How to Securely Create a Bitcoin Seed Phrase in 9 Simple Steps
A question I get somewhat regularly is "how can I generate a seed with my own entropy so that I'm not trusting someone else's hardware or software?" There are innumerable ways to do this, as you're only really limited by your creativity when it comes to generating entropy. For example, Cloudflare used a wall of lava lamps to seed a pseudorandom number generator. But that's probably overkill for your needs!
There are plenty of guides that have previously been published about generating a bitcoin seed phrase from your own entropy, but those guides tend to be quite technical and have a high learning curve because they require setting up an airgapped computer, which is a process I consider to be outside the average person's comfort zone.
Thus the real question is: what is the most user-friendly way to accomplish this goal? Thanks to some functionality provided by COLDCARD, which is effectively a special purpose airgapped computer, the process can be simplified by an order of magnitude!
The Recipe for Success
- Buy the following items:
* A COLDCARD
* A MicroSD card and USB adapter
* A power-only USB-C cable OR ensure you already have a cable with either a power supply that plugs into a wall outlet OR buy a COLDPOWER adapter.
* Some 6 sided casino dice. Not just regular dice, but high precision (equally weighted) dice. You only really need one, but if you buy a pack with several then it will save you a little time during the rolling process. Coinkite also sells dice, though it's unclear if they are casino quality. - Once you've received the necessary hardware, power up the COLDCARD
- Set your PIN
- Upgrade the firmware via the MicroSD card if it's not on the most recent version
- From the main menu on the device, select New Seed Words
- Select 12 Word Dice Roll. Why 12 words and not 24? With 24 words you end up having to store twice as much data but don't gain any additional security.
- Roll your dice at least 50 times and input the numbers into the device. If you only have 1 die then it will require 50 throws; if you have 5 dice then only 10 throws are required, etc.
- Click OK (checkmark) to finalize your entropy input and generate the seed.
- Write down the words on the screen and store them securely!
That's all there is to it!
You may be asking yourself "wait, am I not trusting COLDCARD?" Not quite, as their dice roll functionality is verifiable.
Only the Beginning
Securely generating keys is only the beginning of the full life cycle of key management. In order to maintain the integrity of your keys, you must also:
- Store them securely
- Access them and sign transactions with them securely
- Have secure recovery / inheritance protocols in place
Check out my Bitcoin Security Resources to learn more about these other aspects of key management!