Generating your seed phrase is probably the most important thing you can do to protect your bitcoin. While you might think that your seed phrase is as secure as it possibly can be, there are actually several overlooked yet critical steps to ensure you generate your seed phrase safely.
Generating your seed phrase in a secure offline environment is the first of 4 key steps to secure your seed phrase.
Step 1: Generate Your Seed Phrase (Randomness + Verification)
Step 2: Write Your Seed Phrase (Paper or Metal)
Step 3: Store Your Seed Phrase (Location)
Step 4: Recover Your Bitcoin Wallet (Privacy, Security, Wallet Settings)
Experimenting With Bitcoin Seed Phrase Generators
It doesn’t matter if you’re new to bitcoin or a hardened veteran hodler who’s held through 80%+ dips. It’s never a bad time to experiment with all of the various seed phrase generation methods to better understand how seed phrases and entropy work.
I’ll begin by experimenting with generating entropy (randomness) with the various methods that seem to be the most common to generate seed phrases. Next, I’ll convert that randomness into an actual seed phrase with the various hardware devices and online tools.
Everybody is different and there is no single correct way to generate your seed phrase. But for the sake of this article, I will be going over the 4 main methods that I consistently come across whenever I generate a seed phrase.
How Do You Generate A Seed Phrase?
To generate your seed phrase, there are a few methods that you can experiment with. The most common methods that I have come across are word by word (random word lottery), dice rolls (1-6), coin flips (binary), deck of cards (A-10,J,Q,K), and your wallet’s random number generator (trust). Experimenting with all of the various Bitcoin seed phrase generator methods across multiple tools and devices will help you to better understand how seed phrases are generated and how random your seed phrase actually is.
- Random Word Lottery: You can manually select seed words from a random word lottery to generate 11/12 or 23/24 seed words, and then use an offline computer to calculate the final checksum word. By writing down all 2048 of the possible seed words from the BIP39 word list, you can randomly select each one out of a bag.
- Dice: To generate entropy with dice, you can roll dice 99 times to generate 256 bits of entropy (~2.584 bits of entropy per dice roll) and then use a computer program to convert all of that entropy into the words needed to calculate a seed phrase.
- Playing Cards: Seed words can be generated with a deck of playing cards and a corresponding system to map each word to a combination of playing cards. Once you have selected 11/12 or 23/24 seed words, you can use some software to calculate the final checksum word.
- Binary: To generate binary entropy, you can flip a coin 11 times for a single seed word, record all of the results on paper, and then use some relatively basic math to map each set of 11 coin flips to a BIP39 seed word. A 12 word seed phrase only needs 128 coin flips while a 24 word seed phrase would require 256 coin flips.
- Trust: Finally, you can also trust your Bitcoin wallet to generate a seed phrase for you and just hope that your wallet’s random number generator (RNG) is truly random, and that the wallet developers don’t have a copy of whatever seed phrases that your wallet gives you.
Are you trusting your Bitcoin wallet to generate your seed phrase for you? Are you adding any of your own entropy with dice rolls or coin flips? Are you generating your own seed phrase by selecting each word using physical randomness? Are you verifying the authenticity of your seed phrase across multiple devices and tools? Do you understand how much security you have with a 12 word seed phrase vs. a 24 word seed phrase?
Experimenting with different seed phrase generators can help you answer all of these questions and understand why they are important. We don’t want to make any mistakes with any actual bitcoin, so start small and try out different services and Bitcoin wallets just to get a feel for how they all work.
I have personally used all of the following methods to create entropy to generate dozens of seed phrases and verify them across multiple devices and tools. Every time I used one form of entropy to generate a seed phrase I got the exact same 24 seed words across the other devices and tools.
Unfortunately, not all of these devices and tools have all of the same features, so I wasn’t able to test every single method against every other device or tool. But I got so many of the same results that I trust all of these products to generate authentic seed phrases. Once you generate your seed phrase with any of these methods, it’s a good idea to verify them across multiple hardware devices or online tools to make sure that you get the exact same result on all of them. This mitigates your need to trust any one of them.
Generating A Seed Phrase Word By Word
You can physically generate entropy by randomly selecting each of your seed words “out of a hat”. There are 2 basic methods to do this:
- You can do it yourself and print out each of the 2048 words on paper, and randomly select each word to generate your seed phrase.
- You can buy a product with each of the 2048 seed words already printed on them, and then randomly select each word.
In my opinion, physically generating entropy is the best way because it relies the most on pure physical randomness to select your seed words.
For a seed phrase with 12 words, there are 2048^11 possible combinations. For 24 word seed phrases, there are 2048^23 possible combinations. The final word is always calculated as a checksum. To calculate my final checksum word for these experiments, I used SeedSigner, ColdCard, The Bitcoiner Guide Seed Tool, and SeedPicker.
Paper Printout (DIY)
You can physically generate your own seed phrase entropy using nothing but paper and a pencil. All you have to do is print (or write) all 2048 of the BIP 39 words on paper, cut out each word, randomly select 11-23 words, and then calculate the final checksum word.
