Mnemonic Generation (BIP39) Simply Explained

 

Every time a crypto wallet is set up, it receives 12 (in some cases 24) mnemonic phrases and asks to keep it safe. These mnemonics are further used to restore accounts and associated cryptographic balances.

A set of mnemonics can be used to create multiple addresses. This way of creating accounts was introduced in BIP32 and BIP39 a long time ago. Here we will talk about the process of creating the BIP39 mnemonic using a simple example. GDP39

This BIP describes the implementation of a mnemonic code or mnemonic phrase—a group of words that are easy to remember—to generate deterministic wallets.

It consists of two parts: creating a mnemonic and creating a binary seed. This seed can later be used to create deterministic wallets using BIP-0032 or similar methods. Let's understand its first part.

Mnemonic generation

Creating a mnemonic is a multi-step process. Let's go step by step with an example:

1. Generate Entropy: This will trigger entropy generation. With more entropy, security improves, but sentence length increases. Enable 128-256 bits to generate 12-24 sentences. Let's take the example of 128 bits generating 12 phrases. In our example, below is the generated entropy in hexadecimal and binary form:

Hexadecimal: 063679ca1b28b5cfda9c186b367e271e

Complete 128 bits are as:

==

0    6    3    6    7    9    c    a    1    b    2    8    b    
0000 0110 0011 0110 0111 1001 1100 1010 0001 1011 0010 1000 1011
   
5    c     f     d    a    9    c    1    8     6    b    3    6    
0101 1100  1111  1101 1010 1001 1100 0001 1000 0110 1011 0011 01107     e    2    7    1   e
0111 1110 0010 0111 0001 1110

==

2. Generate Checksum: Second step is about generating checksum.

==

checksum = first (length of entropy in bits/32) bits of SHA256 of entropy

==

In our case, it is 128/32 = 4 bits. Lets assume, it is 0110 (6 in decimal) in our case. Append this checksum in the end of initial entropy. So, after concatenation, it will be:

==

000001100011011001111001110010100001101100101000101101011100111111011010100111000001100001101011001101100111111000100111000111100110

==

3. Split: Now we need to split it into groups of 11 bits. Right now total bits are 128 + 4 = 132

After split, it will look like:

==

00000110001 10110011110 01110010100 00110110010 10001011010 11100111111 01101010011 10000011000 01101011001 10110011111 10001001110 00111100110

==

4. Convert to decimal: Now we need to convert these bits into its decimal representation as:

==

00000110001 10110011110 01110010100 00110110010 10001011010
49          1438        916         434         111411100111111 01101010011 10000011000 01101011001 10110011111
1855        851         1048        857          143910001001110 00111100110
1102       486

==

These decimal representation varies from 0–2047. These work as an index to mnemonic word list. This word list can be found here.

5. Find out Words: Now words will be chosen from the wordlist. In our case, with English language, they will be as:

==

49          1438        916         434         1114        1855 
alert        record      income      curve       mercy       tree851         1048        857          1439       1102       486
heavy        loan        hen         recycle     mean       devote

==

So, this way final generated mnemonic phrases will be:

alert record income curve mercy tree heavy loan hen recycle mean devote

No. of mnemonic words generated depends on the size of initial entropy. It follows as:

==

Bits of Entropy Number of words
128 12
160 15
192 18
224 21
256 24

==

In addition to creating a binary seed of the generated mnemonics, we use the PBKDF2 function with a mnemonic phrase (in UTF-8 NFKD) used as a password, and the string "mnemonic" + passphrase (again in UTF-8 NFKD) is used. like salt. The number of iterations is set to 2048 and HMAC-SHA512 is used as the pseudorandom function. The length of the received key is 512 bits (= 64 bytes). This seed can still be used for HD wallet purposes.