Open in app

Sign in

Write

Sign in

Secure Mnemonic Management with BIP85

In this blogpost we will explain what BIP85 is and how it can be used to make managing multiple mnemonics easier and more secure.

5 min readJul 14, 2021

--

What is BIP85

BIP 85 defines a way how new BIP39 mnemonics can be derived from your mnemonic. Put another way, it aids you in deriving “entropy” from your mnemonics, and the entropy you derive can then be used in other wallets and applications. Therefore, it brings the flexibility of managing multiple mnemonics (multiple wallets) while only having to back up one of your mnemonics. If one or more of the derived entropies are compromised, the parent mnemonic and other derived entropies remain secure.

Motivation

One of the big issues for cryptocurrency users that manage their own funds is the security of their keys. Keys have to be securely stored and protected against loss and theft. A recommended way to back up the mnemonic, besides keeping it securely in your Vault application, is to create a physical backup on paper. Even better is to use the social recovery feature and Shamir’s Secret Sharing to protect against a single point of failure in your backup. Those methods are very effective, but take a lot of time to set up. Creating a proper Social Recovery setup can easily take a †couple of hours if you distribute your shares. If someone owns multiple mnemonics, it is usually not feasible to do this with every mnemonic, so some are just backed up less securely. BIP 85 solves this problem.

What are the use cases of BIP 85

Setup of multiple wallets: People who are active in the cryptocurrency space often set up different wallets to manage different currencies. BIP85 allows users to have one master mnemonic, which is backed up securely, and then derive new mnemonics from it that can be used in less secure contexts. For example, a seed could be generated to be used in a browser extension or another mobile wallet that might not be focussed on security that much. Even if that wallet is compromised, the user will only lose the funds stored in that wallet, no other wallets will be affected.

The ability to create seeds without the need for a backup: An individual can now use his or her master mnemonic to derive new BIP39 mnemonics to set up other wallets for elderly parents or their kids who are unable to securely backup their seeds. All while not having to worry about backing them up.

Financial Structure: Most firms have a hierarchical structure in place, which includes managing funds. Most likely, the finance department of an organization would like to designate a different wallet to each department while not granting access to the main account to any department in the firm. With BIP-85, an organization can now create separate mnemonics for different departments without sharing the master seed throughout the entire organization or creating and managing individual mnemonics for each department. This simplifies the management of keys and brings a higher level of security. Even if the finances of one department are compromised, the organization and the rest of the department funds are still secure.

BIP-85 in AirGap Vault

We strive to provide our users with the most up-to-date and innovative technology, which is why AirGap has integrated this feature into its Vault.

If you want to derive a BIP-85 child entropy from one of your mnemonics, follow these steps.

  • Go to the Settings page and choose the mnemonics/account from which you wish to derive the child seed.
  • Click “Generate BIP85 Child Mnemonic”
  • On the BIP-85 Generation page, you can set a few settings
  • Mnemonic Length: The length of the child mnemonic is defined by this parameter.
  • Index: Changing the index will result in a different child mnemonic being generated. Therefore if you want a new mnemonic for a new purpose, make sure to set the index to a value that has not been used in the previous mnemonic generation process.
  • Advanced Mode — BIP-39 Passphrase: This allows you to set an extra passphrase that will be used to derive entropy.

NOTE: If you want to generate the same child mnemonic over and over again, you must use the same input parameters (length, index, and passphrase). So be certain that none of the values are forgotten.

  • On the following page, you can see the mnemonic that was derived from the master mnemonics. You can now write it down on a piece of paper or copy and paste it into another wallet without any problems.

NOTE: It is not necessary to back up the child mnemonics. Always remember that you can get them from the parent mnemonic. All you have to do now is make sure that your parent mnemonic is backed up properly and you remember the input parameters (length, index, and passphrase).

  • If you click on the validate button, the next screen will confirm that you have accurately written down the child mnemonic.

Conclusion

Security is the most important concern for us, and as a result, we have built an air-gapped wallet that provides the highest level of protection to our user’s funds. We are intrigued by innovations, and as a result, we are foremost among software wallets which have chosen to integrate BIP85 into its solution.

Links:

BIP85 — Deterministic Entropy From BIP82 Keychains https://github.com/bitcoin/bips/blob/master/bip-0085.mediawiki

AirGap BIP85 docs: https://support.airgap.it/features/bip85

Download

AirGap Wallet
💻 macOS
💻 Windows
💻 Linux
📱 iOS — App Store
📱 Android — Google Play (GitHub APK)

AirGap Vault
📱 iOS — App Store
📱 Android — Google Play (GitHub APK)

Interested in AirGap? Stay in touch. give us feedback

Bip85
Mnemonics
Crypto
Airgap

--

--

Written by AirGap

328 Followers

Secure Key Generation & Wallet

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams