Seed Words

This course assumes familiarity with the Introduction to Bitcoin course. We recommend watching those lessons if you're not already familiar with the concepts of blockchain, mining, nodes, transactions, keys, and HD wallets.

This course covers the most important information you must know in order to safely and efficiently operate a bitcoin wallet.

Within the lessons in this course you will encounter technical words, like “Segwit” or “deterministic” that may sound unfamiliar. Don’t worry if you don’t understand these words. Whatever is necessary to understand is explained in the lessons. The rest of the concepts are considered non-essential, and will be covered in later advanced courses.

There is quite a bit of theory covered in these lessons, and you may feel at times that this is too complicated. Please don’t give up. Everything will seem rather easy once your knowledge is put into practice.

The last lesson in the course will give you hands on practice using a bitcoin wallet on the so called bitcoin testnet, without risking real value.

I assure you, that the knowledge and practice you gain in this course will be well worth your time in ways that is hard to overstate.

The word “wallet” in this course refers to software that runs on a mobile or desktop device. It helps you create accounts, keep track of funds, and send and receive bitcoins. Many bitcoin wallets have been created by the community and various entities, each with slightly different set of features, but essentially they all do the same. In the world of bitcoin, there are also hardware wallets, but those will be discussed in a later course.

The word “account” refers to a set of keys derived from a seed phrase using a specific derivation path for specific address type. A bitcoin wallet can have multiple accounts of different types. For example, you can have two separate accounts for personal and business use within the same mobile wallet. The word “account” is also used in the context of a bitcoin exchange, but that meaning is not relevant in this course.

Seed words, often called mnemonic code or recovery phrase, are a series of words that act as a tool to generate your bitcoin keys. They are most importantly a BACKUP for your wallet that contains these keys. Seed words enable access and recovery of your bitcoin wallet's contents.

Imagine your seed words as magical spells. Through the wonders of mathematics, they can conjure your funds on any secure device you choose.

Alternatively, imagine seed words as a super-strong keychain made of words, holding all your bitcoin private keys.

When you create a new account in your bitcoin wallet, it generates seed words. Store these seed words securely to recover your funds should you lose access to your wallet.

Having your seed words stored safely means you can relax and not worry about losing your bitcoins, even if your wallet fails. Using your mnemonic phrase, your funds can always be recovered.

Originally, the Bitcoin network didn’t use seed words. Users had to back up each bitcoin private key separately in a wallet.dat file using a USB stick.

This method was neither easy nor safe. Therefore, Bitcoin developers devised a way for wallets to generate private keys from a single set of seed words in a reproducible, or deterministic, manner. Seed words allowed the backup of an entire wallet on a piece of paper, without any electronics.

You can read more about this invention in BIP39, short for Bitcoin Improvement Protocol.

There are two main types of seed words:

Typically, if your wallet offers the option to choose between 12 and 24 word seeds, you might want to pick the 12-word option.

For instance, a 12-word seed might be: "apple banana cherry mango pear grape kiwi lemon tree walnut rice palm". Note that in this example the seed has a theme: all words describe plants. This should not be the case with real seed words. They must be completely random, except for the last word, which we'll discuss shortly.

Remember, this is just a non-functional example and should not be used as your seed words. In fact never use seed words given to you by anyone. You must always generate it yourself.

The seed words are based on the aforementioned BIP39 standard, which comprises a carefully curated dictionary of 2048 English words. Each word is distinctively chosen for its uniqueness in the first four letters.

For example, the initial words in the dictionary are 'abandon', 'ability', and 'able'. None of these share the same first four letters, ensuring distinctiveness. Consequently, a word like 'abandoned' is excluded from the dictionary because its first four letters are identical to 'abandon'.

In practice, while only the first four letters of each word are technically necessary for the seed, full words are used to facilitate easier reading and memorization.

