What Is A Seed Phrase?
A Bitcoin seed phrase — also called a recovery phrase, wallet backup seed, or mnemonic phrase — is a list of 12-24 common English words that contain all of the information required to restore a Bitcoin walletWhat Is A Bitcoin Wallet? A Bitcoin wallet is an app or software that enables you to send, receive, and store bitcoin. Although the term "wallet" is commonly used, bitcoin... if it is lost, stolen, damaged, destroyed, or compromised. Both hot wallets and cold wallets are compatible with seed phrases for Bitcoin recovery, although the process may look slightly different, depending on which type of wallet you’re using for recovery.
Anyone with these words can access all of the bitcoin in the corresponding wallet.
Here is an example of a 12 word seed phrase:
napkin humble august gun title list original stairs quit attitude unlock cannon
Here is an example of a 24 word seed phrase:
retire combine legend ticket original sauce judge put verify purchase bomb age fit rough coconut puppy flock cluster immense fever pudding reunion into uncle
Without seed phrases, it would be much more difficult to transcribe, record on paper, read without error, export, and import into other Bitcoin wallet software.
Seed Phrase Vs. Private Key
While the term private keyWhat Are Bitcoin Keys? Bitcoin keys are randomly generated strings of numbers and letters that are used to send bitcoin and/or verify ownership of a bitcoin address with a digital... is often used interchangeably with seed phrase, it’s not an accurate comparison. They’re actually each independent components of Bitcoin security.
Seed phrases represent (encode) a random number known as your “wallet seed”, which you use to generate all of the private keysWhat Are Bitcoin Keys? Bitcoin keys are randomly generated strings of numbers and letters that are used to send bitcoin and/or verify ownership of a bitcoin address with a digital..., public keys, and addresses in your Bitcoin wallet. Since wallet seeds are long strings of numbers and letters, encoding them in a human readable format reduces the risk of error and potential loss of your bitcoin.
How Do Seed Phrases Work?
A seed phrase’s primary function is to convert computer-generated randomness (your Bitcoin wallet seed) into a human-readable format that is less prone to error. A 12-word seed phrase encodes 128 bits or entropy and a 24-word seed phrase encodes 256 bits of entropy.
Seed phrases are generated using a few basic steps.
- Create some entropy (randomness) between 128 bits and 256 bits (inclusive). This can be done with coin flips, dice rolls, playing cards, a word lottery, or a computer random number generator (RNG).
- Encode every 11 bits as a seed word.
- Calculate a checksumUnderstanding Bitcoin Checksums In order for bitcoin to “work” properly, there are countless small details and processes that all have to align in order to carry out each transaction running... (used to generate the final seed word)
The end result is a randomized string of 12 or 24 words that make it easier to recognize and securely store your Bitcoin wallet’s private key.
These words all come from BIP39.
BIP39 Word List
In order to make Bitcoin wallets more flexible, a bitcoin improvement proposalWhat Is A BIP? BIP is short for a Bitcoin Improvement Proposal and as the name suggests, they are proposals on how the bitcoin network can be improved. BIPs are... was published that implements a standard set of guidelines known as the BIP39 standard to make seed phrases interoperable across different Bitcoin wallets. In the event that a wallet is lost, stolen, damaged, deleted, or compromised, you can recover it using a different wallet that didn’t generate the seed phrase.
The BIP39 word list is made up of a carefully curated collection of 2048 words commonly used in the English language.
The BIP39 word list been carefully crafted so that each word can be identified using only the first four letters. Similar words have been avoided so users won’t be confused by words like “woman” vs. “women” despite the fact that their first four letters aren’t identical.
To make Bitcoin wallets more accessible to people throughout the world, people are producing seed word lists in foreign languages that follow similar criteria but eliminate difficult verb endings and diacritic marks.
BIP39 Passphrase
As an added layer of security, you can use a BIP39 passphrase to generate multiple different Bitcoin wallet seeds with the same seed phrase.
