Key generation with mnemonic phrases
by Minto
One of the most common ways to access cryptocurrency wallets is the mnemonic or seed phrase. It is a sequence of words that is used to generate cryptographic keys.
These words are chosen randomly from a special list known as BIP39, which contains 2048 words that do not change, they are known to everyone and are in the public domain. Each word in this phrase encodes a certain number of bits of information. For example, a standard mnemonic phrase consists of 12 or more words, which provides a sufficient level of security.
The process of key generation using a mnemonic phrase consists of several steps:
First, the user selects a random mnemonic phrase from the BIP39 list or it is generated automatically. These words should be written down in the exact order and should not be shared with third parties under any circumstances.
To create the seed key, a SHA-256 hash function is used to process the mnemonic phrase. The hash result is a random sequence of bits that is used as the seed key.
From the seed key, pseudo-random numbers are generated using a cryptographically strong function. These numbers can be used to create any number of keys, such as private and public keys for cryptocurrency wallets.
It is important to note that the mnemonic phrase is the only means of key recovery. Therefore, safe storage is a critical aspect of security. It is best to write it down on paper or a flash drive.
Even though key generation using a mnemonic phrase does not require users to have specific skills and knowledge of cryptography, it provides a greater level of security than just strong passwords.
Some may argue that one can safely use cryptocurrency without any phrases, using the example of exchanges and online wallets, which are registered by mail or phone number and a password. Another point is that the usual 2FA is a much more convenient and reliable security system.
This is certainly true. But in this case, the user completely ignores the fact that cryptocurrency in such centralized, or rather custodial services does not belong to the user.