Skip to main content
search
All Posts By

Nico

Nico
In Advanced, Blog, Dapps, Devs

Seed Phrase vs Private Key: a technical overview

Seed phrase

Seed phrase and private key are two terms that are tightly related but are different things. When setting up a new crypto wallet such as Metamask, Ledger or Trezor, among others, a list of 12 or 24 common words is given to the user to back up. That list is the so-called seed phrase, an “easy to remember, easy to backup” word list. 

A private key is a large binary string used by a crypto wallet for signing the transactions that later will be sent to the chain. 

In this article we are going to take a journey from the generation of the seed phrase to the multiple wallet address generation, making a special stop at the private key creation and paying attention to the technical details of this process. 

How is the seed phrase generated? The BIP39 proposal

BIP stands for Bitcoin Improvement Proposal. They are documents that describe a proposal for improving the Bitcoin blockchain ecosystem. BIP39 is called “Mnemonic code for generating deterministic keys” and describes the process of generating the mnemonic code. Here’s how it is done:

The words are taken from a word list that is available in several languages. The length of the list is always 2048 (2048 = 2¹¹, the number of bits used for grouping ENT + CS).
The quantity of words produced depends on the amount of entropy bits (ENT – the randomness factor of the initial seed). Typically the lengths used are 128 bits, leading to 12 words, and 256 bits, resulting in 24 words.

How is the private key generated? 

Binary seed

Once the mnemonic seed phrase is obtained, numerous private keys can be generated from it. That is why wallets such as Metamask and Trezor are able to generate any number of accounts needed with only one seed phrase.

To generate the private keys from the seed phrase, the initial step involves computing a binary seed derived from the mnemonic. This computation uses the key stretching algorithm PBKDF2 with HMAC-SHA512, where the seed phrase is concatenated with the string “mnemonic” and a password utilized as a salt. In instances where no password is utilized, only the term “mnemonic” is appended.

Employing PBKDF2 increases the time and computational power needed for brute-force attacks, rendering it highly impractical to utilize this approach for cracking a seed phrase.

It is worth mentioning that this process and the seed phrase generation are completely separated processes. This process can be used with a mnemonic seed generated from a totally different process.

Private keys

Now it is time to use the binary seed to generate private keys (and from those, public keys and wallet addresses). The following process describes what it is known as a HD Wallet (Hierarchical Deterministic Wallet). First we need to create a Master Private Key, a Master Public Key and a Master Chain Code from the Binary seed:

From this derivation we will produce all the accounts we need in a deterministic way. To create new accounts, we require:

  • Either the Master Private Key or the Master Public Key.
  • The Master Chain Code: this will be used as a source of entropy. 
  • A 32 bit integer number used as index.

In the diagram above we used the Master Private Key, but as said earlier we can also use the Master Public Key. The difference between using one or the order is generating a Hardened Key or a Normal Key, but that is out of the scope of this article. 

We can create a virtually limitless quantity of private keys with this method either by changing the index or using a Child Key as a Master Key and repeat the process. This way we can have a tree of private keys.

Gluing it all together

We saw how a seed phrase is generated, used to generate a binary seed that then is used to generate a Master Private Key. This Master Private Key allows us to generate multiple Child Private Keys.

Public Keys and Wallet addresses are derived from Child Private Keys. It is a chain of derivation:

Does this mean that I always need a seed phrase to generate private keys? No! In fact, at the beginning of the blockchain era, all private keys were created individually.

Security

Is it worth trying to guess a seed phrase? Imagine that your seed phrase is composed of only one word of the word list. This means that the attacker has to try only 2048 combinations to derive your private key and steal all your assets. Suppose that deriving a private key with a specific combination takes 1 millisecond, then, it would take around 2 seconds to test all the possibilities!

Imagine now that your seed phrase is composed of two words of the word list. This means that the attacker has to try 2048 x 2048 = 2048² = 4194304 combinations to derive your private key. Assuming the 1-millisecond scenario, it would take the attacker around 1 hour and 10 minutes to test all the possibilities. That is a lot more!

Let’s repeat the process but now with 12 words. This means the attacker has to try 2048¹² = 5444517870735015415413993718908291383296 combinations. It would take around 2048¹²÷1000÷60÷60÷24÷365 ≈ 172644529132896227023528466479 years.

Conclusion

We saw the main difference between seed phrase vs private key, how it helps to keep your assets safe (by saving a phrase instead of a very long easy to forget number). 

Are we at the end of the road? It doesn’t seem to be the case, even though this is a huge improvement on how wallets are created, managed and recovered it is still not enough to enable massive adoption of the crypto ecosystem. There are currently a lot of efforts to make the crypto space more user friendly. A proof of that is Ethereum’s ERC-4337, known as “account abstraction” that will, among other things, allow the user to use standard methods of authentication such as fingerprint instead of having to store a mnemonic phrase.