Some other important characteristics of BIP39 passphrases:
- BIP39 passphrases are not limited to only letters. They use the complete ASCII character set: 0-9, A-Z, a-z, and symbols !@#$%^&…
- You can’t store passphrases on a hardware walletWhat Is A Hardware Wallet? A Bitcoin hardware wallet is a dedicated device for generating and storing private keys as well as signing bitcoin transactions in a secure offline environment.... device. You must re-enter your passphrase every time you power on your hardware device.
- Passphrases are case sensitive and will display an empty wallet if entered incorrectly.
- Every single character matters. Even a blank space ” ” is considered a character.
- Each passphrase that you use creates an entirely new and completely different wallet using the same seed phrase.
Disclaimer: Passphrases do come with some risks, so you should first gather a full and complete understanding of the complexity risks and security benefits associated with them.
Generating Your Seed Phrase
There are multiple ways to generate a seed phrase with your own entropy (randomness). You can use physical binary entropy by flipping a coin (0 and 1), rolling dice (1-6), randomly selecting playing cards (2-10,J,Q,K,A), randomly selecting each word via a lottery (SeedSticks or similar tool), or you can trust your wallet’s random number generator (RNG) to generate one for you but this comes with its own set of security and privacy risks.
- Random Word Lottery: You can manually select from a random word lottery to generate 11/12 or 23/24 seed words and then use an offline computer to calculate the final checksum word. You can generate a seed phrase by writing down all 2048 words from the BIP39 word list and randomly select each word out of a bag.
- Dice: To generate entropy with dice, you can roll dice 99 times to generate 256 bits of entropy (~2.584 bits of entropy per dice roll) and then use a hardware wallet to convert all of that entropy into the words needed to generate a seed phrase.
- Playing Cards: You can generate a seed phrase with a deck of playing cards and a corresponding system to map each word to a combination of playing cards. Once you have selected 11/12 or 23/24 seed words, you can use a hardware wallet to calculate the final checksum word.
- Binary: To generate binary entropy, you can flip a a coin 11 times for a single seed word, record all of the results on paper, and then use some basic math to map each set of 11 coin flips to one of the 2048 seed words. 12 words require 128 coin flips whereas 24 words requires 256 coin flips.
- Trust: Finally, you can also trust your Bitcoin wallet to generate a seed phrase for you and just hope that your wallet’s random number generator (RNG) is truly random and that the wallet developers don’t have a copy of whatever seed phrases that your wallet gives you.
Writing Your Seed Phrase
As soon as you generate a seed phrase with as much entropy as you would like, the next step is to write it down so that you will easily be able to recover your bitcoin in the unfortunate event that you lose access to your wallet.
Writing your seed phrase down on standard paper is fine for smaller amounts of bitcoin and while you are learning. As soon as you have a large enough amount of bitcoin that you want to ensure that it is protected from most forms of physical damage and will last a lifetime, it is best practice to stamp your seed words into metal.
Storing Your Seed Phrase
Safely storing your seed phrase is yet another important layer of Bitcoin protection. After stamping your seed words into metal or writing them somewhere else that’s secure and durable, you will need to store it in a secure location that is safe for your own particular risk tolerances and circumstances.
For most bitcoiners, simply stamping all of their seed words into stainless steel and storing it in a safe is perfectly fine. For larger amounts of bitcoin, you may need to consider some additional backups and layers of protection.
What is most important is that you protect your bitcoin from yourself, your friends/family, bad actors, search & seizure, and natural/unnatural disasters.
Recovering Your Bitcoin Wallet
In the event that you need to recover your Bitcoin wallet, you need to be sure that you recover it in a private and secure environment that protects your seed phrase from any potential threats during the recovery process.
It is best practice to recover your wallet all alone and avoid entering any of your seed words directly into a computer keyboard in plain text. Using a hardware wallet will likely provide you with all the protection you need but using a hardware wallet device that is completely air-gapped and incapable of connecting to the internet at all (such as a SeedSigner) is the best option.
Does Seed Phrase Word Length Matter?
Generally speaking, the greater the number of words that you use, the more entropy (randomness) it has, which usually translates to more security, but that isn’t automatically true.
