🔐 Private keys for Bitcoin
Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.gitignore
Dice List.csv
LICENSE
README.md
main.py

README.md

entropic

A simple utility for creating high entropy bitcoin private keys.

Usage:

Only generate keys on an offline computer. At the most basic level, run an Ubuntu LiveUSB (instructions). A more advanced user should use an airgapped machine. Follow Mircea Popescu's "How to airgap. A practical guide."

A $ at the beginning of a command means you enter it in the terminal. Do not actually type the $.

  1. In the terminal: $ unset HISTFILE. This will disable bash history to prevent any data being left in the shell.
  2. Roll 5 six-sided casino dice at least 6 times (each roll adds one word, equal to 12.9 bits of entropy)
  3. With each roll append the results in the command line, like so: $ python main.py 351456135165132154654651324654321324646312654651321654632165
  4. Print or write down the back up phrase contained within the single quotes
  5. Optionally, import the private key into your favorite wallet software
  6. To re-enable shell history, enter: $ set HISTFILE

Deterministic addresses:

Entropic allows you to create deterministic keys based on your back up phrase. Use the -n or --numaddrs option to specify how many keys to make. For example:

$ python main.py 351456135165132154654651324654321324646312654651321654632165 -n 3

This would produce 3 private keys based on the following phrases:

  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana'
  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana1'
  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana2'

Salt:

In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes a password or passphrase. The primary function of salts is to defend against dictionary attacks versus a list of password hashes and against pre-computed rainbow table attacks.

http://en.wikipedia.org/wiki/Salt_(cryptography)

Since a sufficiently strong diceware passphrase inherently protects the user from dictionary attacks, a salt is unnecessary for these purposes. However, a salt can be useful for adding other security protections. By adding a easy to remember salt to a diceware wallet, a user can protect his bitcoins even in the case of the passphrase being revealed to another person, because the keys will not be accessible without also adding the salt.

When a salt is used, the key is generated by producing a SHA-256 hash of the passphrase concatenated with the salt: sha(passphrase + salt) A salt can be added using the -s or --s flag. Using the above example, the user might decide to use an email address as a salt:

$ python main.py 351456135165132154654651324654321324646312654651321654632165 -n 3 -s test@example.com

This would produce 3 private keys based on the following phrases:

  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana test@example.com'
  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana test@example.com1'
  • 'ka toast yh busy pugh ewe gulf puck avail yh chump guyana test@example.com2'

An attacker would need to access the original phrase and the salt, which the user might choose to write down somewhere else or just remember.

If you decide to use a salt, choose something that is simple and easy to remember, especially if you choose to not write it down.

When using the -s flag, quotation marks are optional, unless your salt includes a space. If you wish to use a quotation mark in the salt, use an escape character: \" or \'.

Why use casino dice?

See here. Thanks ferretinjapan!