Skip to main content

BIP39 | Bitcoin Glossary | Mapping Bitcoin

BIP39

Development

Also known as: mnemonic standard, mnemonic code

A Bitcoin Improvement Proposal that defines the standard for generating mnemonic phrases (typically 12 or 24 words) from which a wallet's master seed is derived. These word lists enable human-readable backups of wallet keys.

Overview

BIP39 establishes a standard method for converting random entropy into a sequence of common English words (or words in other languages) that can be written down, memorized, or stored as a backup. This mnemonic phrase serves as the root from which all wallet keys are deterministically generated using BIP32.

How It Works

Step 1: Generate random entropy (128 or 256 bits)

Step 2: Add checksum (first N bits of SHA-256 hash)
        128 bits + 4 checksum bits  = 132 bits → 12 words
        256 bits + 8 checksum bits  = 264 bits → 24 words

Step 3: Split into 11-bit segments (each maps to a word)
        2^11 = 2048 possible words in the wordlist

Step 4: Look up each segment in the BIP39 wordlist

Step 5: Apply PBKDF2 with optional passphrase to derive master seed
        Mnemonic + "mnemonic" + passphrase → 512-bit seed

Wordlist Properties

The BIP39 English wordlist contains exactly 2,048 words chosen so that:

  • The first four characters uniquely identify each word
  • No two words are too similar to each other
  • Words are common and easy to spell
  • Wordlists exist for multiple languages (English, Spanish, Japanese, Chinese, etc.)

Optional Passphrase

BIP39 supports an optional passphrase (sometimes called the "25th word") that is mixed into the seed derivation process. Using a passphrase creates an entirely different set of keys from the same mnemonic, providing plausible deniability and an additional layer of security.

Security Considerations

  • Never store digitally: Mnemonic phrases should be written on paper or stamped into metal, never stored in plain text on a computer or in cloud storage.
  • Never share: Anyone with your mnemonic phrase has full access to your funds.
  • Verify backups: Test that your backup phrase correctly restores your wallet before depositing significant funds.

Common Misconceptions

Some users confuse the mnemonic phrase with the seed itself. The mnemonic is a human-readable encoding of the entropy; the actual seed is derived from the mnemonic through PBKDF2 with 2,048 rounds of HMAC-SHA512 stretching.

Related Terms

Mnemonic PhraseSecurity

A human-readable sequence of 12 or 24 words defined by BIP39 that encodes a wallet's master seed. The mnemonic phrase serves as a backup that can restore all keys and addresses in an HD wallet.

Seed PhraseSecurity

A sequence of 12 or 24 words that deterministically generates all the private keys in an HD wallet. The seed phrase is the master backup for a wallet and must be stored securely offline, as anyone with access to it can control the associated funds.

HD WalletSecurity

A hierarchical deterministic wallet that generates all key pairs from a single master seed using the BIP32 standard. HD wallets simplify backup (only the seed needs to be stored) and enable organized key management with multiple accounts and address chains.

BIP32Development

A Bitcoin Improvement Proposal that defines hierarchical deterministic (HD) wallets, allowing an entire tree of key pairs to be generated from a single master seed. This enables organized key management and simplified backups.