With no server and only in the browser I’m generating an a bip39 key and giving the user the mnemonic to store some place safe for restoring, I also want the user to be able to login with a password.
1) Could I encrypt the mnemonic with a password?
2) If I do encrypt the mnemonic, which algorithm should I use?
I know mnemonic passphrases are used to derive a master key that can then be used to procedurally generate your addresses. If you lose everything except the mnemonic, you can regenerate everything and recover your losses.
But from what I understand, and as my limited experimentation has shown, these mnemonic seeds seem specific to an individual program and even its versions.
So let’s say one day I lose everything except my mnemonic and I decide to recover it all. I set up my a new pc and such, and look for a wallet program. My original program is no longer available because nyan cat ate the source code. Am I now not basically screwed because any alternative program won’t be able to process my original mnemonic seed?
So if I want to not take any chances and not be bound to any single platform, I shouldn’t focus on the mnemonic but on my master key, which I’m merely presuming is standardized and universal. Having to store this single long string of pseudorandom chars isn’t exactly an improvement over storing a csv of pseudorandom strings, is it?
And of what I’ve seen, programs like even electrum and mycelium are all but crystal-clear about what exactly you are backing up and what exactly you can do with it (on mobile – electrum is much clearer on desktop, though it still doesn’t say anything about the nature of the mnemonic for example). A button labeled “back up my wallet” doesn’t really tell me if I’m backing up either type of seeds or just a list of keys, or something else. I suspect a binary file specific to this wallet program at that moment. Programs relevant to the same thing (i.e. wallet programs) should really carry labels on all their features, pointing out what is universal/standardized/cross-platform and what isn’t.
Cryptosteel only allows to store the first 4 letters of each word of my mnemonic seed, the FAQ tells me why:
[…] you only need to assemble the first 4 letters of each word. Those 4 letters are unique and sufficient to recover the sentence and the entire bitcoin wallet. We did a frequency analysis and determined the minimum set of letters that are needed to create the Cryptosteel.
What is a mnemonic frequency analysis? Why do I only need the first 4 letters?
I am only using a mnemonic seed in the Greenbits Android wallet by GreenAddress. However, it uses 24 or 27 word phases and not 12. I tried to recover my seed from only the first 4 letters, but the wallet complains that some of them are no real words.
I’m assuming GreenAddress is using something different to BIP39 seeds and the first 4 letter rule does not apply to all seeds, is that correct?
If not, what would be the easiest way to modify an open source iOS/Android wallet (eg copay) to do this?