Are there any threats when a user translates exposed mnemonic words?

[Felicity_Tide]

I recently tried generating random mnemonic words after reading about BIP39 and BIP32 (though I haven't fully understood them). I realized that it is possible to generate these words in different languages, but I wasn't sure if translating from one language to another would be a problem, especially in cases involving security or exposure.

Code:

净 歇 切 镜 坯 住 伤 磨 局 彻 川 产

Assuming the mnemonic words above belong to, let's say Mr. A (who lives in China). Another user, let's say Mr. B (who lives in Germany) comes across those words somewhere online (maybe Mr. A accidentally posted them online). If Mr. B decides to translate those words into English so that he can try them on his device,

Is there any chance that he will be able to access Mr. A's wallet?


I have literally tried doing some translation using Google translator, which I doubt if the entire translation is correct. example, this word (川) when translated gives  (Sichuan), which is not an active word under the 2048 mnemonic words that we have.

you can find the list of words here - https://gist.github.com/DMeechan/9761fea1031c95f71c39ac2b80884bc5


This was the site I used in generating the words, which was done for practice purpose - https://iancoleman.io/bip39/#chinese_simplified

[ranochigo]

That's not how BIP39 works. BIP39 works by having mnemonics encode the entropy. The way that it is done per BIP39's specification is that each word is an index on their respective wordlist and the order of which isn't ordered by their meaning. Hence, they're not a direct translation, but independent wordlists.

If you were to translate one, then it would likely fail, either having invalid checksum or invalid mnemonics entirely. If an attacker were to find a mnemonic, there is no reason whatsoever for them to translate it into their own language. You should not be translating sensitive information, that is a poor security practice.

[NotATether]

If you were to translate one, then it would likely fail, either having invalid checksum or invalid mnemonics entirely. If an attacker were to find a mnemonic, there is no reason whatsoever for them to translate it into their own language. You should not be translating sensitive information, that is a poor security practice.

The only way one would translate them legally is to use words from the respective wordlist in the foreign language, and even this assumes that not only are all the words present in the  other wordlist, but they are in the same positions as the ones in the first list. Neither of these which are really the case so that arrangement prevents this type of attack from being carried out.

[nc50lc]

Assuming the mnemonic words above belong to, let's say Mr. A (who lives in China). Another user, let's say Mr. B (who lives in Germany) comes across those words somewhere online (maybe Mr. A accidentally posted them online). If Mr. B decides to translate those words into English so that he can try them on his device,

Is there any chance that he will be able to access Mr. A's wallet?

The only chance for the translated mnemonic is if he came across a collision in PBKDF2 HMAC-SHA512 which is what's used to compute the seed (hdseed) from the mnemonic code (seed phrase).
It's the actual words that are hashed and not their positions in the word list nor meaning.

Just from the size of the output alone, having a collision is almost impossible to occur, even if you consider every steps in the derivation from seed to master and extended keys.

....Or just use the words as is, why translate tho.

[SilverCryptoBullet]

Assuming the mnemonic words above belong to, let's say Mr. A (who lives in China). Another user, let's say Mr. B (who lives in Germany) comes across those words somewhere online (maybe Mr. A accidentally posted them online). If Mr. B decides to translate those words into English so that he can try them on his device,

Is there any chance that he will be able to access Mr. A's wallet?

If you can not guess a wallet's seed words in one language, assuming it is English, correctly to hack it and steal bitcoin, you can not guess it in other languages too like Japanese or two Chinese types.

If you are the wallet owner, and want to back up your wallet in not only English but in one more language like Chinese, you must use the official word list from BIP.

Like this word list for BIP39

https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md

English
Japanese
Korean
Spanish
Chinese (Simplified)
Chinese (Traditional)
French
Italian
Czech
Portuguese

If you use translation tool to do it, don't use the official word list, your translated wallet's seed words have risk of unusable. You will not want to self create problems for your coins like this.

[ABCbits]

--snip--
....Or just use the words as is, why translate tho.

Which assume Mr. B aware that BIP 39 words also provide non-english wordlist. In addition, not all wallet which support BIP 39 provide full support for non-english word list. Website mentioned by OP support all 10, while Electrum 4.5.5 seems only to support 5[1].