While 24 seed words takes much greater effort to crack than just 12, the amount of computational power required to brute force (systematically guess with powerful computers) is the same if the attacker has the public keyWhat Are Bitcoin Keys? Bitcoin keys are randomly generated strings of numbers and letters that are used to send bitcoin and/or verify ownership of a bitcoin address with a digital... of 24 word wallet due to limitations on the elliptical curve cryptography.
How Many Possible Seed Word Combinations Are There?
Since a seed phrase can be 12 to 24 words long, and there are 2,048 different words, the more words there are, the more possible word order combinations there are. If someone were to guess one of the words in your phrase, they would still need to guess the remaining 11 (or 23) words before they could access your bitcoin.
- 12 words has 2,048^11 possible combinations. It’s not 2,048^12 because the last word contains a checksum.
- 24 words has 2,048^23 possible combinations. Again, the last word contains a checksum. This means that it is far more difficult for someone to guess a 24 word seed phrase than just 12 words.
As a result, 24 word seed phrases are generally considered to be more secure than 12 words against brute force attacks where a computer is used to systematically guess your seed word order.
Guessing Every Word And Order
Is it possible for someone to guess your seed phrase?
In order to determine a wallet’s 12 word seed phrase without knowing any of the 12 words, you would need to guess all 12 words (out of 2,048 possible words) and in the correct order.
That’s 2,048^11 which is 2,658,455,991,569,831,745,807,614,120,560,689,152 possible combinations with a 12 word seed phrase.
If you’re trying to guess a 24 word seed phrase, that’s 2,048^23 which is 14,474,011,154,664,524,427,946,373,126,085,988,481,658,748,083,205,070,504,932,198,000,989,141,204,992 which is a MUCH larger number.
In fact, it’s 5,444,517,870,735,015,415,413,993,718,908,291,383,296 times larger.
You can verify the math if you’d like. Here’s the equation: (2,048^23)/(2,048^11).
So even though a 24 word seed phrase only has 2 times the number of words, the number of possible combinations is 5 duodecillion times greater.
FAQs about Seed Phrases
Q: Are seed phrases case sensitive?
A: Seed phrases are not case sensitive. As long as you enter the correct seed words into your wallet in the correct order, it should restore your wallet.
Seed phrases are not to be confused with BIP39 passphrases which are case sensitive and will display an empty wallet if entered incorrectly.
Q: Can I use my seed phrase with any wallet?
A: Your seed phrase can be used with any other wallet that has integrated the BIP39 standard for wallet recovery. You will need to be sure that the new wallet that you are using to recover your existing wallet uses the same key derivation paths.
For recovering a Bitcoin wallet, Sparrow Wallet is a desktop walletWhat Is A Desktop Wallet? A Bitcoin Desktop Wallet is a bitcoin wallet that runs on a desktop/laptop computer and provides the highest level of functionality for building and broadcasting... that supports a large number of different key derivation paths, passphrases, multisigWhat Is MultiSig? Multisig, short for multiple signatures, is a security measure that requires multiple signatures in order to authorize and send a bitcoin transaction. It is a feature in... setups, and the most popular Bitcoin hardware wallets.
For learning what settings your wallet may have, this wallet recovery tool is one of the best resources available.
Q: Can I change my seed phrase?
A: Once a seed phrase has been generated, it cannot be changed but there is no limit to the number of seed phrases that you can generate. Additionally, there is also no limit to the number of different passphrases that you can use with each and every seed phrase.
If you feel that your Bitcoin wallet has been compromised, it is best practice to generate an entirely new seed and transfer all of your bitcoin to the new wallet.
Q: What happens if I lose my seed phrase?
A: In the unfortunate event that your Bitcoin wallet is lost, stolen, damaged, destroyed, or otherwise compromised, you will need to use your seed phrase to recover your wallet. If you lose your seed phrase, then there is no way to recover your wallet and all of the bitcoin in that wallet are considered to be lost forever.
To avoid losing any bitcoin, it is of the utmost importance to secure your seed phrase.