Sometime last week, I stumbled across BIP-39 and how it helps secure web3 wallets, I decided to try my hands on a demo.
A web3 wallet (self-custodial) is a software/hardware that allows users keep track of their funds on the Blockchain. It is controlled by a private key, that should never be shared, but how is this private key generated?
In cases of account recovery do I have to know and provide a long private key to access my funds? Short answer, no.
The private key itself is generated from the seed phrase, the 12 or 24-word mnemonic you are given and sternly warned to share with no one when setting up your wallet. Remember metamask?
How is this mnemonic created? Is it just a bunch of random words? Let us look at it from a high level.
First, for 12-word seed phrases, the wallet software generates an entropy (a large pseudorandom number) using a Cryptographic Secure Pseudo Random Number Generator (CSPRNG), for the purpose of the demo, I used a non-CSPRNG to create a 128-bit entropy.
Then, the 128-bit entropy is passed through a hashing algorithm (SHA-256) and appended the last four bits of the hashed entropy (the checksum) to the original entropy to form a 132-bit initial data (entropy -128 bits + checksum - 4 bits). This checksum is more like the guarantee in cases of account recovery.
After that, the 132-bit entropy is split into 12 groups of 11 bits. Each 11-bit group is then converted to a decimal number between 0 and 2047. Each decimal number is mapped to a particular word in the BIP-39 standard wordlist which contains 2048 unique words (0-2047).
That's how a 12-word seed phrase is generated under the hood.
The seed phrase will be passed through a special function to create the master seed, the single source that the wallet can use to create an infinite amount of private keys and wallet addresses in a deterministic manner, the probability that two users/wallets will have the same seed phrase is astronomically low that it is considered practically impossible. This is due to the large entropy used in generating the seed phrase, there are 2^128 possible combinations, if my math is correct ;).
That way, the process is very random and secure to brute force attacks as it is very computationally expensive to try every possible combination of phrases to get a valid private key.
When a user wants to recover a wallet, the process of generating it is reversed. The 12 words are typed in and their decimal indices in the wordlist is converted into 12 11-bit binary numbers. these numbers are concatenated into a long 132-bit binary number and the last 4 bits (checksum) is separated from the first 128 bits (entropy).
The entropy is then hashed and the last four bits (checksum) is compared with the checksum from the previous step. if they match, it is a guarantee that a valid master seed and private key can be generated from the seed phrase, the private key is then used to create wallet addresses in a deterministic manner and the wallet scans the Blockchain for any funds associated with the addresses.
It's not rocket science.
It's just code, math and badass cryptography.
