Skip to main content

Try it Live

Run BIP39 examples in the interactive playground

Overview

BIP-39 seed derivation converts human-readable mnemonics into 64-byte binary seeds using PBKDF2-HMAC-SHA512. This seed serves as the root for HD wallet key derivation.

Basic Usage

Async Derivation

Sync Derivation

PBKDF2 Algorithm

Parameters

BIP-39 uses PBKDF2-HMAC-SHA512 with specific parameters:

Step-by-Step Process

1. Normalize Mnemonic (NFKD)
2. Construct Salt
3. Apply PBKDF2
4. Return 64-byte Seed

Passphrase Support

Why Passphrases?

Passphrases add an additional security layer: 1. Plausible Deniability
2. Two-Factor Security
3. Enhanced Entropy

Passphrase vs No Passphrase

Passphrase Best Practices

1. Never forget passphrase
2. Use strong passphrases
3. Store separately

Unicode Normalization (NFKD)

Why NFKD?

Different Unicode representations of same string must produce same seed:

Normalization Example

Performance Considerations

Why 2048 Iterations?

PBKDF2 iterations balance security vs performance: Security:
  • 2048 iterations slow down brute-force attacks
  • Each guess takes ~50-100ms
  • Testing 1 million passphrases takes ~14 hours
Performance:
  • Fast enough for user experience (<100ms)
  • Not too slow for legitimate use

Async vs Sync

Async (recommended):
Sync (use with caution):

Security Properties

Deterministic

Same input always produces same output:

One-Way Function

Cannot reverse seed to mnemonic:

Passphrase as Salt

Passphrase modifies the salt, creating different seed:

Test Vectors

BIP-39 Official Test Vectors

Advanced Usage

Parallel Derivation

Progress Indication

Caching Seeds

Common Errors

Invalid Mnemonic

Passphrase Typos

Integration with HD Wallets

Full Workflow

Examples

References