[1] https://github.com/spesmilo/electrum/tree/4.5.5/electrum/wordlist

[Felicity_Tide]

Neither of these which are really the case so that arrangement prevents this type of attack from being carried out.

Which assume Mr. B aware that BIP 39 words also provide non-english wordlist. In addition, not all wallet which support BIP 39 provide full support for non-english word list. Website mentioned by OP support all 10, while Electrum 4.5.5 seems only to support 5[1].

[1] https://github.com/spesmilo/electrum/tree/4.5.5/electrum/wordlist

You are correct about the arrangement order. As I just tried it, and noticed that the words are different in terms of arrangement. English are arranged alphabetically, while Chinese on the other hand uses frequency and stroke count (according to what I found on the net). From the GitHub link provided above, I think the Chinese must have been written using the frequency order, which puts 一(also known as one) in index 1 for Chinese simplified and index 1237 for English.

Which I think makes ranochigo point and other explanation very correct as well.


https://en.m.wiktionary.org/wiki/Appendix:Mandarin_Frequency_lists/1-1000

[ranochigo]

Which assume Mr. B aware that BIP 39 words also provide non-english wordlist. In addition, not all wallet which support BIP 39 provide full support for non-english word list. Website mentioned by OP support all 10, while Electrum 4.5.5 seems only to support 5[1].

[1] https://github.com/spesmilo/electrum/tree/4.5.5/electrum/wordlist

That is a good point that should be emphasized more. BIP39's proposal actually strongly discourages using any language other than English simply because most wallets don't bother with other languages; BIP39 does have 10 wordlists but you'll probably have people asking why not more.

Besides that, do not ever translate your passphrase because it can potentially introduce tons of ambiguity and headache; one word in English can have many different permutations in Chinese and most of which are 2 words instead of 1. Dependency on wordlist is cited as a motivation for the Electrum wordlist and the fact that they're not so fond of BIP39 also makes sense for a less comprehensive implementation.

[NotATether]

That is a good point that should be emphasized more. BIP39's proposal actually strongly discourages using any language other than English simply because most wallets don't bother with other languages; BIP39 does have 10 wordlists but you'll probably have people asking why not more.

BIP39 also has no version number which makes it impossible to update the standard, which was another reason behind the motivation to create the Electrum wordlist.

Efforts to add new languages to the BIP39 official wordlist repository have also ground to a halt because nobody is merging those changes into the BIP repository, and in many cases, comments and communication have simply ceased.

[hosseinimr93]

In addition, not all wallet which support BIP 39 provide full support for non-english word list. Website mentioned by OP support all 10, while Electrum 4.5.5 seems only to support 5[1].

Electrum displays a message saying "unknown wordlist" if you import a non-English BIP39 seed phrase, but you can import any BIP39 seed phrase in any of those 10 languages in electrum and it will generate the wallet with correct addresses.
Note that those 5 wordlists are the default wordlists that can be used by electrum for generating a seed phrase and that doesn't mean electrum allow you to import seed phrase in only 5 languages.

[JiiBs]

I wanted to test this and see how it goes so, I went ahead with it.

Before I proceed, I’ll like to remark that, the necessary precautions were taken for this experiment based on, the curiosity of the OP. I was driven to give it a try, ignoring the scenario as described but, just an attempt to see how it plays out.

I used the provided word list as provided

https://github.com/spesmilo/electrum/tree/4.5.5/electrum/wordlist

Although, I noticed a striking similarities between both as, the one link of wordlist provided by Silvercryptobullet: https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md both had the same sum of words which is 2048 in total.
The difference here as earlier noted was, in the number of languages each offered.
I even went as far as comparing the positioning of words and they were the same.

Okay, getting down to the experiment, I took precautions as, I can’t let out my seed phrase.

Precautions:
1. I had to see how to change my mobile device to some other language and return. Can’t get myself caught up in a language situation.
2. I proceeded to creating a new wallet with a new seed phrase.
3. I wrote down the seed phrase in there order. Ensuring to denote them top and bottom. The top was numbered in ascending order of arrangement while, the bottom was numbered according to there positioning on the word list.
4. I proceed to delete wallet and attempt importing using same seed but, with a different language.

