, I couldn't with good conscious while openly admitting this technique is actually quite effective, recommend using this as a single point of failure to memorize a private key. What do I mean by single point of failure? Well, I mean this shouldn't be the only way that you are remembering your private key, seed or whatever. Contingency plans are needed for everything, in fact I think you should have plans for a system that includes as many systems for point of remembrance, without compromising security, especially if you're holding onto anything of considerable value.

If you are physically storing that recall table, without encryption otherwise to be able to encrypt it you'd have to remember that method, which you wouldn't be able to do with loci, then the security of this is already compromised compared to several other methods. Derren Brown actually doesn't recommend using a recall table as you put it, and the method of loci can be memorized quite well without it.

For example, if you picture a house with rooms, in each room create the association in your head of the images you have above, and go through the house in a particular order, that then becomes your recall table, however it isn't actually physically stored anywhere. Of course, this means your susceptible to what I said earlier about the human brain being rather bad at remembering things, though if you are storing that recall table anywhere else, but your brain then there's a small chance, that someone else gaining access to it could potentially decipher the meaning via association just how you constructed it.

Like I said above, the best way I can think of doing it would be imaging a house with rooms, and then going through it in a logical way. For example, go left first when there's multiple options, and use a house your familiar with like your own. This method is pretty effective, and I've done it for things for fun in the past, though I absolutely would not solely rely on this for memorizing the access point of my Bitcoin.

Nobody should, but we may have to in case the government seizes all our belongings.

I don't pick the numbers arbitrarily.   The numbers are coming from the seed.  Say the number I must associate with Jordan is 28 (it's not the actual number I'm using, 28 is just a random number I've just generated for illustration purpose), then I must chose a word that codes 28 in the major system.

28 is n + (v or f).   So I can picture Michael Jordan handling a knife.  You can't guess that from Michael Jordan alone because me picking the knife for 28 had nothing to do with me picking Michael Jordan for 23.

Even then there's probably better ways of doing this. I've seen loci work in the short term, however the long term data on it isn't great, since I know for a fact that the things I once remembered with it, aren't as great in my memory as when I did then years ago. Thus, I would say unless you're accessing this information in your brain frequently, it'll deteriorate. If you're using this technique or practicing it, then you need a way of verifying it, since your memory is definitely susceptible to inaccuracy.

I'd have to give it a little think, but I'm sure that there's other ways of doing this that doesn't solely rely on your memory, because quite frankly I don't believe that most people have the discipline to remember this, and practice it frequently enough to keep it sound in their memory.

Even if the alternative means remembering small amounts of data compared to this, that might be a slightly better solution.

If government seizes all your belongings (that is always a possibility) do you think you would still be able to function and think normally?
They could also reprogram your brain and extract any information and images you are hiding, with force or blackmailing.
Few days ago I watched one movie related with Project MKUltra, hypnosis and human experimentation that could be used to extract any images you hold in your head.

Funny thing about a memory, I can still remember some stupid things and songs from my childhood, but I can't easily remember a phone number or someone's birthday.
Some people have better photographic memory but others are terrible in this, so not everyone would be able to use your system with images.

Better solution: Multisig and using multiple locations or even multiple countries for hiding your keys, and if all the governments in the world start to confiscate everything from people, than we all all screwed anyway.

Memorizing is only good as a last resort type of backup, a back up that you don't really rely on, but still keep because one extra back up won't hurt.

From my experience the mnemonic seeds from Electrum are very easy to memorize and keep in memory for long periods of time, but if you feel like your method works better for you, then go ahead. But I think most people will find the standard seeds easier.

Cognition during childhood is innately stronger and this declines with aging. To speak a language fluently, you would have been exposed to people speaking the language since your childhood. I still remembered one thing I did recited during my childhood up to this day bafter long period of time I did not recite it again. It was one when I was a child, I made it like 8 during my teen age, but I forgot the whole 7 completely while still remember the first I had known during my childhood.

There are long term memory and short term memory. There are numbers (although not long) I still remember because I have known it for long and put it to daily use, like my dad and mum phone numbers, I can never forget both. But there are still numbers that I thought I have learnt but I forgot because I did not put them into use. Not putting something into use will result into the information gradually fading away from someone's memory.

It is certain that seed phrase, seeds and many other things related to wallet including what is in the OP will not be in frequent used, this will finally and easily result to forgetfulness of it. That is why seed phrase or anything related can not be memorized which is perfectly wrong because the person can not turn it into morning, afternoon and night anthem for years, while not forgetting after not uising it as anthem again is not guaranteed, which can result to coin loss.

