Investing in bitcoin can be a thrilling and potentially lucrative endeavour; for the first time, we have truly digitally native money you can proveably own. Before you even purchase your first bitcoin, you should be planning to take control of it through self-custody.
Self-custody is the act of creating a private and public key pair. The private key is the part only you possess and proves that you own funds. While funds can be sent to several public keys tied to that private key, you remain in control of all funds. As the sole custodian of your funds, you now take on the responsibility of safeguarding access to your private key because it is not stored anywhere else.
You’re the only one who knows what the key is, you’re the only one who can make copies of it, and you should find the best way to secure that key so you never lose it or expose it to anyone, be that online or offline.
Using bitcoin with a set of private keys eliminates third-party custodial risk, but it also comes with the risk of theft and loss, which makes understanding the concept of seed phrase essential to your bitcoin experience.
When generating a private key or seed phrase, you must use bitcoin wallet generation software or a hardware signing device. This software or signing device will randomly generate a set of 12 or 24 words that will form your seed phrase.
For the software to generate random phrases, it requires entropy. Seed phrase entropy refers to the randomness and complexity of the words used to generate a Bitcoin wallet, and it is what makes secure storage and investing possible.
What is seed phrase entropy?
A seed phrase is a mnemonic code consisting of 12-24 words used to generate and recover your bitcoin wallet. It is sometimes called a backup phrase, recovery phrase, or mnemonic sentence.
If you’ve set up a bitcoin wallet before, you may be familiar with the process, you would follow the prompts, and you’re handed a set of words. You trust that the software you use will generate the phrase, and you will save it by writing it down and not making any digital copies.
In simplest terms, seed phrase entropy refers to the level of randomness and complexity in words used to generate a bitcoin wallet. The higher the seed phrase entropy, the more secure your wallet is from someone being able to guess the words and the order of those words. A high level of entropy ensures that your wallet’s private key is virtually impossible to guess or crack through sheer computing brute force.
Seed phrase entropy is usually achieved through the use of a random word generator, which generates a sequence of words that are unique to your bitcoin wallet. In this process, you’re handing over the entropy to the randomness of the software. Generating a seed phrase in this way is done by asking the software to run through a hashing function, specifically SHA-256, to generate the checksum. Part of the checksum is then added to the random data.
The output is split into chunks of 11 bits, where each 11-bit chunk maps to a single word on the official BIP39 word list.
It’s important to note that not all seed phrases are created equal. A seed phrase with low entropy, including easily guessable words or phrases, is far less secure than one with higher entropy.
Modern bitcoin wallets often abstract the ability to generate your own entropy to make it easier for users to get on board with little to no friction. Still, if you’re looking to build a cold storage stack for the long term, you might want to involve yourself in this extra step. By adding a strong, random word generator and taking the time to test your seed phrase for weaknesses, you can significantly increase your wallet’s security and protect your investments from theft or loss.
How to generate a seed phrase?
There are several ways to generate a seed phrase, such as:
- Bitcoin wallet software
- Bitcoin signing device
- Calculator with a random function
Yes, the dice you would blow on and throw at the craps table gambling your nest egg away on a weekend bender can be used to secure your bitcoin in a non-digital and completely offline method of seed phrase generation. To do this, you’ll need dice, a pen and paper, and the BIP39 word list – be prepared to do some math!
You can use a single die if you want, but it is recommended to use multiple dice. You’ll create entropy by generating a large random number and then using those numbers to generate a seed phrase.
The entropy generated has to fit specific parameters for generating a seed phrase. The random data must be between 128 bits and 256 bits of entropy and also be divisible by 32.
- 128 bits of entropy maps to a 12-word seed phrase
- 160 bits of entropy maps to a 15-word seed phrase
- 192 bits of entropy maps to an 18-word seed phrase
- 224 bits of entropy maps to a 21-word seed phrase
- 256 bits of entropy maps to a 24-word seed phrase
If you’re not mathematically inclined and the entire process just gives you a headache, you can opt for a wallet like the ColdCard that simplifies the process. You would roll the dice and input those numbers into the ColdCard.
How to test your seed phrase entropy?
Apart from generating a strong seed phrase, it’s also important to test it for weaknesses. You can do this by using tools like Seedpicker or Ian Coleman’s BIP39 tool, which can check the quality and strength of your seed phrase. By conducting these tests, you can detect potential issues with your seed phrase, such as duplicate or weak words, and fix them before using them for your bitcoin wallet.
If you do want to mess around with seed phrase entropy testing tools, please ensure that you run it on your local device in an offline capacity, and if you are going to use online tools, use it on a burner wallet you don’t plan to use and only as an experiment to test the tool or your methodology for generating entropy.
High entropy doesn’t protect you from stupidity.
You can have a seed phrase with the highest entropy possible and still lose your funds. If you’re generating a seed phrase using an internet-connected device, there are a myriad of ways your internet connection or device could be compromised. That is why it’s always better to use a device that is separated from the internet or create a virtual machine to generate your keys.
Another way many people compromise their bitcoin keys is by storing their 12 words in digital form like a text file, a word document or worse a cloud document or screenshot. If someone gains access to that file, it doesn’t matter how good your entropy was in generating those keys; it won’t help you.
To safeguard against compromising your keys and enhance your bitcoin security, you can enlist the help of a bitcoin signing device. This device, often called a hardware wallet, allows you to sign Bitcoin transactions securely without exposing your private keys to potential attackers. By using a signing device in combination with your seed phrase, you can add an extra layer of protection since these devices are self-contained and often air-gapped.
Feed your seed.
Regarding bitcoin security, seed phrase entropy is non-negotiable but automated for most bitcoin users, but it doesn’t mean understanding it and how it works should be tossed aside. If you are going to live the ethos of bitcoin and never trust, only verify, then applying your own entropy is a worthwhile endeavour.
If you are planning to store generational wealth for the long term, the least you can do is add a few steps to your seed generation process.
Once you have your seed phrase, always look to employ safety best practices so you can stay ahead of potential threats and take control of your investments. Remember, as the world of bitcoin continues to evolve, so do the risks. Invest in your bitcoin knowledge and security today, and enjoy the peace of mind that comes with it.
Do you take self-custody of your stack?
If you’re new to bitcoin and have not ventured down the self-custody rabbit hole, what is stopping you? If you’re already self-sovereign, how has the experience been since you took hold of your funds? Let us know in the comments down below. We’re always keen to hear from bitcoiners from around the world.