generate last word in 24 word seed key

[someloser]

ti-84 calculator to generate 24 random words and python & vs code (offline) to output 8 last word options, picking one of those at random with dice.

[1715360942]

1715360942

[1715360942]

1715360942

[1715360942]

1715360942

[un_rank]

I am not the best with javascript and cannot be of much help. But is there any exact reason for why you want to generate your own seed, especially if you are not particularly sure of how to go about it?

I consider it safer to have it generated on an open source, reputable wallet software lik bitcoincore, than to attempt to do it directly. Also there is no significant added security if you go for 24 words over 12, both are technically impossible to break.

- Jay -

[pooya87]

This is not how we generate a seed phrase, we don't pick words then brute force the last one to have a correct checksum. Instead we generate a fixed length entropy and compute the checksum on that, then encode the whole thing into words.

If you want to see how it's done and use the source code that is already available, check out the BIPs page. It has 4 implementation in JavaScript that you can use: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#other-implementations

[pooya87]

@pooya87
Is that what I'm doing, picking words then brute force? According to the article I posted, I am randomly generating 24 words using my scientific calculator ti-84, then generating the last word with the entropy from the 24 words and validating the checksum.

Maybe I'm misunderstanding the code you posted since I can't tell if after computing "cs" it is replacing the whole word or just the extra bits.
Basically when you generate words like this you are generating 11 bits at a time so your last word is also 11 "generated" bits but the last word in a BIP39 mnemonic is partly the checksum and partly the generated bits so the extra bits you generated should be discarded or changed.
If you keep randomly selecting the last word then validating the checksum until you get a correct sequence, that is brute forcing. Otherwise if you are discarding the extra bits and replacing them with checksum, it is not.