[TUTORIAL] How to extend seed phrase in electrum wallet

[Zilon]

Seed phrase, seed recovery or recovery phrase which is said to be an arrangement of words used to gain access to cryptocurrency wallets. In Bitcoin, seed phrases gives users an avenue to backup their wallets. If one looses access to a certain wallet it can be accessed in any BIP39-compactible wallet to recover funds. We have over 2048 words on the BIP39 word list, this means that a string of 12 words would have 128bits of security. This makes hacking or intruding into your wallet a bit studious.

If an intruder wishes to attack a wallet it is expected of such to carryout 2128 operations to guess a 12 word phrase. It might seem to be a small number, but it is more complex than you think. This seed can also be extended to improve security.

Is seed phrase the same as private key

Seed phrase is different from private key in that private key can be considered to be a secret number that allows coin to be spent. It creates a key pair that grants access to wallets. While a seed phrase is simply a representation of a random number. It's an ordered sequence of 12 or 24 words, chosen from a list of 2048 words. Using cryptography, your wallet can derive your private key using your seed phrase. And with that private key, your wallet can spend your bitcoin.

Seed phrase extension
Seed extension is the process of adding more words to the existing seed phrase to strengthen the security of a crypto wallet. This is done while creating a new wallet.
Reserved extension seed phrase:

Code:

abandon
ability
able
about
above
absent
absorb
abstract
absurd
abuse
access
accident
account
accuse
achieve
acid
acoustic
acquire
across
act
action
actor
actress
actual
adapt
add
addict
address
adjust
admit
adult
advance
advice
aerobic
affair
afford
afraid
again
age
agent
agree
ahead
aim
air
airport
aisle
alarm
album
alcohol
alert
alien
all
alley
allow
almost
alone
alpha
already
also
alter
always
amateur
amazing
among
amount
amused
analyst
anchor
ancient
anger
angle
angry
animal
ankle
announce
annual
another
answer
antenna
antique
anxiety
any
apart
apology
appear
apple
approve
april
arch
arctic
area
arena
argue
arm
armed
armor
army
around
arrange
arrest
arrive
arrow
art
artefact
artist
artwork
ask
aspect
assault
asset
assist
assume
asthma
athlete
atom
attack
attend
attitude
attract
auction
audit
august
aunt
author
auto
autumn
average
avocado
avoid
awake
aware
away
awesome
awful
awkward
axis
baby
bachelor
bacon
badge
bag
balance
balcony
ball
bamboo
banana
banner
bar
barely
bargain
barrel
base
basic
basket
battle
beach
bean
beauty
because
become
beef
before
begin
behave
behind
believe
below
belt
bench
benefit
best
betray
better
between
beyond
bicycle
bid
bike
bind
biology
bird
birth
bitter
black
blade
blame
blanket
blast
bleak
bless
blind
blood
blossom
blouse
blue
blur
blush
board
boat
body
boil
bomb
bone
bonus
book
boost
border
boring
borrow
boss
bottom
bounce
box
boy
bracket
brain
brand
brass
brave
bread
breeze
brick
bridge
brief
bright
bring
brisk
broccoli
broken
bronze
broom
brother
brown
brush
bubble
buddy
budget
buffalo
build
bulb
bulk
bullet
bundle
bunker
burden
burger
burst
bus
business
busy
butter
buyer
buzz
cabbage
cabin
cable
cactus
cage
cake
call
calm
camera
camp
can
canal
cancel
candy
cannon
canoe
canvas
canyon
capable
capital
captain
car
carbon
card
cargo
carpet
carry
cart
case
cash
casino
castle
casual
cat
catalog
catch
category
cattle
caught
cause
caution
cave
ceiling
celery
cement
census
century
cereal
certain
chair
chalk
champion
change
chaos
chapter
charge
chase
chat
cheap
check
cheese
chef
cherry
chest
chicken
chief
child
chimney
choice
choose
chronic
chuckle
chunk
churn
cigar
cinnamon
circle
citizen
city
civil
claim
clap
clarify
claw
clay
clean
clerk
clever
click
client
cliff
climb
clinic
clip
clock
clog
close
cloth
cloud
clown
club
clump
cluster
clutch
coach
coast
coconut
code
coffee
coil
coin
collect
color
column
combine
come
comfort
comic
common
company
concert
conduct
confirm
congress
connect
consider
control
convince
cook
cool
copper
copy
coral
core
corn
correct
cost
cotton
couch
country
couple
course
cousin
cover
coyote
crack
cradle
craft
cram
crane
crash
crater
crawl
crazy
cream
credit
creek
crew
cricket
crime
crisp
critic
crop
cross
crouch
crowd
crucial
cruel
cruise
crumble
crunch
crush
cry
crystal
cube
culture
cup
cupboard
cushion
custom
cute
cycle
dad
damage
damp
dance
danger
daring
dash
daughter
dawn
day
deal
debate
debris
decade
december
decide
decline
decorate
decrease
deer
defense
define
defy
degree
delay
deliver
demand
demise
denial
dentist
deny
depart
depend
deposit
depth
deputy
derive
describe
desert
design
desk
despair
destroy
detail
detect
develop
device
devote
diagram
dial
diamond
diary
dice
diesel
diet
differ
digital
dignity
dilemma
dinner
dinosaur
direct
dirt
disagree
discover
disease
dish
dismiss
disorder
display
distance
divert
divide
divorce
dizzy
doctor
document
dog
doll
dolphin
domain
donate
donkey
donor
door
dose
double
dove
draft
dragon
drama
drastic
draw
dream
dress
drift
drill
drink
drip
drive
drop
drum
dry
duck
dumb
dune
during
dust
dutch
duty
dwarf
dynamic
eager
eagle
early
earn
earth
easily
east
easy
echo
ecology
economy
edge
edit
educate
effort
egg
eight
either
elbow
elder
electric
elegant
element
elephant
elevator
elite
else
embark
embody
embrace
emerge
emotion
employ
empower
empty
enable
enact
end
endless
endorse
enemy
energy
enforce
engage
engine
enhance
enjoy
enlist
enough
enrich
enroll
ensure
enter
entire
entry
envelope
episode
equal
equip
era
erase
erode
erosion
error
erupt
escape
essay
essence
estate
eternal
ethics
evidence
evil
evoke
evolve
exact
example
excess
exchange
excite
exclude
excuse
execute
exercise
exhaust
exhibit
exile
exist
exit
exotic
expand
expect
expire
explain
expose
express
extend
extra
eye
eyebrow
fabric
face
faculty
