I'm impressed by how little content there is related to BIP-85, which is one of the most interesting features ever implemented in the Bitcoin code and which makes life easier for those who maintain multiple seeds due to having to create seeds for each occasion or device.
Many people use more than one recovery seed for different purposes or on different wallets, making the backup process laborious and tedious, doing some research on Google, I found this
reddit article and so far it is the best explanation about BIP-85. I used it as a basis to write this post and added more technical details.
BIP39 mnemonics carry an incredible amount of information: a hex seed that generates the BIP32 root key (xpriv), from which you can generate infinite addresses for each derivation path, and if you add a passphrase, you can generate new BIP32 extended keys, child keys, etc. BIP-85 is simply a function that mathematically derives in a deterministically way new values such as mnemonics, extended keys, WIF keys (and even
passwords) from your seed, acting as a parent seed or master seed. Derived seeds are unique and have no relation to each other; you cannot use a child seed to calculate another seed derived from the parent seed, nor can they be traced back to the value of the parent seed. You can use the parent seed to recreate any derived seed.
Just as your recovery seed always generates the same keys and addresses for a wallet, with BIP85, your seed will always generate the same child seeds using an index number. I should also mention that it is impossible for anyone with a child seed and its index number to calculate the parent seed that generated it. The derived seed cannot be reverse engineered to determine the parent seed. If one or more seeds are compromised, the parent seed will still be safe.
With the deterministic entropy generated by BIP85 from your parent seed, you can create a variety of seeds to set up virtually any type of wallet or for friends and family by assigning an index to each of them, remembering that each index generates a different child seed. Since the calculations involved are repeatable (deterministic), you only need to backup the parent seed and remember the index number, and whenever you want, you can use the parent seed to derive the child seed by specifying the index number of the child seed.
How will BIP85 help you make the most of your wallet?You can use your current recovery seed or create a new one if you prefer, but don't use it as your wallet. Instead, use that seed as a parent seed with a BIP85 index number to generate child seeds.
For example, you can assign an index like "0" to use as your desktop wallet, you can use index "1" to use as your mobile wallet, and so on. You have saved 2 seeds in one (parent seed).
Combining BIP85 + PassphraseIt's extremely important that you have come this far and fully understand how the passphrase and BIP85 work, otherwise you run the risk of doing something you may regret! This is where we start to add more complexity by bringing more security.
When adding a passphrase, the derived child seeds will be completely different due to the use of the passphrase, so if you are going to use a passphrase, you must save the parent seed, passphrase and the index number, otherwise you will not be able to derive the seeds derived by the original seed + passphrase.
Combining BIP85 by deriving a new child seed adds an extra layer of security with the passphrase, the generated child seeds will be fully protected by the passphrase. You can think of this as a second factor of authentication, so even if your parent seed is compromised, since your child seeds are protected by the passphrase, these child seeds will only be accessible if you have the combination: parent seed + passphrase + index number used.
In short...Child seeds derived from the parent seed
without passphrase = Anyone who has your parent seed has access to all child seeds derived from the parent seed through their index numbers. All the attacker can do is try to guess your child seed with a balance by trial and error or by using a computer to brute force it.
Child seeds derived from the parent seed
with passphrase = Your parent seed, even if compromised, anyone who has your parent seed
but not the passphrase, DOES NOT have access to the child seeds derived from your seed through BIP85 in conjunction with the passphrase, because to generate the same child seeds, both the parent seed + passphrase are needed and there is also the index number, in case the user used a completely random index number.
Disadvantages...Unfortunately, despite being an incredible feature, it's present in few wallets, even in most hardware wallets it's not present, but you can use the iancoleman script and similar ones to run it offline and generate your child seeds.
It's very complex for beginners, so at least in my opinion, i do not encourage its use if you are a complete beginner, because despite the practicality and extra security provided, it can bring a big headache if you don't have enough knowledge and are not aware of the risks.
Some wallets that I am aware of that support BIP-85:- Coldcard
- Passport
- Bitbox02
- SeedSigner DYM
- Specter DIY
- Airgap
There are more wallets that have such support, but i didn't mention them here for these reasons: i don't recommend them and/or I've never used them.
Have you ever used the BIP85? Do you think it adds any practicality to your setup?
Below i leave all the links I have gathered that address the subject.
https://github.com/bitcoin/bips/blob/master/bip-0085.mediawikihttps://bip85.com/https://www.reddit.com/r/Bitcoin/comments/1bawk6a/tutorial_using_bip85_to_back_up_your_seeds/https://bitcointalk.org/index.php?topic=5493685.msg64107683#msg64107683https://airgapit.medium.com/secure-mnemonic-management-with-bip85-9af386159657https://jirijakes.com/text/bip85/https://www.reddit.com/r/BitcoinBeginners/comments/11sk6k6/help_me_better_understand_bip85/https://guides.bitcoinsupport.com/guides/v/coldcard/more-features/bip-85-wallets
