If you’ve ever tried to set up a cryptocurrency wallet, you’ve probably run into 12-word phrases. You may have written the words down, and you may even use the phrase occasionally…
But how the hell does it all work?
Basically, your 12-word phrase is a set of words that allows you to recover and use your private key. And if you can recover your private key, you can access your wallet from anywhere in the world without having to carry anything around. It’s a simple, user-friendly security measure which is very powerful.
But to understand 12-word phrases, you should first understand public and private keys.
Public/Private Key Pairs
The language of most public and private key pairs explanations is astonishingly boring. So boring, in fact, that it gets in the way of actually understanding what they are. To make matters worse, once you do understand what they are, you realize that you just combed through hours of explanation to understand a basic concept.
So, bear with me as I try to make this as interesting as possible by talking about Twitter.
When your stalker, Deborah, mentions you on Twitter to publicly announce how fun following you around last night was, it’s just like a cryptocurrency transaction.
All right, I’ll explain what I mean. Look at it this way:
- Your wallet is like an account that you would have on any other platform (email, Facebook, Twitter, etc.). With your wallet/account, you can interact with the platform that it’s associated with. For example, with your Twitter account, you can tweet, retweet, and like other tweets. With your wallet, you can send, receive, and hold different cryptoassets (Bitcoin, Ethereum, etc.).
- A public key is like your Twitter handle. If someone knows it, they can interact with your account/wallet, and even search your account/wallet to see all your activity on the platform (i.e., stalk you).
- Before you can do things with your Twitter account, or your crypto wallet, you have to sign in first. With your wallet, you only need to input one thing which is/represents your private key. In this case it would be your 12-word phrase.
A Twitter account is limited to just the Twitter website. But you can use your wallet address on several different platforms. For instance, many different trading platforms and blockchain apps allow you to use your 12-word phrase to connect your wallet.
It’s okay if someone sees your public key — that’s why it’s public. But the private key allows access to your wallet, and all actions associated with your funds. That means that if someone gets your public key, the only thing they can do concerning your wallet is see the account balance and send it things (lucky you!). If they get your private key, however, then they can access your wallet and steal all of your funds.
So, accessing your crypto wallet is simpler than signing into Twitter. It’s more secure, too. But how can it be both?
Humans suck at making passwords
You may have the same password to your Twitter account as someone else does, but there are more unique private and public keys than atoms in the Milky Way Galaxy. Additionally, private keys aren’t created by humans (the worst password creators in the known universe), they’re created by complex software. The software is capable of creating passwords which are much more random than anything a human could ever come up with. If you’re interested in a more technical explanation, check out this wiki page.
The private key is a string of 64 letters and numbers, which would be very difficult and inconvenient to remember. Here’s a sample private key:
Imagine having to input that every time you wanted to access your wallet.
One way to get around this is…
12-word phrases make signing into your wallet a cinch, while simultaneously adding security to the wallet. A 12-word phrase is generated in conjunction with your private/public key pair. Although not all wallet creation programs provide a 12-word phrase, one could supposedly be generated for every private key. This is because each word in the 12-word phrase represents a different part of the private key. Here’s an example of one:
witch collapse practice feed shame open despair creek road again ice least
When you submit a 12-word phrase to a wallet software, it interprets the words into representing your private key. You could say that your 12-word phrase is your private key, and not be far from the truth, because it has many of the same properties as your private key, including:
- It can be submitted to a wallet software to gain access to a specific wallet
- It should never be shown to anyone (especially not Deborah)
The main reasons why 12-word phrases are more commonly used than private keys to access a wallet are for convenience and security.
It is convenient because all you would have to write down or memorize are 12 short words. Compare this with having to write down or memorize a lengthy private key, and it’s clear that remembering and inputting the words is easier.
It is secure because the phrase doesn’t have to be saved on your computer. You could just memorize the phrase and/or hide it on a piece of paper, so no one else could even have the chance of discovering the phrase.
But there are minor issues with both security and convenience.
If a hacker is recording your keystrokes or screen, then they may be able to take your phrase. So, if your 12-word phrase is displayed visually on-screen, or otherwise typed in, hackers can take it. Of course, this is fairly difficult to do, and already an achilles heel of regular website passwords.
Private keys and their 12-word phrases benefit from almost perfect randomness and complexity, making it nearly impossible for a hacker to guess their way into your wallet.
There are some solutions to these relatively minor security concerns which employ physical devices (such as hardware wallets), or software. But, how else can you move your wallet around remotely at all times with nothing other than your memory?
I guess this is simply the price we pay for not having body-implanted wallets.
Let’s create a wallet
It’s time to put our knowledge to the test by actually creating a wallet, and accessing it with its 12-word phrase. I’m going to use Ethex, a decentralized trading platform.
First, let’s create an account. Go to ethex.market, Launch the DApp, and select a token so that you go to the trading page. Click on “Add an account” in the upper right, and it will take you to this page.
Create the account, and select the “Secret Phrase” Option, and continue onto the next screen. Take out your paper and pen, and prepare to write down your 12-word phrase.
Make sure to write down each word in the order that it is displayed. Enter the phrase into the next page, and you will have officially created the account and will have signed in on Ethex!
This account is now live on the main ethereum net, and is capable of creating transactions, and holding or receiving various cryptoassets. To verify that your wallet really was created, you can go to etherscan.io (a search engine for the Ethereum blockchain) and search your public key.
If you haven’t made any transactions yet, it should look something like this:
Huzzah! You’ve officially created a new wallet. Your private/public key pair was created, and your 12-word phrase (you wrote it down right?) can get you to that wallet at any time or place.
An incredibly secure and convenient solution to crypto wallet access is 12-word phrases. Sometime in the future, there may be a better solution, but as it stands, this is one of the best solutions for wallet access and security.
Remember to keep the credentials to your wallet safe from potential thieves, hackers, and Deborah.