Generating our own private keys: Brainwallets

in bitcoin •  6 years ago  (edited)

There are many reasons for generating your own keys. You do not need to trust anyone, you learn about the technology and you are really in control. Even if you are operating cold storage on an offline device, that device might already be infected and generate compromised keys. But if you write the code yourself on an offline machine, there is almost no way to have a corrupted key.

Warning: Do use the code at your own risk. There may be bugs; only use what you understand and do not modify things that you do not understand. There are many ways to compromise the security of your keys. Please consider all keys in this post as compromised and do not use them or send money to their addresses!

I provide a very simple python key generator. The advantage is that this is no blackbox, you see everything it does. In order to confirm the security you need to verify the code yourself. This is not possible in very complicated thousand line-long codes.

Lets start with a simple brain-wallet:
Screenshot 2018-05-22 15.54.58.png

I simply base 36 decode the seed, then add a sufficient amount of zeroes to obtain the random seed generating the key. Then I convert it into the Bitcoin private key format by running two rounds of sha256 and a base58 compression. Obviously the phrase should be much stronger than 'cat', maximum 49 characters allowing for about ten ordinary words!

But remember that this type of key will only generate maximum entropy if it is a random string of characters, which defeats the purpose of a brainwallet. Better to use a BIP-39 Mnemonic to generate secure brainwallets. But that code will necessarily be more complex. Instead a good compromise is to take a list of words and use only the first two or three characters of each. This way you can get more entropy into the seed and should have a secure wallet.

When you write your own code it is possible to make the brain wallets significantly safer. Most people do not base36 decompose and thus will get a different key from the phrase 'cat'. Here, I add the zeroes to the front, but you dont have to. When changing the code you will have your unique phrase to private key generator and that adds significant security opposed to following a standard recipe.

Generally I would not recommend a brainwallet, but there are times when you want to control bitcoin without having any physical counterpart linked to them. One example might be having to flee your home country and being subject to border controls and worse. This key cannot be stolen or confiscated and nobody will even know that you possess any bitcoin.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!