The only one outside of BIPs which is better but which I can not still recommend is Shamir secret sharing, which will convert seed phrase or anything encrypted to characters which I do not prefer unlike the seed phrase itself which is easy to write down and backup, while passphrase can be included but backup in different location to increase the backup security, while also multisig is a good way to go about this.

This is the bottom line, really. It doesn't matter how good your system is or how strong your memory is, when everything from a stroke or an aneurysm or even a simple fall and blow to the head could render the whole thing useless. If I gave you a piece of paper and said "Use this to back up your seed phrase, but there is a not insignificant chance it will spontaneously combust with no warning whatsoever and you'll lose everything", you would of course refuse. Relying on your memory is really no different.

You should have multiple off-site back ups anyway. Backing up everything in the same location as your main wallet (i.e. in your house) provides no protection against fire, flood, or other natural disasters. If the government or law enforcement raid your house, your off-site back ups will be safe provided you have kept their existence private. Use passphrased wallets, or even better multi-sig, for this set up for additional protection.

And this is true not only for memorizing the seed, but also for some homebrew crypto schemes - someone can easily lock themselves out if they forget their algorithm; or with hiding the seed very deep, like for example burying it somewhere and then suffering from memory loss and not being able to find the location.

True, but there are a couple of distinct differences. Having to remember 38 completely arbitrary things like Michael Jordan or a llama in a specific order is a very different scenario to remembering "I hid my seed phrase in this location". You are far more likely to misremember one of 38 things, than you are to misremember a single thing. Further, simply trying to memorize a list is a very poor way of committing things to long term memory, whereas physically going to a location and performing a task (such as hiding your seed phrase there) is something which is much more easily remembered.

Also, it is far easier to say to your spouse or other family member "My seed phrase is hidden in location x" than it is to say "I need you to commit to memory this list of objects". If you have no single person you can trust with knowledge of your back ups, then create a multi-sig and split it between multiple people. All are preferable to relying on your memory.

I don't like systems where you are required to memorize important sequences that give you access to your funds. It works great while your brain functions the way it is supposed to. It becomes a nightmare when it no longer does. The standard and recommended way of storing seed is good enough. Make multiple paper or metal backups that are stored in separate locations and increase the security with a passphrase. The passphrase and the seed should also never be in the same place.

People get old, they get sick, you can have an accident and head trauma that causes permanent memory loss. The system won't help you if that happens. Besides, someone will one day probably inherit what you own. Do you think your system of numbers and pictures is easier for someone to decipher than a piece of paper or metal with the proper words written down from 1-12/24? If this works for you, congratulations. I hope that in the future your brain won't fail on you. But there are very few that don't. I wouldn't complicate things for my family though.

If this works for you, that's quite impressive. But to me, it seems like a lot more work and a lot more difficult than just converting the seed into 12 or even 24 words and memorizing those. Elizabeth could just as well be a mummy (33) or boss (90).
It gets even more confusing when you have more than one seed to remember.

Each number has 2 decimal digits, that's how it ends up at 38.

Years ago, I hid a paper wallet somewhere in the house before going on vacation, and despite searching everywhere, I never found it back. But indeed it wasn't my only storage method, so I didn't lose anything. I can remember some things for years without problems, while instantly forgetting some very obvious other things.

If that's your fear, I suggest to keep an encrypted backup on another location. Or hide it somewhere, it can be very small and very difficult to find for someone who doesn't know what they're looking for.

"Elizabeth" has four consonants : LZBT, which is 5091.  There's no way I would confuse her with a number between 0 and 99.

Elizabeth II represents 2 for me because the number 2 is literally in her title.

I'm not sure you understood my method, so again : the concepts in the recall table do not use the major system.  Only the numbers they are pegged to, do.  If the n-th number in my list is x, I turn x into a word with the major system and I create a mental association of that word with the n-th entry in my recall table.

Let's say I want to memorize the first few decimals of pi : 31 41 59 26.  I must associate :

* 31 to Attila.   I can imagine him trying to speak and failing, because he is mute.  Or I can think of him being a insane killer, so he is mad.
* 41 to Elizabeth II.  I can imagine her screaming because she just saw a huge rat.  I need to stress that it is huge because I need to remember that it is not a mouse, as that would be 30.
* 59 to the Troyan war.  I can imagine Helen of Troy biting her lip when seeing Paris.
* 26 to Catherine Deneuve.  I can imagine her reading Nietsche's "Thus spoke Zarathustra".

etc.

Try my method to memorize 40 decimals of pi, or more.  I bet it will work.


You probably don't have many seeds to remember but you're right, it's probably a bad idea to use this method to memorize several seeds.

I completely agree that forgetting when you placed your wallet is not as likely as forgetting the seed, but still it's something I want to warn people about. It's very important to have multiple independent backups to not rely on a single backup, because it will prevent a lot of potential problems like this one.