Bitcoin Forum
February 24, 2020, 06:05:59 PM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Use custom words (seed extension)  (Read 211 times)
Master1781
Member
**
Offline Offline

Activity: 126
Merit: 10


View Profile
October 09, 2018, 05:10:50 AM
 #1

I understand the using custom words (seed extension) makes it stronger, but is it really needed? I mean, if I set up a normal wallet, with the 12 or 13 words as default, that already brings a level of security higher enough?

Just wondering if I should use a wallet with this option to increase the seed.
1582567559
Hero Member
*
Offline Offline

Posts: 1582567559

View Profile Personal Message (Offline)

Ignore
1582567559
Reply with quote  #2

1582567559
Report to moderator
1582567559
Hero Member
*
Offline Offline

Posts: 1582567559

View Profile Personal Message (Offline)

Ignore
1582567559
Reply with quote  #2

1582567559
Report to moderator
1582567559
Hero Member
*
Offline Offline

Posts: 1582567559

View Profile Personal Message (Offline)

Ignore
1582567559
Reply with quote  #2

1582567559
Report to moderator
100% First Deposit Bonus Instant Withdrawals Best Odds 10+ Sports Since 2014 No KYC Asked Play Now
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1582567559
Hero Member
*
Offline Offline

Posts: 1582567559

View Profile Personal Message (Offline)

Ignore
1582567559
Reply with quote  #2

1582567559
Report to moderator
Abdussamad
Legendary
*
Offline Offline

Activity: 2380
Merit: 1255



View Profile
October 09, 2018, 06:24:52 AM
Merited by NeuroticFish (1)
 #2

You don't have to use the seed extension feature. It's secure enough without it.

The primary aim of the seed extension feature is to allow you to create multiple wallets with the same seed. So for example the first wallet would have a seed extension '1', the second would have the extension '2' and so on. All these wallets can easily be backed with just the one copy of the seed.

As for the security aspect you could use the seed extension to add a second factor to your written backups of the seed words but not everyone has a need for that.
Master1781
Member
**
Offline Offline

Activity: 126
Merit: 10


View Profile
October 09, 2018, 12:41:37 PM
 #3

Thanks, very interesting idea of using the custom words as a simple way to generate multiple wallets (pegged on the original seed)  Smiley
Coin-Keeper
Hero Member
*****
Offline Offline

Activity: 588
Merit: 502



View Profile
October 09, 2018, 06:08:23 PM
 #4

You don't have to use the seed extension feature. It's secure enough without it.

The primary aim of the seed extension feature is to allow you to create multiple wallets with the same seed. So for example the first wallet would have a seed extension '1', the second would have the extension '2' and so on. All these wallets can easily be backed with just the one copy of the seed.

As for the security aspect you could use the seed extension to add a second factor to your written backups of the seed words but not everyone has a need for that.

That is especially useful for those of us with hardware wallets.  Its a pain to constantly change SEED, but using vastly different passwords with one common seed is easy and convenient.

BTC: 1PYSBbuKM3kW19xe9TXJQfq64rPhd8XorF
Staked and Verified: https://bitcointalk.org/index.php?topic=996318.msg17102755#msg17102755
bob123
Legendary
*
Offline Offline

Activity: 1148
Merit: 1655



View Profile WWW
October 10, 2018, 07:47:15 PM
 #5

The security comes through the big amount of possible seeds. Adding one additional word/phrase wouldn't change too much.

The main reason is the possibility to create another 'wallet' based off the same seed.

That's especially interesting because it allows you to add plausible deniability (standard seed -> 'fake' account with small amount; seed with extension -> your real wallet holding your full amount of coins).
In case of being forced to give the seed away, you only will reveal the 'fake' wallet.

stomachgrowls
Hero Member
*****
Online Online

Activity: 1316
Merit: 550


Crypto-Games.net: Multiple coins, multiple games


View Profile
October 10, 2018, 09:40:04 PM
 #6

The security comes through the big amount of possible seeds. Adding one additional word/phrase wouldn't change too much.

The main reason is the possibility to create another 'wallet' based off the same seed.

