The Meat of Mnemonics: How the Sausage is Made

Mnemonic seed phrases are a vital cryptographic security feature with various implementations, notably hierarchical deterministic (HD) wallets like Ledger or Trezor where many of us keep our crypto. But…what is a mnemonic phrase, and why do we trust it to keep our funds out of the hands of unscrupulous predators roaming the ether?
Google defines mnemonics as “the study and development of systems for improving and assisting the memory.”
In a way, it’s like sausage, really. To fully understand mnemonics, we first need to understand its main ingredients. Let’s get cooking!
Cryptography Ingredients
I. Cryptographic Hash Functions
Hash functions are not exclusive to cryptocurrency — in fact they are ubiquitous these days. Cryptographic hash functions are simply one subset of the broader category. With electronic data storage now a fact of life, customers expect their information to be encrypted and secure from intrusion. Cryptographic hash functions achieve this by taking an input and returning an alphanumeric string of a fixed size. The input needs to be sufficiently random to ensure a high degree of entropy. Ideally, it should be virtually impossible for any two inputs to output the same hash. Also, the amount of computational power needed to create a hash from an input should be relatively low, while the amount of computational power to “crack” it should be astronomically high. When making sausage, grinding the meats together seems easy enough, but what if someone asked you to separate your conglomerate glob of protein and revert that process? Good luck.
Some of the most common hash protocols used today include MD5 and SHA-1. If SHA sounds familiar, it’s because Satoshi designed Bitcoin using SHA-256.
II. Checksums
A checksum is a series of digits appended to the end of a hash which is used on the receiving end to verify the data transmitted without error or corruption. Think of it like a natural casing on our cryptographic sausage — broken casings quickly indicate something went awry. Our HD wallets use checksums to more easily validate data from the recovery seed you created when initially setting up the wallet. A tiny, but mighty addition to our security portfolio.
III. Assembly
Ingredients compiled, we’re ready to assemble. Our “cookbook”, Bitcoin Improvement Protocol 39 (BIP39), details the specific methodology, but for simplicity, just know that we’re taking a long string of numbers, 132 bits long, and subdividing it into 12 equally-sized pieces of 11 bits each. One of these “chunks” might look something like “10110100010.” Each chunk corresponds to one of 2048 words in the BIP39 glossary. According to the documentation, “the wordlist is created in such way that it’s enough to type the first four letters to unambiguously identify the word.” These 12 word-kielbasas are neatly packaged and presented to the user as their mnemonic phrase.
Don’t Give Away the Recipe
To tie things up, consider the degree of randomness we’ve introduced into our system so far. Truly, the scale of it cannot be overstated, and at times can be incomprehensible. But those 12 words represent the private keys to your crypto. If someone were to discover your seed phrase, they could acquire the appropriate wallet and recreate a carbon copy of your keys from scratch. Keep this in mind every time you write your seed phrase down on a piece of paper you might forget. Never store this key on a device connected to the internet. This means no Google Docs, iCloud — even a “hidden” file on your PC is a questionable location inviting compromise. Because we’re dealing with digital assets it can be easy to forget what the stakes actually are. Were you to have a pile of physical gold, surely it would be kept in the most secure of locations. Yet so many crypto enthusiasts haven’t taken common-sense steps to protect themselves from theft or accidental loss. Even worse, some users turned to centralized custodial exchanges to secure their assets.
Privacy and security are pillars of the decentralized movement and together represent a value we hold dearly at Totle. Users interface with our aggregated network behind the safe walls of their encrypted wallets. We keep things simple for you — no extra passwords or 2FA needed. Check us out for free while in beta and experience the advantages of decentralized trading firsthand → https://www.totle.com/
Keep it secret, keep it safe.
