The latest articles on DEV Community by George (@dekadent85). https://dev.to/dekadent85 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3097554%2F1d63c5b1-e3a7-4ba7-baae-2b2cb8f36a0f.png https://dev.to/dekadent85 en George Sun, 27 Apr 2025 21:41:36 +0000 https://dev.to/dekadent85/dissecting-bip-39-under-the-hood-how-mnemonic-phrases-and-private-keys-work-with-python-code-5cgl https://dev.to/dekadent85/dissecting-bip-39-under-the-hood-how-mnemonic-phrases-and-private-keys-work-with-python-code-5cgl <h2> Introduction </h2> <p>BIP-39 (Bitcoin Improvement Proposal 39) is a standard that converts random entropy bits into human-readable mnemonic phrases. These 12–24-word phrases are used to recover cryptocurrency wallets. In this article, we will explore how BIP-39 works at the code level and write a Python example to generate a mnemonic phrase and derive a private key.</p> <h2> How Does a Mnemonic Phrase Work </h2> <p><strong>1. Generating Entropy</strong></p> <p>BIP-39 starts with creating random entropy (128–256 bits). For example, 128 bits of entropy produce 12 words, while 256 bits produce 24 words. More entropy means higher security.</p> <p><strong>2. Checksum Addition</strong></p> <p>A checksum is appended to the entropy. Its length depends on the entropy size:</p> <ul> <li>128 bits → 4-bit checksum </li> <li>256 bits → 8-bit checksum This allows verifying the phrase’s correctness during wallet recovery. </li> </ul> <p><strong>3. Mapping to a Wordlist</strong></p> <p>The combined bits are split into 11-bit groups, each corresponding to a word from BIP-39’s predefined list (2048 words). For example, <em>01011010101</em> might map to <em>apple</em>.</p> <h2> Practice: Generating a Mnemonic in Python </h2> <p>Here’s a Python code snippet to generate a mnemonic phrase. We will use the <em>hashlib</em> and <em>bitstring</em> libraries.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import hashlib import secrets from bitstring import BitArray # Generate entropy (128 bits) entropy = secrets.token_bytes(16) # 16 bytes = 128 bits # Add checksum entropy_bits = BitArray(entropy).bin checksum_length = len(entropy_bits) // 32 hash_entropy = hashlib.sha256(entropy).digest() checksum = BitArray(hash_entropy).bin[:checksum_length] full_bits = entropy_bits + checksum # Split into 11-bit chunks indices = [] for i in range(0, len(full_bits), 11): chunk = full_bits[i:i+11] indices.append(int(chunk, 2)) # Load BIP-39 wordlist (example) bip39_words = [ "abandon", "ability", "able", ..., "zoo" ] # Full list: https://bip39-phrase.com/ mnemonic = " ".join([bip39_words[index] for index in indices]) print("Mnemonic phrase:", mnemonic) </code></pre> </div> <h2> Converting a Mnemonic to a Private Key </h2> <p>According to BIP-39, the mnemonic and an optional passphrase are converted into a 512-bit seed using <strong>PBKDF2-HMAC-SHA512</strong>. This seed is used to derive private keys via BIP-32/BIP-44.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import hashlib import hmac # Password (optional) passphrase = "" salt = "mnemonic" + passphrase # PBKDF2 seed = hashlib.pbkdf2_hmac( "sha512", mnemonic.encode("utf-8"), salt.encode("utf-8"), 2048, # Recommended iterations 64 # Seed length (64 bytes = 512 bits) ) print("Seed (hex):", seed.hex()) </code></pre> </div> <h2> How Do BIP-32 and BIP-44 Work? </h2> <ul> <li> <strong>BIP-32 (HD Wallets)</strong> enables hierarchical key derivation from a single seed.</li> <li> <strong>BIP-44</strong> defines a structure for multi-currency wallets (e.g., <code>m/44'/0'/0'</code> for Bitcoin).</li> </ul> <p>To derive private keys, use derivation paths. For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>from bip32utils import BIP32Key # Example for Bitcoin (BIP-44) bip32_key = BIP32Key.fromEntropy(seed) child_key = bip32_key.ChildKey(0x80000000) # Hardened path private_key = child_key.WalletImportFormat() print("Private key:", private_key) </code></pre> </div> <h2> Tools for Working with BIP-39 </h2> <p>To test mnemonics or convert phrases to private keys, use these tools: </p> <ul> <li> <a href="https://bip39-phrase.com/seed-phrase-to-private-key-converter/" rel="noopener noreferrer">https://bip39-phrase.com/seed-phrase-to-private-key-converter/</a> — derive private keys and addresses for different blockchains using BIP-32/BIP-44 paths. </li> <li>Ian Coleman’s BIP39 Tool (<a href="https://iancoleman.io/bip39/" rel="noopener noreferrer">https://iancoleman.io/bip39/</a>) — a popular open-source offline tool. </li> </ul> <h2> Critical Warnings </h2> <p><strong>1. Entropy Security</strong></p> <p>Always use cryptographically secure generators (e.g., Python’s secrets). Avoid homemade solutions. </p> <p><strong>2. Offline Generation</strong></p> <p>Tools like Ian Coleman’s BIP39 should run offline to eliminate leakage risks. </p> <p><strong>3. Never Share Your Seed Phrase</strong></p> <p>Your seed phrase equals your private key. Even open-source tools should be audited for backdoors. </p> <h2> Conclusion </h2> <p>BIP-39 bridges human-readable phrases and cryptographic keys. Understanding its mechanics helps build secure wallets and avoid critical mistakes. For testing, online tools can be used, but always store real assets in trusted hardware wallets. </p> <p><strong>Additional Resources:</strong> </p> <ul> <li>Official BIP-39 Repository <a href="https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki" rel="noopener noreferrer">https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki</a> </li> <li>BIP-32 and BIP-44: How HD Wallets Work (<a href="https://vault12.com/learn/crypto-security-basics/what-is-bip39/" rel="noopener noreferrer">https://vault12.com/learn/crypto-security-basics/what-is-bip39/</a> </li> </ul> python bip39 cryptocurrency