That's especially interesting because it allows you to add plausible deniability (standard seed -> 'fake' account with small amount; seed with extension -> your real wallet holding your full amount of coins).
In case of being forced to give the seed away, you only will reveal the 'fake' wallet.
I have the same thing on my mind that this will matter most in security which i do actually made such way on where ensuring my main funds into a seed with extension because we wont know the possibilities of being attacked or got threatened forcing you to give your seed and with this feature you can really make a fake wallet with small amounts inside than exposing your main but chances of these scenario is just too small but its better to be ready than sorry.

▄▄█████████▄▄
▄█████████████████▄
▄████▀▀▀▀█████▀▀▀▀████▄
████▀██████▀█▀██████▀████
██████████████████████████
▐█████▄███████████████▄█████▌
▐███████▄▄█████████▄▄███████▌
▐██████▀█████████████▀██████▌
▐███████████████████████████▌
▀██████████████████████▀
▀████▄████▄▀▀▄████▄████▀
▀███████▀███▀███████▀
▀▀█████████████▀▀
  ▀▀▀▀▀▀▀▀▀
|
★.★.★   8 GAMES   ★   WAGERING CONTEST   ★   JACKPOTS   ★   FAUCET   ★.★.★
  ▄▄▄
▄█ ▄▀█▄
██ ▄▀██
 ▀▄▄█▀
  ▄▄▄
▄█▀ ▀█▄
██   ██
 ▀█▄█▀
  ▄▄▄
▄█▀█▀█▄

 ▀███▀
  ▄▄▄
▄██▀▄█▄
██▀▄███
 ▀▄▄▄▀
  ▄▄▄
▄█ ▄▀█▄
██ █ ██
 ▀▄▄█▀
  ▄▄▄
▄▀▄▄▄▀▄
█▀▀▀▀▄█
 ▀███▀
  ▄▄▄
▄▀   ▀▄
█  █▄ █
 ▀▄██▀
  ▄▄▄
▄█▀ ▀█▄
██   ██
 ▀█▄█▀
  ▄▄▄
▀ █ ▀
▀▀▄▀▀
 ▀▄█▄
  ▄▄▄
▄█ ▄▀█▄
██ ▄▀██
 ▀▄▄█▀
|
Master1781
Member
**
Offline Offline

Activity: 126
Merit: 10


View Profile
October 11, 2018, 08:57:48 PM
Last edit: October 11, 2018, 10:58:40 PM by Master1781
 #7

Thanks for the replies so far. I really enjoy Electrum, and try to understand this part better to use it safer.

A couple of more questions, if someone can asnwer as well (and sorry if has been asked before):

- Suppose I generate a wallet by using the seed + custom words. Is there a possibility that another wallet identical to this one can be created by only using the normal seed? That means, a hacker who tries (theorically) to test out all seeds would never find out this wallet (generated with custom words)? Or there's a Wallet(Seed_1 + CustomWords_1) == Wallet(Seed_2)

- I see in Github that Electrum have wordlists for other languages. Is there a way to generate a seed in Electrum by using these words, a command line option? I can only create the default English one.

- There are other Electrum apps for LTC, BCash, Dash. As said above, I could use my main seed in these apps as well, just being sure to create new Custom words for each wallet/apps. Is it safe to do so, considering I take the normal safety measures (not exposing the seed online, etc)? That way is a very convenient way to have many wallets for these coins, without creating new seeds everytime.

Grateful for all replies and time answering those questions.
stomachgrowls
Hero Member
*****
Online Online

Activity: 1316
Merit: 550


Crypto-Games.net: Multiple coins, multiple games


View Profile
October 12, 2018, 02:15:38 AM
 #8



- Suppose I generate a wallet by using the seed + custom words. Is there a possibility that another wallet identical to this one can be created by only using the normal seed? That means, a hacker who tries (theorically) to test out all seeds would never find out this wallet (generated with custom words)? Or there's a Wallet(Seed_1 + CustomWords_1) == Wallet(Seed_2)


According to this link http://docs.electrum.org/en/latest/seedphrase.html#version-number

If hacker do have plenty of time to take this:

Electrum currently use the same wordlist as BIP39 (2048 words). A typical seed has 12 words, which results in 132 bits of entropy in the choice of the seed.