This is the only method that I didn’t personally try because I don’t have a printer and it seems a little too time/resource intensive to get a printer just to be able to print all of the words, cut each one out, and then randomly select each word.
My time is worth a lot to me so I just bought some SeedSticks.
SeedSticks
SeedSticks is an offline seed phrase generation tool that relies on true physical randomness to generate entropy. The math for calculating seed phrases is the same with SeedSticks as the DIY paper method, but SeedSticks are much less fragile than paper.
I would rather just pay a bitcoiner for a quality product that I can use over the years spent generating hundreds of physically random seed phrases for friends, family, experiments, giveaways, and myself.
Calculating The Final Checksum Word
Once I’ve randomly selected 23 words, I input them into both my SeedSigner and ColdCard to calculate the 24th word as a checksum.
Since this is purely for experimentation and learning, I also input the same 23 words into SeedPicker and the Bitcoiner Guide Seed Tool, and all of them calculated the same final checksum word “bind“.
WARNING: This is just for testing and experimenting. SeedPicker and Bitcoiner Guide are online tools. DO NOT EVER ENTER YOUR ACTUAL SEED PHRASE into these services unless you know how to download them and run them in a secure offline environment.
If I ever get a different checksum word between any of the tools above, then I’ve either entered something incorrectly or there’s a potential that I am using corrupted or dishonest software. Since the checksum is the same across all devices/tools, I can be certain that my checksum word is authentic OR that they are all dishonest and colluding. Since I generated 23/24 words of the seed phrase using physical entropy, and all of code that these tools use can be publicly audited (both my SeedSigner and ColdCard are also completely air-gapped), my risk is decentralized and I can have a high level of certainty that my seed phrase is authentic.
Generating A Seed Phrase With Dice Rolls
Another way you can generate your seed phrase is by rolling your own entropy with dice rolls. Instead of selecting 11-23 words out of a hat, you can roll a single die 99 times (or 5 dice just 20 times), record all of them on paper, and then enter them into a hardware device or online tool that calculates seed phrases from dice rolls.
In my experience, dice rolls seem to be one of the most common methods for bitcoiners to generate seed phrase randomness. It might be because dice are cheap, readily available all around the world, buying/possessing them doesn’t raise any red flags anywhere in the world, and the popular hardware wallet ColdCard can generate a seed phrase with dice rolls. SeedSigner recently posted that the TSA was very interested in his SeedPills entropy tool.
Generating your seed phrase with dice rolls is simple, but it can be rather time-consuming to roll dice 99 times, enter all 99 of your dice rolls into a hardware wallet device that generates your 24 seed words, and then writing down the seed words properly. For generating your actual seed phrase, this security is well worth it but experimenting with this method will help you to truly appreciate how much effort this actually takes.
Converting 99 Dice Rolls Into A Seed Phrase
Once you have your 99 dice rolls, you can enter the into a ColdCard, SeedSigner, or the Bitcoiner Guide Seed Tool and it will generate a seed phrase. If you use a ColdCard to enter the dice rolls and you enter 1 of the numbers incorrectly, you cannot delete it. You will have to either enter the same incorrect number on both your SeedSigner and Bitcoiner Guide, or restart your ColdCard and start the process all over again.
WARNING: Again, this is just for testing and experimenting. Both SeedSigner and ColdCard can be used completely offline and air-gapped. Only use the Bitcoiner Guide Seed Tool to generate your seed phrase from dice rolls if you know how to run it in a secure offline environment.
Generating A Seed Phrase With Playing Cards
Generating a seed phrase with playing cards is another way to create entropy to generate a seed phrase. Just like with dice, playing cards are cheap and easily available all around the world. If you have an internet connection, you can use Jimbo’s Seed Picker Solitaire to generate 23 seed words and then calculate the final checksum word.
There are probably a number of different ways that you can use a deck of playing cards to generate randomness but Jimbo has a couple of different methods outlined in his instructions. In my experiment, I used the second one.
For each word, I shuffle a deck of cards and then draw two cards. I got a 7 of Clubs (7C) and a Jack of Diamonds (JD). I then reference that against his sheet and all the way on the left side of the page, I find 7 of Clubs and the Jack of Diamonds.
I reference the JD in the 7C row from my previous card and I can see that it corresponds to the word “tilt”. I now have 1 of 23 seed words. I repeat this process for all 23 words.
Once I generated my 23 seed words, I used my SeedSigner, SeedPicker, and the Bitcoiner Guide seed tool to calculate the final checksum word. Once again, I got the exact same result on all of them.
Generating A Seed Phrase With Binary
Something as simple as a simple coin flip can serve as a Bitcoin seed phrase generator. All you have to do is flip the coin 256 times and write down the result of each flip. Each one of these flips represents a binary piece of data.
As part of my experiment, I flipped a coin 256 times and wrote down the result of each coin flip. This was obviously incredibly time consuming but well worth the experience to learn how to generate seed phrase entropy with nothing but a coin.
