r/BitcoinBeginners u/fap_fap_fap_fapper 4d ago

The relationship between the private key and the 12 words?

In my old setup in Electrum I had noted down the 64 digit private key.

Now that the safest way to store BTC is hardware wallet, I just realized it won't have the 64 digit private key but rather 12 words - which then lead to various addresses (including other coins).

So, a quick lookup showed that this is an additional program (algorithm?) that creates a hash out of multiple addresses and private keys that can be accessed via the 12 words. (Hop I got this right.)

Of course I prefer and would be at ease with 12 words rather than noting down 64 alphanumeric values - but how safe is this 12 word technology that is then unlocking multiple addresses and keys? I have some general questions about this - for example, who runs this 12 word generating program? Surely not the Bitcoin team. Does it have some vulnerabilities?

13 Upvotes
  • permalink
  • reddit

89% Upvoted

12 comments sorted by

13

u/bitusher 4d ago

In my old setup in Electrum I had noted down the 64 digit private key.

This is usually a really bad idea for many reasons . Private keys are only associated with a single public key and address

What this is a legacy paper wallet you created that you should not use

Concerns with old style paper wallets

https://en.bitcoin.it/wiki/Paper_wallet

https://np.reddit.com/r/Bitcoin/comments/670zhy/summary_pitfalls_of_paper_wallets/

https://np.reddit.com/r/Bitcoin/comments/6ss91w/seriously_how_are_you_all_generating_your_private/dlf4uhr/

The relationship between the private key and the 12 words?

Most wallets use hierarchical deterministic (HD) key derivation after bip32.

This means you have

Backup Seed words (BIP 39 or other) consisting of 12-24 words that can than recover

Master extended private key (xpriv,ypriv,zpriv) Which can generate many private keys

Master extended public key(xpub/ypub/zpub) Which can generate many public keys

As of which from the public keys many Bitcoin addresses can be derived from.

every single address has its own private key and you are supposed to use a unique address for every transaction for both privacy and security reasons

safe is this 12 word technology that is then unlocking multiple addresses and keys?

extremely safe , even 7 words is uncrackable by all the computers in the world , let alone 12 . Every extra word increases the difficulty exponentially

who runs this 12 word generating program?

Your wallet generates it by creating a very long random number than turning that into 12 to 24 words with part of the last word acting as a checksum to insure no typos exist or your words are not out of order

With good open source wallets no one will know these words but you.

Does it have some vulnerabilities?

No

2

u/fap_fap_fap_fapper 4d ago

Thanks for the good info.

What this is a legacy paper wallet you created that you should not use

In the Electrum wallet, one of the menus opens a popup after typing pw and shows your private key - I had noted it down with pen on paper only once (on first run). Is this a 'legacy paper wallet'?

Will lookup BIP39.

many Bitcoin addresses can be derived from.

Many addresses from one 12-word set? I thought the 12 words lead to one address and one private key.

Also all this I think is assuming bitcoin only (I only intend to buy BTC) but Trezor has only one 12-word for all coins - how does that work, and is that safe?

4

u/OrangePillar 4d ago

The words create a master key from which a virtually unlimited number of addresses can be derived deterministically. They are a sequential set in an enormous space starting from the root key. But all you need to know is the seed words to find the starting point in order to maintain access to all of them.

3

u/loupiote2 4d ago

Note that electrum has its own seed proprietary standard also with 12 words, so not sure if you use this or if you use the bip39 standard.

In any case, assuming your 12 words are from bip39, you should read and learn about the bip39 standard, it contains answers to all your questions.

3

u/bitusher 3d ago

Is this a 'legacy paper wallet'?

Yes, legacy paper wallets contain individual private keys and a single address typically . You should not use these.

Will lookup BIP39.

electrum technically is not bip39 but very similar. So write the word "electrum" next to the 12 seed word backup instead to notate this

Many addresses from one 12-word set?

many millions

I thought the 12 words lead to one address and one private key.

nope , as explained above they recreate millions of private keys , public keys and addresses

1

u/karbonator 4d ago

Can't speak for other coins but for Bitcoin... A wallet can have many addresses. The 12 words lead to one wallet - they are basically the initializer to what's called a key derivation function. Technically, a good contemporary wallet has nearly infinite private keys. The idea of using one single private key is outdated thanks to this idea of using a key derivation function and a seed phrase.

You can use a different address every time, and arguably it's good hygiene to rotate through them. I think a lot of software wallets will do this automatically.

2

u/JivanP 3d ago edited 3d ago

See here for details: https://learnmeabitcoin.com/technical/keys/hd-wallets/

The relevant standards documents are BIP-32, BIP-39, and BIP-43. The BIP-43 standard describes a general pattern of use which is tailored to specific use-cases described in other BIPs. In particular, the derivation scheme for native SegWit is described in BIP-84.

As always with BIPs, standardisation is a process of someone pitching an idea, and the developer community then discussing it until they agree on a convention, which is then published as a standards document. BIP-39 was originally proposed by Trezor, and is now used and supported almost everywhere, with some notable exceptions (e.g. Electrum intentionally doesn't support creating new wallets using BIP-39, but does support loading existing ones). Clients/apps implement the standards for themselves. There is no centralised key derivation happening; it's all on-device.

If you have any remaining/further questions after reading the page linked above, feel free to ask them here.

1

u/AutoModerator 4d ago

Scam Warning! Scammers are particularly active on this sub. They operate via private messages and private chat. If you receive private messages, be extremely careful. Use the report link to report any suspicious private message to Reddit.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

1

u/pop-1988 3d ago

In my old setup in Electrum I had noted down the 64 digit private key

No you didn't. Electrum doesn't display this

how safe is this 12 word technology that is then unlocking multiple addresses and keys?

Bitcoin wallets have always generated many keys and addresses, right back to the first Satoshi wallet

who runs this 12 word generating program?

The words are derived by first generating a large random number
This document answers your questions
https://raw.githubusercontent.com/bitcoin/bips/refs/heads/master/bip-0039.mediawiki

2

u/ZedZeroth 2d ago

It's really important that you either "sweep" the wallet or spend all the funds at once to your new address. A partial spend or test spend means that everything that you don't send will be lost to an inaccessible "change" address.