Following BIP39, 2048 iterations of key stretching are added for the generation of the master private key. In terms of hashes, this is equivalent to adding an extra 11 bits of security to the seed (2048=2^11).


This only talk with normal seed how much more adding up a custom word.

▄▄█████████▄▄
▄█████████████████▄
▄████▀▀▀▀█████▀▀▀▀████▄
████▀██████▀█▀██████▀████
██████████████████████████
▐█████▄███████████████▄█████▌
▐███████▄▄█████████▄▄███████▌
▐██████▀█████████████▀██████▌
▐███████████████████████████▌
▀██████████████████████▀
▀████▄████▄▀▀▄████▄████▀
▀███████▀███▀███████▀
▀▀█████████████▀▀
  ▀▀▀▀▀▀▀▀▀
|
★.★.★   8 GAMES   ★   WAGERING CONTEST   ★   JACKPOTS   ★   FAUCET   ★.★.★
  ▄▄▄
▄█ ▄▀█▄
██ ▄▀██
 ▀▄▄█▀
  ▄▄▄
▄█▀ ▀█▄
██   ██
 ▀█▄█▀
  ▄▄▄
▄█▀█▀█▄

 ▀███▀
  ▄▄▄
▄██▀▄█▄
██▀▄███
 ▀▄▄▄▀
  ▄▄▄
▄█ ▄▀█▄
██ █ ██
 ▀▄▄█▀
  ▄▄▄
▄▀▄▄▄▀▄
█▀▀▀▀▄█
 ▀███▀
  ▄▄▄
▄▀   ▀▄
█  █▄ █
 ▀▄██▀
  ▄▄▄
▄█▀ ▀█▄
██   ██
 ▀█▄█▀
  ▄▄▄
▀ █ ▀
▀▀▄▀▀
 ▀▄█▄
  ▄▄▄
▄█ ▄▀█▄
██ ▄▀██
 ▀▄▄█▀
|
pooya87
Legendary
*
Offline Offline

Activity: 1918
Merit: 2367


Remember tonight for it's the beginning of forever


View Profile
October 12, 2018, 04:01:26 AM
Merited by NeuroticFish (1)
 #9

- There are other Electrum apps for LTC, BCash, Dash. As said above, I could use my main seed in these apps as well, just being sure to create new Custom words for each wallet/apps. Is it safe to do so, considering I take the normal safety measures (not exposing the seed online, etc)? That way is a very convenient way to have many wallets for these coins, without creating new seeds everytime.

no because first of all you will be doing Address reuse which is something you should try to avoid. also you don't know how safe are forks of Electrum. they may not be as secure as you hope them to be and you may be exposing yourself that way to attacks. not to mention the huge privacy loss!

what you can do is to use features of BIP32 which are explained in BIP44
basically you have 1 seed which will create your master private key at depth 0. then depending on which path you choose you will end up with a different set of keys that are being created from a master key at same depth level but from different hardened index so they are different. it would be like this:
m: seed and master key that you back up.
m/44'/0'/0'/0: your bitcoin wallet master key which you can even turn into a seed.
m/44'/2'/0'/0: your litecoin wallet master key which you can even turn into a seed.

https://iancoleman.io/bip39/

Abdussamad
Legendary
*
Offline Offline

Activity: 2380
Merit: 1255



View Profile
October 12, 2018, 08:18:42 AM
Merited by Master1781 (1)
 #10

Thanks for the replies so far. I really enjoy Electrum, and try to understand this part better to use it safer.

A couple of more questions, if someone can asnwer as well (and sorry if has been asked before):

- Suppose I generate a wallet by using the seed + custom words. Is there a possibility that another wallet identical to this one can be created by only using the normal seed? That means, a hacker who tries (theorically) to test out all seeds would never find out this wallet (generated with custom words)? Or there's a Wallet(Seed_1 + CustomWords_1) == Wallet(Seed_2)

It's not possible to test all possible seeds. The numbers involved are too large. However, hash functions are involved so if by some miracle you are able to test all seeds it's possible that there could be a collision like that.