Once I had all 256 coin flips written down on paper, I entered all of them into the Bitcoiner Guide seed tool and it generated a seed phrase.
Generating A Seed Phrase With Trust
Finally, you can trust your Bitcoin wallet to generate a seed phrase for you. However, this random number generator (RNG) method is the least secure method for two reasons:
- You are trusting your wallet’s RNG to be random enough and that it will generate a truly random seed phrase. There have been reports of compromised or weak RNGs, resulting in bitcoiners losing their funds to successful cyber-attacks launched against the service that relied on that randomness.
- You are also trusting that your wallet is honest and not giving you a seed phrase that developers predetermined prior to selling it to you.
When you trust someone else to generate your seed phrase, that leaves a greater than 0% chance that it can somehow be compromised. On the other hand, when you generate your own seed phrase, you don’t need to trust anyone but pure mathematics and the randomness of the physical universe. It’s a beautiful thing.
Securely Generate Your Seed Phrase
Now that you have an idea of how seed phrase generation works, you can use any of the above methods to securely generate your seed phrase in a secure offline manner with fully air-gapped tools like SeedSigner and ColdCard.
You can use pure physical randomness with something like SeedSticks or use a DIY method to print out each of the BIP39 words and randomly select each word.
You can roll dice until you have 99 rolls, then enter each one of them into an air-gapped SeedSigner or a ColdCard.
You can use playing cards and Jimbo’s solitaire seed picking reference sheet to generate words offline and then use a SeedSigner to calculate the final checksum word.
You can use binary such as coin flips to generate 11 bits of entropy and then calculate the number that corresponds to one of the 2048 BIP39 seed words and then use either a SeedSigner or ColdCard to calculate your final checksum work in a secure offline environment.
Finally, you can trust a Bitcoin wallet to generate your seed phrase but you run the risk of having your bitcoin compromised if their RNG isn’t as random as it should be. Even worse, you could receive a predetermined seed phrase all together. Unless you are personally able to audit the code of the device that you are using, you are trusting that the device is giving you an honest and secure seed phrase.
In order to ensure that your seed phrase is completely authentic, you either need to generate your own seed phrase using 100% of your own entropy OR you need to be able to add your own entropy during the seed generation phase and verify it on at least one other device.
Can You Generate An Invalid Seed Phrase?
If you select all 12 or 24 of your own words, you will generate an invalid seed phrase because the final word needs to be calculated as a checksum.
While most, if not all, wallets will generate 12-24 seed words for you automatically, if you decide to generate your own entropy — using coin flips, dice rolls, playing cards, or a physical random word lottery — you will need to manually calculate your final checksum word.
Verifying Your Seed Phrase On Multiple Devices
One of the reasons I have gone into such detail in this article about checking the outcomes across more than one device/tool is so that need to rely less on any single point of failure.
Don’t trust. Verify.
You need to ensure that your seed phrase is not relying on trust. It needs to rely on math. Furthermore, when you use a completely air-gapped device to verify your seed phrase, you have an even more trust-minimized method to verify that your seed phrase is secure.
Any device that generates your seed phrase is ultimately a trusted third party unless you are verifying your entropy against at least one other device or service. Even with dice rolls, you are trusting a third party to a certain extent unless you are using another tool or wallet to generate the same seed phrase. If you get the same result, you can be sure that your seed phrase is authentic.
How I Verified My Seed Phrase
When I was checking to ensure that all of these tools produced the same seed, I entered 99 dice rolls into my Cold Card, SeedSigner, and Bitcoiner Guide. All 3 of them generated the EXACT same 24 words so I can be sure that either all 3 of them are authentic and have not been compromised OR that they are all compromised and are working together to steal my bitcoin by giving me a pre-generated seed phrase. Since the code for all of these projects can be audited, I can be relatively certain that they are all acting honestly.
If you roll dice 99 times and enter all of those dice rolls into a ColdCard, a SeedSigner, and the Bitcoiner Guide Seed Tool, you should get the exact same seed words on all of them.
If you don’t get the exact same result, double and triple-check that you entered all 99 dice rolls exactly the same on every device and software. Entering even a single number incorrectly will result in a completely different seed phrase.
Final Thoughts
Now that you’ve generated your seed phrase, writing your seed phrase properly is an equally important next step to ensuring your bitcoin stays safe for the decades to come.
Seed phrase generation is an incredibly important but often overlooked subject, because we tend to just trust our Bitcoin wallets to be acting honestly. Since all of the wallets and tools that I refer people to here on WhatIsBitcoin.com are open source, we can at least audit the code to verify that they are honest. For those of us who are unable to audit the code of all of these different software wallets and hardware wallets, using other devices helps verify that we are generating real seed phrases.
Furthermore, we can use completely air-gapped tools to calculate, generate, and verify our results across multiple devices to ensure that the Bitcoin seed phrase generator being used is honest and produces authentic seed phrases.
Thank You For Reading
If you found this article helpful, please consider sharing it, supporting one of these affiliates, or making a value for value donation so that we can continue to publish more Bitcoin-only content.