Bitcoin Forum
February 17, 2019, 05:13:08 PM *
News: Latest Bitcoin Core release: 0.17.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [GUIDE] Encoding Bip39 Seed Phrase to Hex Code  (Read 171 times)
DireWolfM14
Copper Member
Full Member
***
Online Online

Activity: 308
Merit: 221



View Profile
October 30, 2018, 04:12:02 PM
Last edit: October 31, 2018, 03:23:35 PM by DireWolfM14
Merited by dbshck (4), pooya87 (2), LoyceV (1), Husna QA (1)
 #1

Introduction

I recently decided to stamp my seed phrases onto stainless steel blanks for preservation.  I wanted to preserve and secure the seed phrases for multiple wallets, including the ones I've created for each of my children.  I didn't want to spend all day stamping letters into stainless, and for security purposes I didn't want the actual seed words stamped on the metal.  The spreadsheet I've created below gives me a tool to resolve both issues.  


Background

BIP39 Seed Phrases are utilized by many hardware, desktop, and mobile-app wallets and their respective software.  They are not only used for Bitcoin, but many other coins as well.  There are even some web wallets that utilize BIP39 seed phrases for backup and recovery.  The phrases are most often 12 words in a string, but can be longer.  The words, and the order in which they are generated is critical information and represents the Private Keys of the wallet.  You'll need the seed phrase to restore the wallet in case the hardware on which the wallet resides is lost, stolen, or otherwise compromised.  With the seed phrase you can restore the wallet onto multiple devices, or in the case of cold wallets; once the wallet is created and the seed phrase secured you may choose to not have the private key reside on any electronic device.


The Issue

The seed words themselves may be several characters long, and may be in an order that is easy to remember.  From the practical perspective, I didn't want to spend a lot of time stamping hundreds of characters into steel.  While wanting to secure many wallets it was looking like I would have to dedicate a lot of time stamping seed phrases into the steel blanks.

The security issue of having the seed phrases stamped onto a piece of steel that some one might see was also something that concerned me.  Even with the steel locked in secure storage such as a safe, the potential for someone to see them does exist.  Someone with a quick eye and a keen memory could theoretically see the phrase and remember it, and then proceed to steal the funds.


Solution

It occurred to me that encoding the phrases could resolve both of my concerns.  I choose to use the numeric value of the list position of the BIP39 word and then encode the numeric value to HEX code format.  This method compresses the information to three characters per word, and by converting the seed phrase into a format that is not immediately recognizable to most, makes the character string harder to remember.  

Although this encoding method does not encrypt the information, it can be combined with encryption techniques for added security.  A simple or complex seed number shift can easily be added to the tool outlined below.  That will be covered by another post.


Build the Spreadsheet

Security

Since you will be typing your secret seed words into the spreadsheet, I suggest building the spreadsheet on an air-gapped computer, or one that you are 100% confident is not infected with a virus, malware, or a key-logger.  Your security is your responsibility, do not skimp.


Sheet 1; BIP39 Word List

Online Computer:
  • Browse to GitHub and download the Bip39 word list in your preferred language.
  • Copy the list onto a clean USB drive for transfer to the offline computer.

Offline Computer:
  • Start a spreadsheet, and name the first sheet "BIP39 Word List" (the name of this sheet is critical for the functionality of the formula.)
  • Copy the 2048 words from the word list you've chosen, and past the words into a single column in the sheet titled "BIP39 Word List."




Sheet 2; Encoding

  • Create anther sheet and name it "Encode" (the name of this sheet is not critical.)
  • In the first row, apply names to the columns as a reference (see example below.)
  • In my example I've named column A "Seed Words,"  and column B "Hex Code."
  • Type or paste your seed seed words in column A, typing one word per cell (see example below.)
  • Copy the formula code below and past it into cell B2.
  • Drag the formula down through all the cells you want to convert.

