When you create a Bitcoin wallet, the software or hardware gives you a sentence, to keep carefully, usually composed of 12 or 24 words. This article describes everything you need to know about this phrase as a user. What is the role of the recovery phrase? How does it work? What are the best practices for not losing your bitcoins?
The real technical name for this backup phrase is “mnemonic phrase” or “mnemonic phrase.” However, it is often named in various other ways:
recovery phrase;
Passphrase;
Seed phrase;
24-word sentence;
Backup (backup);
Mnemonic code...
What is the role of the recovery phrase?
In previous articles, we learned that bitcoin ownership was usually represented by knowing pairs of cryptographic keys. The recovery phrase is a backup that allows access to all the keys of a deterministic and hierarchical wallet.
It is used to recover access to bitcoins in case of breakage, theft or loss of wallet support. If you lose access to yours, you will be able to regenerate it only with its recovery phrase. For example, if you have a wallet on your phone, and it no longer works, you can regain access to your bitcoins by entering your recovery phrase into another compatible Bitcoin wallet software.
“Wallet” means “wallet” in English.
The recovery phrase is thus a backup that allows you to recover all the keys of a Bitcoin wallet. The user can therefore use a large number of different keys, without having to worry about saving them one by one each time.
How does a recovery phrase work?
A Bitcoin wallet groups together different pairs of keys, each allowing to unlock a portion of the user's bitcoins. The vast majority of wallets used are said to be “deterministic and hierarchical” (HD). This technical term describes how the keys to your Bitcoin wallet are derived.
Today, wallet keys are no longer created randomly, but deterministically based on unique information at the base of the portfolio. This information is the recovery phrase. In other words, the bitcoins you own are locked using key pairs. These allow you to spend your bitcoins, and are created from a single piece of information: the sentence of 12 or 24 words. With this sentence, you can derive all the key pairs in the wallet using various cryptographic processes.
The wallet is called “deterministic and hierarchical”, since the keys are derived deterministically from the passphrase, and there is a hierarchy between the information: there are parent key pairs, daughter pairs, granddaughter pairs... This HD wallet standard was originally described with the BEEP 32 in 2012. The mnemonic phrase, for its part, comes from the BEEP 39, and dates from 2013.
A “BIP”, for “Bitcoin Improvement Proposal” is a formalization of a proposal to improve the Bitcoin protocol. This makes it possible to submit to system users a suggestion for updating the system.
In order to maintain the randomness necessary for the generation of cryptographic keys, the mnemonic phrase itself comes from a random number. In other words, for the sentence to be secure, it must come from uncertain and unpredictable information. The stronger this random generation process is, the more secure your mnemonic phrase will be.
Why is the recovery phrase represented by 24 words?
A mnemonic phrase is initially information, of a standard size, that can be described in various ways. The use of words is an encoding used to facilitate the storage of this information. They are determined by their location within a List of 2048 words defined in BIP39.
The words on this list are in English. In theory, BIP39 also provides us with a list in 11 different languages, including French. In reality, very few Bitcoin wallet software is compatible with non-English lists. Although you can later calculate the French/English equivalent, it is strongly recommended to use only the English list from the start.
For example, it is possible to save your passphrase in binary form, with zeros and ones that follow each other. However, this method is not used since the information would be complex to save and users would surely make mistakes when writing it. Thus, this unique information is encoded at the base of the HD wallet in the form of a sentence, so that humans can easily write it down and avoid errors.
The size of the information depends on the number of words you want. The two most common standards are 12-word sentences and 24-word sentences, respectively derived from 128-bit and 256-bit entropy. To form a valid sentence, we add a checksum of the entropy to the end of the entropy.
A checksum is a small block of data, from another block of data, allowing the integrity of the latter to be checked. In English, we talk about “checksum”. In the case of the recovery sentence, the checksum makes it possible to ensure that we did not make a mistake in writing the words. This information is particularly useful when you enter your sentence into software in order to retrieve your keys.
Each word is an 11-bit encoding. Thus, to go from a mnemonic sentence in binary format to a sentence in the form of words, we divide the information into packets of 11 bits. Each pack is then associated with a word according to its place in the list of 2048 words.
For example, if my first randomly drawn package is 10110000001 in binary (base 2), in decimal (base 10), this gives 1409. We will therefore recover the 1410th word from the list provided. In this case, it would be” Rabbit ”.
Tip: These 2048 words were chosen so that none of them have the same first 4 letters in the same order. So you can save your recovery phrase with only the first 4 letters of each of your 24 words in order. This allows you to save space on your backup media. For example, if my first word is “rabbit,” all I need to do is write down “rabb.”
