mnemonic seed – Cut up BIP39 phrases by hand

0
32


I am interested by a approach to break up the bip39 phrases (by hand) and I want to have some opinions on it.

The goal is to retailer the thesaurus in a number of areas, I got here with one thing impressed by one-time-pads.

Instance with a 6 phrases checklist: wrist orient foil naive shock predict

Step 1: convert the phrases with their numeric index

Phrases (W):
1: wrist   -> 2035
2: orient  -> 1252
3: foil    -> 723
4: naive   -> 1173
5: shock   -> 1586
6: predict -> 1357

Step 2: Put together two units, every half stuffed with random numbers between [0; 2047]

Set 1 (S1):
1:
2:
3:
4: random -> 1050
5: random -> 1779
6: random -> 556

Set 2 (S1):
1: random -> 1889
2: random -> 1074
3: random -> 914
4: 
5: 
6: 

Step 3: fill the lacking values of every set so that S1[i] + S2[i] = W[i]

Set 1 (S1):
1: (2048 + W[1] - S2[1]) % 2048 -> (2048 + (wrist=2035) - 1889) % 2048 -> 146
2: (2048 + W[2] - S2[2]) % 2048 -> (2048 + (orient=1252) - 1074) % 2048 -> 178
3: (2048 + W[3] - S2[3]) % 2048 -> (2048 + (foil=723) - 914) % 2048 -> 1857
4: random -> 1050
5: random -> 1779
6: random -> 556

Set 2 (S2):
1: random -> 1889
2: random -> 1074
3: random -> 914
4: (2048 + W[4] - S1[4]) % 2048 -> (2048 + (naive=1173) - 1050) % 2048 -> 123
5: (2048 + W[5] - S1[5]) % 2048 -> (2048 + (shock=1586) - 1779) % 2048 -> 1855
6: (2048 + W[6] - S1[6]) % 2048 -> (2048 + (predict=1357) - 556) % 2048 -> 801

Step 4: write phrases of the units with the values as phrase index

Set 1 (S1):
1: 146 -> banana
2: 178 -> bike
3: 1857 -> development
4: random -> 1050 -> lobster
5: random -> 1779 -> tattoo
6: random -> 556 -> earth

Set 2 (S2):
1: random -> 1889 -> ugly
2: random -> 1074 -> mail
3: random -> 914 -> impulse
4: 123 -> aunt
5: 1855 -> deal with
6: 801 -> goat

Benefits:

  • You finally ends up with two units that appears like legitimate bip39 phrases (apart from checksums).
  • You are able to do this with 2 or extra units.
  • One (ore extra) leaking set doesn’t compromise the personal key in any respect (so long as not less than one is saved secret, phrases are protected).
  • In case somebody asks (in case you are bodily threatened) you may give the robber your 1/n a part of the important thing, or plausibly says that you simply misswritten your phrases (unhealthy checksum), you can’t discover again the important thing for the time being anyway (different elements are positioned elsewhere).

To seek out again the phrases, you merely should sum every set:

Phrases (W):
1: S1[1] + S2[1] -> (146 + 1889) % 2048 -> 2035 -> wrist
2: S1[2] + S2[2] -> (178 + 1074) % 2048  -> 1252 -> orient
3: S1[3] + S2[3] -> (1857 + 914) % 2048  -> 723 -> foil
4: S1[4] + S2[4] -> (1050 + 123) % 2048  -> 1173 -> naive
5: S1[5] + S2[5] -> (1779 + 1855) % 2048  -> 1586 -> shock
6: S1[6] + S2[6] -> (556 + 801) % 2048  -> 1357 -> predict

I would prefer to know if somebody sees any downside or a greater resolution for this case.



Supply hyperlink

Leave a reply