Code:
=DEC2HEX(MATCH(A2, 'BIP39 Word List'!$A:$A, 0)+ROW('BIP39 Word List'!$A:$A)-1, 3)




Sheet 3; Decoding

  • Create a third sheet and name it "Decode" (the name of this sheet is not critical.)
  • In the first row, apply names to the columns as a reference (see example below.)
  • In my example I've named column A "Hex Code,"  and column B "Seed Words."
  • Type or paste your Hex Code in column A, typing one code per cell (see example below.)
  • Copy the formula code below and past it into cell B2.
  • Drag the formula down through all the cells you want to convert.

Code:
=INDIRECT("'BIP39 Word List'!A"&HEX2DEC(A2)+0)




Spreadsheet Tool

I have made my sample spread sheet available for viewing and downloading.  Editing the spreadsheet has been disabled.  It has an unfunded TestNet seed phrase as an example.  I suggest you use the formulas above to build your own, and use it on an air-gapped device.  The Spreadsheet link is here, if you need to download it.



1550423588
Hero Member
*
Offline Offline

Posts: 1550423588

View Profile Personal Message (Offline)

Ignore
1550423588
Reply with quote  #2

1550423588
Report to moderator
Your Bitcoin transactions
The Ultimate Bitcoin mixer
made truly anonymous.
with an advanced technology.
Mix coins
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1550423588
Hero Member
*
Offline Offline

Posts: 1550423588

View Profile Personal Message (Offline)

Ignore
1550423588
Reply with quote  #2

1550423588
Report to moderator
1550423588
Hero Member
*
Offline Offline

Posts: 1550423588

View Profile Personal Message (Offline)

Ignore
1550423588
Reply with quote  #2

1550423588
Report to moderator
1550423588
Hero Member
*
Offline Offline

Posts: 1550423588

View Profile Personal Message (Offline)

Ignore
1550423588
Reply with quote  #2

1550423588
Report to moderator
DireWolfM14
Copper Member
Full Member
***
Online Online

Activity: 308
Merit: 221



View Profile
October 30, 2018, 04:12:19 PM
 #2

Reserved.

Tiki2
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
October 30, 2018, 06:21:41 PM
 #3

This is a great idea.  Here's a tutorial for adding a seed shift to obfuscate the seed phrase.  Looks like you can use it with your formula.

https://bitcointalk.org/index.php?topic=3416202.0
pooya87
Legendary
*
Offline Offline

Activity: 1554
Merit: 1405



View Profile
October 31, 2018, 04:07:00 AM
Merited by dbshck (2)
 #4

i never realized you only need 3 chars for hexadecimal representation of these words since they are smaller than 0800. that was interesting Tongue

and for security purposes I didn't want the actual seed words stamped on the metal. 

what you are stamping now ARE your actual seed words! changing the encoding of it doesn't increase your security by much. if someone knows that piece of metal has something to do with bitcoin (whether it has words on it or hexes) they will be able to easily decode it and steal the coins.
if you want to increase security then you have to encrypt it with a password.

odolvlobo
Legendary
*
Offline Offline

Activity: 2408
Merit: 1227



View Profile
October 31, 2018, 07:49:07 AM
 #5

What about base-64 encoding instead of hex? That's only 2 characters per word.

Buy bitcoins with cash from somebody near you: LocalBitcoins
Buy stuff on Amazon at a discount with bitcoins or convert Amazon points to bitcoins: Purse.io
Join an anti-signature campaign: DannyHamilton's ignore list
pooya87
Legendary
*
Offline Offline

Activity: 1554
Merit: 1405



View Profile
November 01, 2018, 06:09:37 AM
 #6

What about base-64 encoding instead of hex? That's only 2 characters per word.

base-16 or hexadecimal is not case sensitive so you don't have to go through the pain of changing case. but base-64 is. so when stamping it on the metal you will have a harder time, specially if you are doing it by hand not using a machine.

retprogramisto
Member
**
Offline Offline

Activity: 152
Merit: 33

💡 Websites, scripts for BTC web4crypto.xyz


View Profile WWW
November 09, 2018, 03:41:38 PM
Last edit: November 09, 2018, 03:52:16 PM by retprogramisto
Merited by dbshck (3), LoyceV (1), DireWolfM14 (1)
 #7

It is better to encrypt your keys or seed with a password. Encoding can be reversed (and should never be used "for security purposes" because it is not related to security), encryption can only be reversed if you know the password (or you crack the password but with secure passwords longer than 20 chars this isnt a problem yet). You can use gpg --symmetric --cipher-algo AES256 or openssl to aes encrypt your keys/seed with a password then encode the encrypted string to hex/base64/etc. Encryption will make the string longer but also means that no one can steal your coins if you lose your paper wallet and someone reverse engineers your encoding.