In terms of security, the bigger the sentence, the more resistant it is to brute-force attacks. The NIST (National Institute of Standards and Technology) recommends a minimum security of 112 bits until 2030. A sentence of 12 words comes from an entropy of 128 bits. As a result, a 12-word sentence is still secure today, but it will become risky more quickly than a 24-word sentence. This security can be improved with the use of a Passphrase.
What is the difference between the mnemonic phrase and the private key?
The recovery phrase should not be confused with private keys. A recovery phrase is a sequence of words that can be used to recover all the private keys in a wallet. Thus, the same HD wallet has a single recovery phrase giving access to numerous private keys.
Technically, from the point of view of the Bitcoin system, it is the signatures made with the private keys that make it possible to spend bitcoins. At the wallet level, it is the mnemonic phrase that allows access to private keys.
The mnemonic phrase is therefore not a password that we would provide to the Bitcoin system to recover our funds. No, it is the source information that allows us to derive our keys. The phrase makes it possible to create and regenerate private keys. The private keys allow the associated bitcoins to be spent.
Warning: if you use a passphrase on your HD wallet, then the 24-word sentence alone is not enough to recover your bitcoins. You will need to have both of these pieces of information in order to be able to regenerate the wallet keys.
It is very simple. All you have to do is keep your recovery phrase offline, on a physical medium, in a legible way.
The words must absolutely be kept in the correct spelling, and in the order given. A sentence with messy words is useless, so be sure to number each word and keep them in order. Furthermore, Never split your passphrase into several parts. It's a bad idea.
The two main options for keeping your mnemonic phrase are paper and metal. If you only have a small amount of Bitcoin, writing your sentence down on a piece of paper is a good option. On the other hand, if you have a larger amount of money, it is appropriate to engrave this sentence on a metal support, for example, stainless steel. This type of support allows you to prevent the risk of fire, collapse and flooding at the storage site. In order to choose your metal support, I advise you to study stress tests carried out by Jameson Lopp.
Don't copy your sentence onto a digital medium. It is a bad practice. We thus forget photos on the phone, digital documents or even password managers. Your sentence should definitely stay out of any digital medium.
To ensure the validity of your passphrase, it is essential to do a recovery test before sending funds to the wallet. The process for this test is very simple:
You create your wallet and write down your recovery phrase on a suitable physical medium;
You write down sample information from the wallet on a piece of paper during the test. You can use the first xpub, the first receiving address or even the master key fingerprint;
You return your empty wallet to the factory settings. In other words, you delete it voluntarily, as long as it does not have bitcoins, to simulate a situation of loss or theft;
You are trying to recover the empty wallet that was just deleted with only a copy of your recovery phrase;
By verifying the witness information noted, if you come back to the same wallet, the transaction is successful.
This test allows you to be convinced that the copy of your recovery sentence is operational. It also serves as a training in the process of recovering a Bitcoin wallet, so you know exactly how to act in an emergency later on.
You should also think about how many copies of the sentence you want to have. The more you increase the number of copies, the more you increase the risk of theft. Conversely, the more you decrease the number of copies, the more you increase the risk of loss. Generally, one or two copies are sufficient, but it is up to you to make your own choice based on your situation.
Obviously, you should think about where to store the various copies of your sentence. It is up to you to determine them based on your environment. In any case, it is worth considering the two risks associated with its storage: theft and loss.
Yes, but if you follow the standards, it can only come from human error. The probability of finding another user's recovery phrase is so low that it can be considered zero. If the generation of this sentence is random enough, it is impossible for a hacker to be able to find yours, unless there was direct access to it.
Thus, it is important to remain vigilant against the numerous phishing attempts that exist. Bitcoin users are often the target of scammers who ask, in various ways, to send them the recovery phrase for their wallet. Whatever happens, you should never give this sentence to a third party. Anyone who has access to your recovery phrase can steal your bitcoins, and there is no recourse available to recover them.
No employee at Bitstack, your hardware wallet manufacturer, or any other entity will ask you to send them your recovery phrase. This applies even in the most urgent situations. If you give your recovery phrase to another person, you have literally lost your bitcoins. Anyone asking you to send it to them, by any means of communication, whether physically or online, on a website or on software, should always be considered a scammer by default.
The mnemonic phrase makes it possible to regenerate all the private keys of a wallet, and therefore by extension, to spend all the bitcoins kept by it.
It is absolutely essential to fully understand the function of the wallet recovery phrase before starting to store your bitcoins. It plays a backup role and thus presents risks of theft and loss. It is important to take care of your storage in order not to lose your bitcoins irrevocably.
The principle of the mnemonic phrase was created on Bitcoin to facilitate the personal custody of one's funds. Even so, some people don't want to worry about it and can simply let Bitstack do it for them. So, on Bitstack, you have a choice: you can choose to keep your bitcoins on the platform, or you can withdraw them to your personal wallet at any time.
.png)
