A simple utility for creating high entropy bitcoin private keys.
Only generate keys on an offline computer. At the most basic level, run an Ubuntu LiveUSB (instructions). A more advanced user should use an airgapped machine. Follow Mircea Popescu's "How to airgap. A practical guide."
A $ at the beginning of a command means you enter it in the terminal. Do not actually type the $.
- In the terminal:
$ unset HISTFILE
. This will disable bash history to prevent any data being left in the shell. - Roll 5 six-sided casino dice at least 6 times (each roll adds one word, equal to 12.9 bits of entropy)
- With each roll append the results in the command line, like so:
$ python main.py 351456135165132154654651324654321324646312654651321654632165
- Print or write down the back up phrase contained within the single quotes
- Optionally, import the private key into your favorite wallet software
- To re-enable shell history, enter:
$ set HISTFILE
Entropic allows you to create deterministic keys based on your back up phrase. Use the -n
or --numaddrs
option to specify how many keys to make. For example:
$ python main.py 351456135165132154654651324654321324646312654651321654632165 -n 3
This would produce 3 private keys based on the following phrases:
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana'
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana1'
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana2'
In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes a password or passphrase. The primary function of salts is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks.
http://en.wikipedia.org/wiki/Salt_(cryptography)
Since a sufficiently strong diceware passphrase inherently protects the user from dictionary attacks, a salt is unnecessary for these purposes. However, a salt can be useful for adding other security protections. By adding a easy to remember salt to a diceware wallet, a user can protect his bitcoins even in the case of the passphrase being revealed to another person, because the keys will not be accessible without also adding the salt.
When a salt is used, the key is generated by producing a SHA-256 hash of the passphrase concatenated with the salt: sha(passphrase + salt)
A salt can be added using the -s
or --s
flag. Using the above example, the user might decide to use an email address as a salt:
$ python main.py 351456135165132154654651324654321324646312654651321654632165 -n 3 -s [email protected]
This would produce 3 private keys based on the following phrases:
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana [email protected]'
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana [email protected]'
- 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana [email protected]'
An attacker would need to access the original phrase and the salt, which the user might choose to write down somewhere else or just remember.
If you decide to use a salt, choose something that is simple and easy to remember, especially if you choose to not write it down.
When using the -s
flag, quotation marks are optional, unless your salt includes a space. If you wish to use a quotation mark in the salt, use an escape character: \"
or \'
.
See here. Thanks ferretinjapan!