Derivation paths dictate how addresses are generated from your seed words. They are like branches from the seed, leading to different sets of addresses. Even with the same seed words, different derivation paths yield different addresses. Therefore, knowing which derivation path standard you used is important for recovery. However, there are only a handful of derivations standards used, so you can easily try all of them to find your funds if you have forgotten to note this particular information down.

The most widely used standard is BIP44, as it supports multiple currencies and accounts, making it versatile for most users.

Adding a passphrase to your seed words, acting as a 13th or 25th word, enhances security. This prevents access to your wallet even if someone knows your seed words.

A passphrase is a good idea, provided you keep it as safe as your seed words, but in a different location. Otherwise, its purpose is defeated.

A passphrase can be any combination of letters, symbols and numbers, you shouldn’t select a word from the BIP39 dictionary as a passphrase.

Most bitcoin wallets use seed words for account generation and backup. When you first download and start your wallet, it typically generates the seed words for you. You're usually asked to write them down and verify your backup by entering or selecting words within the wallet. If you’re not provided with seed words during wallet creation, they are still generated in the background. You may need to find the seed words under the wallet's settings options.

Wallets generate seed words using cryptographic algorithms to ensure high randomness and security. Manual selection of words by a human is discouraged due to inherent biases and patterns, which reduce randomness and security.

While it's theoretically possible to create seed words in any language, real or invented, without relying on the BIP39 English dictionary, doing so is strongly discouraged due to the high risk of error. Moreover, most wallets do not support this approach.

The final word in a seed phrase serves as a checksum, derived from the preceding words. This checksum acts as a verification tool to confirm the seed phrase's accuracy and integrity.

Theoretically, you could ignore the last word in your seed words, as it's just a checksum carrying no extra information. However, it’s a good idea to keep it safe in case any of the words are lost.

Due to this error correction mechanism, if you were to lose any one of the words from your list, you could still recover your funds. If you lost 2 words, the recovery is still possible. But if you lose 3 or more the recovery becomes increasingly impossible.

The likelihood of randomly generating the same set of seed words is extremely low, similar to winning the top prize in a lottery six times consecutively. While in history there have been people who won the lottery more than once in their lifetime, consecutive wins are virtually impossible, even for a network of high powered computers.

Technically, the chances of generating the same seed words is astronomically low: 1 in 2,048 on the power of 12, or approximately 1:5x10^39 (1:5,271,537,971,301,488,476,000,309,317,528,177,868,800).

The security of your wallet depends on the confidentiality of your seed words and passphrase. Anyone with access to your seed words can access your bitcoins.

It’s critical to trust the wallet that creates your seed words. The words must be truly random and should not be leaked to anyone, not even the wallet creators. When generating or entering your seed phrase, use only well-established wallets that have been vetted by the community as safe.

Avoid using publicly available text as your seed words. Do not attempt to create your own story using seed words. Do not use wallets with pre-generated seed words, as others may have seen those words. Wallets set up with weak seed words are likely to be compromised, and the bitcoins within them stolen.

There’s a saying in computer science: “Don’t roll your own crypto”. While it doesn’t refer to cryptocurrencies but to cryptography in general, it reminds you not to invent your own method of generating randomness for seed words. Instead, rely on tried and tested methods.

Your seed words should be accessible only to you, unless you intend to give away your bitcoins. Be vigilant against phishing and scams. If someone asks for your seed words, they are surely trying to steal your bitcoins.

If you suspect that your seed words are compromised, move your funds to a new wallet as soon as possible.

Many people have explored the security of using easily memorable phrases, often referred to as "brain wallets," for storing bitcoins. If someone chooses to use song lyrics as the seed words for their wallet and then transfers bitcoins to an address created from those seed words, those funds are likely to be stolen within seconds or minutes. This rapid loss occurs because there are automated systems constantly monitoring for addresses generated from these predictable or weak mnemonic phrases. As soon as such an address receives funds, these systems immediately extract the funds. This type of theft is sometimes known as "brain wallet harvesting.

In this lesson we learned about mnemonic codes, next we will learn about how to back them up.