Another idea is to print your encrypted seed/keys on credit card size paper, laminate it and store copies securely in different places.

Edit: Your screenshots show google docs and windows. For anything that requires security please use linux, e.g. tails USB and avoid google services.

➡️  💡  𝗪𝗲𝗯𝟰𝗖𝗿𝘆𝗽𝘁𝗼  💡  ⬅️
Websites, scripts, crypto integration for BTC
✔️ Free consultation at Web4Crypto.xyz
DireWolfM14
Copper Member
Full Member
***
Online Online

Activity: 308
Merit: 221



View Profile
November 09, 2018, 04:16:00 PM
Last edit: November 20, 2018, 10:17:37 PM by DireWolfM14
 #8

It is better to encrypt your keys or seed with a password. Encoding can be reversed (and should never be used "for security purposes" because it is not related to security), encryption can only be reversed if you know the password (or you crack the password but with secure passwords longer than 20 chars this isnt a problem yet). You can use gpg --symmetric --cipher-algo AES256 or openssl to aes encrypt your keys/seed with a password then encode the encrypted string to hex/base64/etc. Encryption will make the string longer but also means that no one can steal your coins if you lose your paper wallet and someone reverse engineers your encoding.

Another idea is to print your encrypted seed/keys on credit card size paper, laminate it and store copies securely in different places.

Edit: Your screenshots show google docs and windows. For anything that requires security please use linux, e.g. tails USB and avoid google services.

All very good suggestions, thank you.

The google doc is merely to share the information, I also recommend against storing private keys or seeds on cloud services.  I use an off-line computer to generate the wallet seeds, and only access the wallets using master public keys on my on-line PC.  

For this particular batch of backups I wanted to avoid encryption because I want my kids to be able to decode the seeds in case I'm no longer around.  The backups will be stored in a safe, to which my kids will receive the combination upon my demise.

Adriano2010
Hero Member
*****
Offline Offline

Activity: 966
Merit: 511



View Profile WWW
November 09, 2018, 06:10:16 PM
 #9

Interesting idea. But i think is more safer hold coins on hardware wallet and also add an extra word to passphrase. I use a hardware wallet and never had a problem. But your idea is good, just to save down passphrase and only you know for what is and how to decrypt it, even if someone steal it 99% will not know for what is it or how to decrypt it.

pooya87
Legendary
*
Offline Offline

Activity: 1554
Merit: 1405



View Profile
November 10, 2018, 03:38:07 AM
 #10

For this particular batch of backups I wanted to avoid encryption because I want my kids to be able to decode the seeds in case I'm no longer around.  The backups will be stored in a safe, to which my kids will receive the combination upon my demise.

in that case you might want to also include a clue of what that backup is and also a walk-through of how to convert it back to something they can import in a wallet (ie seed) because your method is not a known method that is commonly used and that can impose complications.

LoyceV
Legendary
*
Offline Offline

Activity: 1400
Merit: 2913


Self-made Legendary!


View Profile WWW
November 10, 2018, 10:12:01 AM
Merited by dbshck (2), Husna QA (1), DireWolfM14 (1)
 #11

I see one large shortcoming of this method: you lose all error correction when writing it down.
The BIP39 word list is designed to allow some level of error correction on your hard copy. I've seen people lose access to funds after making several mistakes writing down a private key. If you have to stamp 72 hex symbols into a steel plate, you have to double or tripple check from scratch to make sure you can decode it again. Don't use your existing spreadsheet to do so, but start over with just the piece of metal, and see if you can use an offline LIVE Linux system to recover the seed words (and also the private keys to your addresses) before funding them.

Pages: [1]
  Print  
 
Jump to:  

Bitcointalk.org is not available or authorized for sale. Do not believe any fake listings.
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!