Result:
It was a failed attempt. Not in the sense that the wallet didn’t open successfully as I didn’t get to that phase.

Now, most of the under listed languages hard there alphabets in English with a few exceptions which was Russia.
Korea and Chinese didn’t follow the regular keyboard format. It had this analog phone kind of display keys and I couldn’t proceed.
What was intended was to have the regular key placement and with the aid of a different device, find it’s placement and key in the words for result.

In conclusion, the experiment remained inconclusive…
With reference to the scenario in OP, there isn’t any need to translate should you know of such key. It’s the same key and it would perform its function just fine.

[ranochigo]

Efforts to add new languages to the BIP39 official wordlist repository have also ground to a halt because nobody is merging those changes into the BIP repository, and in many cases, comments and communication have simply ceased.

It's quite a chore to review all of the phrases between the languages, getting them peer-reviewed and then merging them. The criteria for the mnemonics are strict and the process of building and checking those can't be automated. On top of that, having wallets supporting those. It's no surprise that this would receive little traction and they have repeatedly said that it isn't recommended to be using anything other than English.

[odolvlobo]

I wasn't sure if translating from one language to another would be a problem, especially in cases involving security or exposure.

There is no danger of collision by translating a phrase into another language. The word lists for the various languages are completely unrelated. For example, many of the words in the traditional Chinese list are different from the words in the simplified Chinese list. Anyway, even if they were a related, the odds of having the same words as a phrase in another language would be no greater than having the same words in the same language.

...
4. I proceed to delete wallet and attempt importing using same seed but, with a different language.

Result:
It was a failed attempt. Not in the sense that the wallet didn’t open successfully as I didn’t get to that phase.

Your translated seed phrase failed or will fail to open the same wallet simply because the text of the translated seed phrase is different from the original.

A BIP-39 wallet only decodes the seed phrase in order to check its validity. It does not use the decoded seed phrase for anything else. Instead, the wallet uses the text itself to generate the master private key.

Any text can be used as a seed phrase as long as the wallet allows it (as electrum does). Try creating an electrum BIP-39 standard native segwit wallet using the phrase "JiiBs". It will warn "Unknown BIP39 wordlist", but you can still create a wallet. The master public key of that wallet is:

Code:

zpub6qVU5aSLvHuqGjAciGvu6u178v6x1E7LhAweKHv63w1Qbp152nvDYQhRD1sCbXxPrcJo6TefAFNG4GZnKk4ToNRrQBdcbYECv2zsANeRSuj

[btc78]

Why would you need to translate? These words represent a seed phrase that will generate a set of private keys. If you were to figure out how to place the mnemonic words in their correct order then you could have access to that wallet in the very language it was presented

However I am sure there are word lists that only correspond in that specific language and knowing how languages and even dialects work, there is a huge possibility that you will not be able to translate all word directly and accurately that will match in another language's word list.

[ABCbits]

In addition, not all wallet which support BIP 39 provide full support for non-english word list. Website mentioned by OP support all 10, while Electrum 4.5.5 seems only to support 5[1].

Electrum displays a message saying "unknown wordlist" if you import a non-English BIP39 seed phrase, but you can import any BIP39 seed phrase in any of those 10 languages in electrum and it will generate the wallet with correct addresses.
Note that those 5 wordlists are the default wordlists that can be used by electrum for generating a seed phrase and that doesn't mean electrum allow you to import seed phrase in only 5 languages.

You're right. I just tested it (with Italian/Italiano language) and Electrum show correct address, even though that language isn't exist on link i mentioned. I think i have misunderstand about how Electrum store/retrieve BIP39 word list.

[hosseinimr93]

I think i have misunderstand about how Electrum store/retrieve BIP39 word list.

To generate a wallet from a seed phrase, electrum doesn't need to know the wordlist at all, however the wordlist is required for verifying the checksum when you import a BIP39 seed phrase. That's why electrum can't verify the checksum and displays a message saying "Unknown wordlist", but generates the wallet correctly.