safety – Personal key to mnemonic phrases, is it secure?

0
73


Quick reply is sure however you should not, see level 1 beneath, and lengthy reply isn’t any its not secure or advisable.

I might say what you’re proposing which is akin to a brain-wallet type single non-public/public key pair on this query is inadvisable for a number of causes:

1) The largest threat is a scarcity of return change tackle (because of the absence of BIP32) within the case of sending something lower than the complete steadiness will lead to 100% lack of the distinction (see right here for extra )

2) due to the checksum utilized in BIP39 which might alter your pasted binary information (i.e. pasting 256 bits for twenty-four phrases will later provide you with again 264 bits due to the 8-bit checksum that’s appended to the final 11-bit group).

2) Apart from Electrum, most wallets solely enable the importing of mnemonic restoration phrases which can be BIP39 checksum compliant and will not will let you use an elliptic curve non-public key. In my view, it’s higher to have a checksum compliant mnemonic, regardless of its safety being 256 bits, or 8 bits decrease than 264-bit mnemonic with no legitimate checksum. As a result of it’s extra broadly usable throughout pockets, in case electrum goes down or now not works/supported, and so on…

3) Decoding dangers: in case you are utilizing a software program that generates the non-public key in Base58 format, there’s potential payload/checksum information connected that can enhance the danger for errors when changing again to hex manually. In any other case, in case your are acquiring the non-public key in hex format, and are completely positive that it’s the appropriate one by way of the elliptical curve calculation to derive the general public key and subsequent bitcoin formatted tackle, you may backup that string of hex characters in quite a few methods.

Nonetheless, it might be higher to again up the whole bip 39 Mnemonic crypto vault after which use an offline instrument to entry any associated wanted non-public key equivalent to Ian Coleman’s BIP39 instrument offline (word: I’m a contributor to that Github repo). Though you’ll nonetheless should take care of changing Base58 encoded non-public keys, which I do not reccomend until you understand 100% how to take action with out error.

4) Error checking: not all 256-bit numbers are legitimate non-public keys, as per the Elliptic Curve specs utilized in Bitcoin (here’s a associated relevant publish). So there have to be error checking in case you are producing the non-public key your self manually, to verify the secret is smaller than the utmost permitted worth 0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141.

5)Concerning potential collision of personal keys with mnemonics: sure there such collision, and it might be equal to 2 individuals randomly selecting or guessing the identical non-public key (i.e., if the preliminary entropy for a mnemonic is similar entropy for an elliptic curve non-public key). In any other case, the keyspace of personal keys is the referenced above in level 4, and no two non-public keys level to the identical tackle on the elliptic curve secp256k1 utilized in Bitcoin. The preliminary entropy vary is 2^256 which is the same as the vary of potential mnemonics 2048^24 minus the mnemonics with invalid checksums (in any other case the keyspace of mnemonics could be 2^264 ==2048^12 with out the checksum requirement however each nonetheless would not change the curve non-public keyspace ).

Once more, I believe it might be safer to observe the business commonplace and use an HD pockets (which you’d backup with a mnemonic).

P.S. You possibly can additional compress your backup utilizing simply the primary 4 letters of every of the 24 phrases, supplied that you’re utilizing the English BIP39 model, and concatentate them as a string of 44 characters. However when importing right into a pockets, some do not autocomplete and you could have to lookup phrases manually from the record of 2048 BIP39 English phrases. I take advantage of an ecoding scheme that may additional scale back the 44 charcters to 22 characters (together with particular symbols and numbers) with no data loss, however solely to enrich backups and never as a standalone alternative for BIP39 mnemonics.



Supply hyperlink

Leave a reply