Quote
- I see in Github that Electrum have wordlists for other languages. Is there a way to generate a seed in Electrum by using these words, a command line option? I can only create the default English one.

You can do this over the command line with the make_seed option. The command line is only available to linux and macosx users. Here's how you would do it:

Code:
electrum make_seed -L es

The above will generate a spanish language seed. Do `electrum help make_seed` for more information. Also mnemonic.py lists the language codes you can use.

If you don't have access to the command line you could try changing the language in your operating system's settings before running electrum. Electrum must be picking up the default language based on the regional settings set there.

Quote
- There are other Electrum apps for LTC, BCash, Dash. As said above, I could use my main seed in these apps as well, just being sure to create new Custom words for each wallet/apps. Is it safe to do so, considering I take the normal safety measures (not exposing the seed online, etc)? That way is a very convenient way to have many wallets for these coins, without creating new seeds everytime.

Grateful for all replies and time answering those questions.

The more places you use your seed the greater the chance of being robbed. The teams behind altcoin clients are less reputable than the bitcoin client team so I wouldn't recommend it.
Master1781
Member
**
Offline Offline

Activity: 126
Merit: 10


View Profile
October 12, 2018, 04:27:44 PM
 #11

Thanks a lot for the answers. Really apreciate it. I understand better now.

HCP
Legendary
*
Offline Offline

Activity: 1246
Merit: 2264

<insert witty quote here>


View Profile
October 12, 2018, 10:48:46 PM
 #12

- There are other Electrum apps for LTC, BCash, Dash. As said above, I could use my main seed in these apps as well, just being sure to create new Custom words for each wallet/apps. Is it safe to do so, considering I take the normal safety measures (not exposing the seed online, etc)? That way is a very convenient way to have many wallets for these coins, without creating new seeds everytime.

no because first of all you will be doing Address reuse which is something you should try to avoid.
How can you be reusing addresses by using the same seed in other versions of Electrum for other coins? Huh Especially, if adding different seed extensions?

As far as I'm aware, all the various forks of Electrum utilise the appropriate derivation paths for their specific coin... so aside from the fact that most coins (BCH excepted) use and generate completely different address formats... the actual underlying hex values generated will be completely different, even if you were to use an identical seed/custom extension. Huh

The only time that wouldn't happen, is for an exceptional cash like BCH, where they were (originally) trying to be "bitcoin" and created identical addresses (and a boatload of confusion Tongue)

pooya87
Legendary
*
Offline Offline

Activity: 1918
Merit: 2367


Remember tonight for it's the beginning of forever


View Profile
October 13, 2018, 04:35:12 AM
 #13

- There are other Electrum apps for LTC, BCash, Dash. As said above, I could use my main seed in these apps as well, just being sure to create new Custom words for each wallet/apps. Is it safe to do so, considering I take the normal safety measures (not exposing the seed online, etc)? That way is a very convenient way to have many wallets for these coins, without creating new seeds everytime.

no because first of all you will be doing Address reuse which is something you should try to avoid.
How can you be reusing addresses by using the same seed in other versions of Electrum for other coins? Huh Especially, if adding different seed extensions?

As far as I'm aware, all the various forks of Electrum utilise the appropriate derivation paths for their specific coin... so aside from the fact that most coins (BCH excepted) use and generate completely different address formats... the actual underlying hex values generated will be completely different, even if you were to use an identical seed/custom extension. Huh

The only time that wouldn't happen, is for an exceptional cash like BCH, where they were (originally) trying to be "bitcoin" and created identical addresses (and a boatload of confusion Tongue)

if they really use a different derivation path (like what i said in my above comment) then you are correct it won't be address reuse. but if they use the same path then even if your addresses are different (like 1... for bitcoin, L.... for litecoin, D.... for dogecoin) the keys are the same and when you create a signature, append your public key to the transaction ,... you are reusing the same key.

not that "address reuse" is not exactly reusing "address" it is reusing "key".

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!