fade
faint
faith
fall
false
fame
family
famous
fan
fancy
fantasy
farm
fashion
fat
fatal
father
fatigue
fault
favorite
feature
february
federal
fee
feed
feel
female
fence
festival
fetch
fever
few
fiber
fiction
field
figure
file
film
filter
final
find
fine
finger
finish
fire
firm
first
fiscal
fish
fit
fitness
fix
flag
flame
flash
flat
flavor
flee
flight
flip
float
flock
floor
flower
fluid
flush
fly
foam
focus
fog
foil
fold
follow
food
foot
force
forest
forget
fork
fortune
forum
forward
fossil
foster
found
fox
fragile
frame
frequent
fresh
friend
fringe
frog
front
frost
frown
frozen
fruit
fuel
fun
funny
furnace
fury
future
gadget
gain
galaxy
gallery
game
gap
garage
garbage
garden
garlic
garment
gas
gasp
gate
gather
gauge
gaze
general
genius
genre
gentle
genuine
gesture
ghost
giant
gift
giggle
ginger
giraffe
girl
give
glad
glance
glare
glass
glide
glimpse
globe
gloom
glory
glove
glow
glue
goat
goddess
gold
good
goose
gorilla
gospel
gossip
govern
gown
grab
grace
grain
grant
grape
grass
gravity
great
green
grid
grief
grit
grocery
group
grow
grunt
guard
guess
guide
guilt
guitar
gun
gym
habit
hair
half
hammer
hamster
hand
happy
harbor
hard
harsh
harvest
hat
have
hawk
hazard
head
health
heart
heavy
hedgehog
height
hello
helmet
help
hen
hero
hidden
high
hill
hint
hip
hire
history
hobby
hockey
hold
hole
holiday
hollow
home
honey
hood
hope
horn
horror
horse
hospital
host
hotel
hour
hover
hub
huge
human
humble
humor
hundred
hungry
hunt
hurdle
hurry
hurt
husband
hybrid
ice
icon
idea
identify
idle
ignore
ill
illegal
illness
image
imitate
immense
immune
impact
impose
improve
impulse
inch
include
income
increase
index
indicate
indoor
industry
infant
inflict
inform
inhale
inherit
initial
inject
injury
inmate
inner
innocent
input
inquiry
insane
insect
inside
inspire
install
intact
interest
into
invest
invite
involve
iron
island
isolate
issue
item
ivory
jacket
jaguar
jar
jazz
jealous
jeans
jelly
jewel
ignore
ill
illegal
illness
image
imitate
immense
immune
impact
impose
improve
impulse
inch
include
income
increase
index
indicate
indoor
industry
infant
inflict
inform
inhale
inherit
initial
inject
injury
inmate
inner
innocent
input
inquiry
insane
insect
inside
inspire
install
intact
interest
into
invest
invite
involve
iron
island
isolate
issue
item
ivory
jacket
jaguar
jar
jazz
jealous
jeans
jelly
jewel
job
join
joke
journey
joy
judge
juice
jump
jungle
junior
junk
just
kangaroo
keen
keep
ketchup
key
kick
kid
kidney
kind
kingdom
kiss
kit
kitchen
kite
kitten
kiwi
knee
knife
knock
know
lab
label
labor
ladder
lady
lake
lamp
language
laptop
large
later
latin
laugh
laundry
lava
law
lawn
lawsuit
layer
lazy
leader
leaf
learn
leave
lecture
left
leg
legal
legend
leisure
lemon
lend
length
lens
leopard
lesson
letter
level
liar
liberty
library
license
life
lift
light
like
limb
limit
link
lion
liquid
list
little
live
lizard
load
loan
lobster
local
lock
logic
lonely
long
loop
lottery
loud
lounge
love
loyal
lucky
luggage
lumber
lunar
lunch
luxury
lyrics
machine
mad
magic
magnet
maid
mail
main
major
make
mammal
man
manage
mandate
mango
mansion
manual
maple
marble
march
margin
marine
market
marriage
mask
mass
master
match
material
math
matrix
matter
maximum
maze
meadow
mean
measure
meat
mechanic
medal
media
melody
melt
member
memory
mention
menu
mercy
merge
merit
merry
mesh
message
metal
method
middle
midnight
milk
million
mimic
mind
minimum
minor
minute
miracle
mirror
misery
miss
mistake
mix
mixed
mixture
mobile
model
modify
mom
moment
monitor
monkey
monster
month
moon
moral
more
morning
mosquito
mother
motion
motor
mountain
mouse
move
movie
much
muffin
mule
multiply
muscle
museum
mushroom
music
must
mutual
myself
mystery
myth
naive
name
napkin
narrow
nasty
nation
nature
near
neck
need
negative
neglect
neither
nephew
nerve
nest
net
network
neutral
never
news
next
nice
night
noble
noise
nominee
noodle
normal
north
nose
notable
note
nothing
notice
novel
now
nuclear
nose
notable
note
nothing
notice
novel
now
nuclear
number
nurse
nut
oak
obey
object
oblige
obscure
observe
obtain
obvious
occur
ocean
october
odor
off
offer
office
often
oil
okay
old
olive
olympic
omit
once
one
onion
online
only
open
opera
opinion
oppose
option
orange
orbit
orchard
order
ordinary
organ
orient
original
orphan
ostrich
other
outdoor
outer
output
outside
oval

