BIP39
BIP39 is a Bitcoin Improvement Proposal that defines a standard method for generating mnemonic seed phrases from random entropy. It specifies a 2,048-word English wordlist and the process for converting words into a binary seed used for key derivation.
How It Works
BIP39 defines a straightforward process: generate random entropy (128 bits for 12 words, 256 bits for 24 words), compute a checksum from the SHA-256 hash of that entropy, append the checksum bits, then divide the combined bits into 11-bit segments. Each segment maps to one of 2,048 words in the standardized wordlist. The result is a human-readable backup of your wallet's master secret.
The wordlist is carefully designed so that the first four letters of each word are unique, reducing transcription errors. Words are common English words chosen to be unambiguous and easy to write. The checksum (final portion of the last word) provides basic error detection — if you make a mistake writing down a word, a compliant wallet will flag it during recovery.
From the mnemonic words, BIP39 uses PBKDF2 with 2,048 rounds of HMAC-SHA512 to derive a 512-bit seed. This seed then feeds into BIP32 for hierarchical deterministic key generation. The optional passphrase is mixed into this derivation, meaning a different passphrase produces an entirely different wallet — there is no "wrong" passphrase, just different wallets.
Key Points
- Standardized method for converting entropy into memorable word sequences
- 2,048-word list where each word is uniquely identifiable by its first four letters
- Built-in checksum detects transcription errors during wallet recovery
- Optional passphrase creates entirely separate wallets from the same word sequence
- Widely supported across virtually all modern Bitcoin wallets and hardware devices