- This topic has 2 replies, 1 voice, and was last updated 1 month, 3 weeks ago by BuyRackTurk.
- Friday, August 5th, 2022 at 17:08 #349949takayserParticipant
I understand how it works and how it is calculated, but what’s the point of it? I understand the use for checksums in BTC addresses or in IBAN numbers, but not (yet) for seed phrases.Friday, August 5th, 2022 at 17:13 #34995011010110111110111
A BIP 39 mnemonic can have any number of words with the most common being 12, 18, and 24 words. There is a checksum encoded into this mnemonic. This checksum is actually just a “part of” the last word, i.e. the last word encodes some of the actual initial entropy, and some of the checksum, depending on the size of the entropy in bits.
The way that BIP 39 makes the mnemonic is by generating some initial entropy that is n bits in length. The checksum is then the first n / 32 bits of the SHA256 hash of the entropy. This is just concatenated to the end of the entropy. The mnemonic is then encoded by dividing the entropy into groups of 11 bits and using the resulting 11 bit number as an index into a list of 2048 words.
With a 12 word seed, there are 128 bits of entropy, which gives 128 / 32 = 4 bits of checksum. This gives 132 total bits to be encoded, and 132 / 11 = 12 words. You may have noticed that the checksum is only 4 bits in length, which is shorter than the 11 bits allocated for the last word. So the last word’s index is actually composed of both the last 7 bits of the entropy and the entire 4 bit checksum.
With a 24 word seed, there are 256 bits of entropy, which gives 256 / 32 = 8 bits of checksum. This is also shorter than the 11 bits for the index of the last word, so this means that the 24th word of a 24 word seed “contains” the last 3 bits of the entropy and all 8 bits of the checksum.
BIP 39 itself has a table showing the number of entropy bits, the number of checksum bits, the total bit length, and the total word length for various entropy bit lengths.
The seed would not be mathematically complete without the checksumFriday, August 5th, 2022 at 19:31 #349951BuyRackTurk
> I understand the use for checksums in Bitcoin addresses
do you though? Because its the same reason.
- You must be logged in to reply to this topic.
Related Forum Topics:
- → The word “metaverse” has become the hottest word of the year. The majority of us here are discussing and debating it. I’m really looking forward to see it grow.
- → Is adding a ‘25th’ word dependant upon the wallet you choose? Can you recover your wallet on any wallet device if you have a 25th word?
- → [ELI5 demand] whats the difference between ETH2 and L2 tech like Polygon? Whats the future of Polygon when Ethereum will go full POS?
- → Importing keys to Yoroi & Wallet Checksum
- → Miniscript.fun is a visual policy-to-miniscript converter, all the way from bip39 mnemonics to derived addresses, written by Stepan Snigirev
- → Yes… Memorize your BIP39 seed and passphrase
- → Why can’t I use Ian Coleman’s BIP39 Mnemonic Generator for Solana?
- → Generate BIP39 mnemonic from secret key?
- → Would running a full node (Daedulus) benefit the network & community more than running a lite wallet (Yoroi)?
- → Russia vs Ukraine: A new way for crypto scammers to benefit.
- → Step by step, Polygon is reaching mass adoption and allowing its users to enjoy the experience. I mean great budget campaigns being prepared for goals that would benefit the whole ecosystem! What’s better than that?
- → How does the whole Hinman/SEC corruption benefit Ripple?
- → How does Cardano benefit from World Mobile network?
- → Solana’s key backers are accused of violating securities laws and harming retail SOL traders to the benefit of insiders.
- → What does IBC cominh to Dotsama means for polkadot and Kusama? are we going to benefit from it or its bad for the dot ecosystem?