https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt

Why should you extend a seed

• Wallet security:
  The longer the phrase the more secure your wallet would be. Preventing Intruders from guessing the phrase.
• plausible deniability:
  It completely denies knowledge of any particular attempt to guess the phrase words and claims such doesn't exist
• Total privacy: This phrase aren't saved on electrum server and is only unique to you alone.

How to set up seed extension

step 1: from www.electrum.org download the app to your preferred device.



Step 2: click on next to which would take you to where you would select the wallet type you prefer.



Step 3: from the menu select your preferred wallet type.



Step 4: proceed to create your own personal new seed from the BIP39 word list.



Step 5: write down your seed phrase in a save document, from the seed phrase menu click on the settings icon



Step 6: click on the box provided to add the seed phrase selected from the list of reserved words




Step 7: enter the custom words you wish to extend your seed phrase with.



Disclaimer:
The images provided is for illustration purpose only and does not belong to anyone.


Source
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki



[/list]

[1714117920]

1714117920

[1714117920]

1714117920

[1714117920]

1714117920

[1714117920]

1714117920

[1714117920]

1714117920

[Upgrade00]

If an intruder wishes to attack a wallet it is expected of such to carryout 2128 operations to guess a 12 word phrase.

It is far more difficult than that and not feasible for a hacker to correctly guess the entire seed phrase of an address, even without an extra passphrase as it's more complex than simply guessing any random 12 words.
Also, a seed phrase can be used for plausible deniability; to create an address which is different from the original one, this can be used to hide balances should the holder find themselves in any trouble.

[nc50lc]

Seed phrase extension
Seed extension is the process of adding more words to the existing seed phrase to strengthen the security of a crypto wallet. This is done while creating a new wallet.
Reserved extension seed phrase:

Code:

-BIP39 seed wordlist-

Take note that the extension doesn't necessarily have to be a word from BIP39 wordlist.
It can be any word, phrase or even symbols, the "Seed Phrase Extension" is actually a passphrase a.k.a. "BIP39 Passphrase".

[SquirrelJulietGarden]

Hackers steal your seed when your store it online or in devices that you use to connect to Internet. Your devices need to be clean and seed backup need to be in encrypted files.

If you secure your devices well and don't connect it to the Internet more than you need, the risks of hacks will be less.

Many people use Notepad to store their private keys, seeds or passwords and it is too bad. Unencrypted and vulnerable to hacks.
Worthy to note.

Wallet with extended phrase is a different wallet than the one without extended phrase. If your create a wallet with extended phrase, and store your Bitcoin in that one, you must back up wallet seed (default) and extended one. Secure them and make sure you don't make typos for back ups.

If anything is inaccurate, you will get troubles when recover that wallet. At worst, you will lose your Bitcoin.

[pooya87]

We have over 2048 words on the BIP39 word list,

We have multiple word lists each in a different language but in each word list there is exactly 2048 words (not over it).

this means that a string of 12 words would have 128bits of security.

To be clear this is a combination of the number of words and the length of the word list but generally speaking the security of the mnemonic comes from the size of the entropy. A 128 bit entropy providing 128 bits of entropy could be encoded using a bigger list to have smaller number of words or a smaller list and have larger number of words but the security remains the same.

If an intruder wishes to attack a wallet it is expected of such to carryout 2128 operations to guess a 12 word phrase.

It is 2¹²⁸ not 2128 and it is not the number of operations, it is the number of possible values for a 128 bit entropy.
When copying text from elsewhere you should take note of the formatting!

It might seem to be a small number, but it is more complex than you think. This seed can also be extended to improve security.

Extension most of the times does not provide additional security because for one users don't use a truly random input as their extension word and also the algorithm used to derive the keys is not strong enough.

Seed phrase extension
Seed extension is the process of adding more words to the existing seed phrase to strengthen the security of a crypto wallet.

Not exactly correct. I alraedy explained why it is not providing security, also it is not "adding more words" it is adding an arbitrary string which can be words or literary anything else like a bunch of emojis or a random password like "jz7P*s&{$Ys5+GoJoA".

[o_e_l_e_o]

Further corrections to the ones already given above:

• Wallet security:
  The longer the phrase the more secure your wallet would be. Preventing Intruders from guessing the phrase.

