most recent 30 from bitcoin.stackexchange.com 2025-08-07T04:26:44Z https://bitcoin.stackexchange.com/feeds/question/123765 https://creativecommons.org/licenses/by-sa/4.0/rdf https://bitcoin.stackexchange.com/q/123765 0 user155123 https://bitcoin.stackexchange.com/users/155123 2025-08-07T19:32:32Z 2025-08-07T06:05:35Z

<p>I would like to add some security to my seed phrase storage for existing wallets. I'm not trying to make it absolutely secure, just want to make it much more difficult to access my fund if someone finds my seed phrase storage.</p> <p>I'm considering this approach:</p> <ol> <li>convert the seed phrase to entropy</li> <li>encrypt entropy with a password</li> <li>convert the encrypted-entropy to a new seed phrase (which is longer)</li> <li>store the encrypted seed phrase</li> </ol> <p>Then, I do the reverse to retrieve the initial seed phrase when needed.</p> <p>I have included JS code to demonstrate it below. I used AES CEB without initial vector, and empty key salt so that I don't need them for decryption.</p> <p>I wonder if there is any major flaw in my approach or my code.</p> <p>I understand making my seed phrase storage more secure with a password makes it more likely that I lose access to my seed phrase storage if I forget the password.</p> <pre class="lang-js prettyprint-override"><code> import crypto from &quot;crypto&quot;; import bip39 from &quot;bip39-light&quot;; const algorithm = &quot;aes-256-ecb&quot;; const initialVector = null; const keySize = 32; const keySalt = &quot;&quot;; const inputPassword = &quot;&quot;; // password goes here const inputMnemonic = &quot;&quot;; // 12 word seed phrase goes here // encrypt 12-word input mnemonic to 24-word mnemonic const encryptedMnemonic = encryptMnemonic(inputMnemonic, inputPassword); // decrypt 24-word mnemonic back to 12-word mnemonic const decryptedMnemonic = decryptMnemonic(encryptedMnemonic, inputPassword); console.log({ inputMnemonic, encryptedMnemonic, decryptedMnemonic }); function encryptMnemonic(mnemonic, password) { const key = crypto.scryptSync(password, keySalt, keySize); const entropy = bip39.mnemonicToEntropy(mnemonic); const cipher = crypto.createCipheriv(algorithm, key, initialVector); let encryptedEntropy = cipher.update(entropy, &quot;hex&quot;, &quot;hex&quot;); encryptedEntropy += cipher.final(&quot;hex&quot;); let encryptedMnemonic = bip39.entropyToMnemonic(encryptedEntropy); return encryptedMnemonic; } function decryptMnemonic(mnemonic, password) { const key = crypto.scryptSync(password, keySalt, keySize); let encryptedEntropy = bip39.mnemonicToEntropy(mnemonic); const decipher = crypto.createDecipheriv(algorithm, key, initialVector); let decryptedEntropy = decipher.update(encryptedEntropy, &quot;hex&quot;, &quot;hex&quot;); decryptedEntropy += decipher.final(&quot;hex&quot;); let decryptedMnemonic = bip39.entropyToMnemonic(decryptedEntropy); return decryptedMnemonic; } </code></pre>

https://bitcoin.stackexchange.com/questions/123765/-/123769#123769 0 Hyunhum Cho https://bitcoin.stackexchange.com/users/147005 2025-08-07T05:00:57Z 2025-08-07T05:00:57Z

<p>Apparently(I haven't run your code) it doesn't seem to have any major flaw, except that ECB mode is not recommended for AES(CBC is good, and GCM is better).</p> <p><a href="https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki" rel="nofollow noreferrer">BIP38</a> could be a good reference for your purpose.</p>

百度