The crypto space traveled a long distance to be where it is today, but there’s still a lot ahead that needs to be explored, new methods to develop and new things to be discovered. In my opinion, this is just the beginning of this amazing trip. Even though mnemonic phrases are the way-to-go today, it is worth paying attention to the new solutions that arise from the community. One or many of those new ideas will help to on-board the next generation of users and allow the mass adoption of this amazing technology.

We are always looking for Web3 talent !

Mighty Block is one of the partners of Forte, a platform to enable game publishers to easily integrate blockchain technologies into their games. We believe blockchain will enable new economic and creative opportunities for gamers around the world and have assembled a team of proven veterans from across the industry (Kabam, Unity, GarageGames, ngmoco, Twitch, Disney), as well as a $100M developer fund & $725M funding, to help make it happen. That’s where you come into play.

Feel free to browse all our current open job opportunities in the following link 👇

View our open positions
Nico
In Advanced, Blockchain, Blog, Web3

Zero-Knowledge Proofs Decoded: A Simple Intro

Zk Proofs

It’s common to hear about web3 initiatives incorporating or aiming to incorporate ZK-proofs for increased privacy. The notion of Zero Knowledge proof (ZK-proof) is not a modern concept; it was first introduced in a paper named “The Knowledge Complexity of Interactive Proof-Systems” in 1985. In this article we will see what a ZK-proof is, offer an intuitive explanation and explore several use cases.

Whether you are a developer or a user, it’s important to understand the core concept behind ZK-Proofs because it will help you understand not only what the product is trying to achieve in matters of security and privacy but also how they are trying to achieve them.

What is a Zero-Knowledge Proof?

ZK-Proof is protocol that involves a Prover and a Verifier and enables the Prover to demonstrate the truth of a statement to the Verifier without disclosing any additional information beyond the veracity of the statement. Essentially, it allows the Prover to prove to the Verifier that they possess knowledge of a specific piece of information, without disclosing it.

How does it work? An intuitive explanation

The Ali Baba cave is a well-known story used to give an intuitive explanation of how the ZK-Proof protocol works. This story is based in a circular cave with one entrance and a magic door opened by a password located in the middle of it. It involves two actors, Bob the verifier and Alice the Prover.

Alice wants to prove to Bob that she knows the password that opens the door placed inside the cave without telling him the word itself. To do that they follows three simple steps:

Process A
  1. Alice chooses a random path to enter the cave while Bob waits outside without looking at her.
  2. Bob goes to the entrance of the cave and screams a path.
  3. Alice returns to the entrance using the path that Bob screamed in step 2.

If Bob screams A, and Alice returns using A it can mean two things: either Alice entered the cave through B and knows the password or entered through A and cheated. After all, there is a 50% chance of getting it right.

Porcess B

The key is to iterate this process until it becomes highly improbable for Alice to have cheated in every repetition, given that each time Alice is correct, the probability of cheating is halved.

Where can we apply ZK-Proofs?

Any scenario where someone needs to demonstrate the validity of some statement without giving up the information that validates it is suitable. In web3, ZK-Proofs can enhance privacy.  For instance, they can be used to anonymize transactions between peers, as done in the ZCash z-address to z-address transactions, or to enable anonymous voting for decentralized autonomous organizations (DAOs).

Given the fact that the ZK-Profs are a general cryptography concept, applications can also be found for web2: financial institutions could leverage ZK-Proofs to demonstrate that a person’s income falls within a specific range, without disclosing the precise income amount or  or as a proof of identity, demonstrating that the possession a valid government issued document, without giving it up. 

ZK-Proofs are perfect for this kind of scenario because they can provide strong privacy guarantees without compromising the integrity of the data managed by the system.

Conclusion

great power great responsability

Zero-Knowledge proofs have the potential to make the web3 space a more private and safer environment for the users. But as Uncle Ben said in the best Spider-Man movie: “with great power comes great responsibility”. We can’t ignore the fact that these tools can also be used by bad actors to perform illicit activities such as money laundering and illegal transactions. As we continue to develop and apply this technology, it is crucial to consider methods for combating its misuse without sacrificing its benefits. As web3 enthusiasts and developers this can’t be ignored and should be discussed along with the development of ZK-Proof based solutions.

We are always looking for Web3 talent !

Mighty Block is one of the partners of Forte, a platform to enable game publishers to easily integrate blockchain technologies into their games. We believe blockchain will enable new economic and creative opportunities for gamers around the world and have assembled a team of proven veterans from across the industry (Kabam, Unity, GarageGames, ngmoco, Twitch, Disney), as well as a $100M developer fund & $725M funding, to help make it happen. That’s where you come into play.

Feel free to browse all our current open job opportunities in the following link 👇

View our open positions
Close Menu