If you want more security for your seed phrase than 12 words, then the correct course of action is to generate a 24 word seed phrase, not to add an additional passphrase. Further, bitcoin private keys have 128 bits of security, so anything beyond a 12 word seed phrase doesn't add very much when considering brute force attacks.

• plausible deniability:
  It completely denies knowledge of any particular attempt to guess the phrase words and claims such doesn't exist

Plausible deniability is the main reason to use passphrases, but just using one is not enough to give you plausible deniability. You have to keep the existence of the passphrase protected wallet secret, which includes ensuring there is no blockchain evidence linking it to your other wallets.

• Total privacy: This phrases aren't saved on electrum server and is only I have to you alone.

Your seed phrase isn't saved on Electrum servers either, and should also not be known by anyone other than you.

[Zilon]

Further corrections to the ones already given above:

• Total privacy: This phrases aren't saved on electrum server and is only I have to you alone.

[/s]

Your seed phrase isn't saved on Electrum servers either, and should also not be known by anyone other than you.

Correction taken
li]Total privacy: This phrase aren't saved on electrum server and is only unique to you alone.[/li]
[/list]

[BlackHatCoiner]

Total privacy: This phrase aren't saved on electrum server and is only unique to you alone.

I find this part of the post a bit misleading. What does it have to do with privacy? The addresses you'll derive from that seed will be known from the server(s) you're connected to. The seed phrase doesn't provide privacy, it *just* recovers your wallet. Going non-custodially surely provides better privacy in contrast with an online wallet. But, keeping yourself private depends on how you will transact. (e.g: Making coinjoin transactions, revealing your master public key etc)

This is what you may wanted to say, but you haven't formulated it properly. You've added this under “Why should you extend a seed”, which isn't true. If you extend your seed you aren't increasing your privacy strength. You strengthen the security of your wallet. The odds for someone to successfully find a seed collision.

[pooya87]

I find this part of the post a bit misleading. What does it have to do with privacy? The addresses you'll derive from that seed will be known from the server(s) you're connected to.

I believe OP was under the impression that the seed phrase the wallet create is shared with Electrum servers! which is obviously not true.

If you extend your seed you aren't increasing your privacy strength. You strengthen the security of your wallet. The odds for someone to successfully find a seed collision.

The extra words do not provide any meaningful security to your wallet.
And the odds of finding a collision is already high due to the big size of the entropy used to generate the seed phrase and is not really improved by adding extra words.

[BlackHatCoiner]

The extra words do not provide any meaningful security to your wallet.

I'd like to examine the chances.

Let's assume that someone wants to brute force a certain legacy address you own, knowing that you've derived it from a master private key that was also derived from a seed. Let's also assume that he knows the derivation path of your address.

The chances of finding your address are 1 in 2¹⁶⁰, since he'll stop once he successfully finds your RIPEMD-160 hash. Whether he tries on twelve or twenty four words (128 or 256 bits), he'll stop once he finds the hash collision.

This means that on average, finding your seed phrase will be 2³² times easier than with brute forcing the address itself, excluding the different operations that need to be taken for a seed and for just an address.

I'm just adding the numbers decimally:

Code:

2^128 = 340282366920938463463374607431768211456 (12 words)
2^160 = 1461501637330902918203684832716283019655932542976 (RIPEMD-160 hash different combinations)
2^256 = 115792089237316195423570985008687907853269984665640564039457584007913129639936 (24 words)

So yes, it may not provide any significant security to your wallet. It just makes brute forcing meaningless, since it'd be quicker if you brute forced the address instead of the seed phrase.

[pooya87]

It just makes brute forcing meaningless, since it'd be quicker if you brute forced the address instead of the seed phrase.

Brute forcing is already meaningless because the entropy size is big enough to make it impossible. Adding a very small step on top of it can not be considered a security measure. Also if we assume that the seed phrase is leaked, it is safe to assume that the extra words are also leaked.
Also saying one impossible thing is easier than another impossible thing is like saying going to Uranus is easier than going to Neptune! Or in this case not even Neptune but only one of Uranus's close by satellites.