Bitcoin BIP-85 deterministic entropy:
10,000 seeds; one backup

Here are just a few ways to take advantage of this powerful function:

• Back up all your phone wallets with one seed
• Simplify key management for your organization
• Try out new wallets without having to create and track individual backups
• Make learner wallets for family members

Generate thousands of seeds with BIP-85 deterministic entropy

BIP-85 is a Bitcoin standard that introduced a process to mathematically derive multiple seeds from the value of just one seed. The derived seeds are unique and cannot be traced back to one another, nor can they be traced back to the original seed value. You can use the original seed to recreate any derived seed should you need to do so. Backing up your original seed backs up all the seeds derived from it. This is possible due to deterministic entropy.

Deterministic entropy sounds complicated (it is, but we'll go over the basics), but COLDCARD^® makes it easy to use. COLDCARD's Derive Entropy function employs BIP-85 and generates new seeds which are easily imported into other wallets. One COLDCARD, one master seed, one backup, thousands of possible wallets.

Technical details

We'll keep it simple here, but if you want to explore the technical details, you can review BIP-85 in its entirety. BIPs often build on one another, so you may be in for a lot of reading. In this case, BIP-85 builds upon BIP-39 and BIP-32.

Deterministic entropy: non-technical basics

When you see "deterministic," think "repeatable." In computer science, a deterministic algorithm, a set of defined steps used to solve a problem, will always give you the same output no matter how many times you use the same input. Input X goes in; output Y comes out — every single time.

Entropy means random data or random values. By default, a COLDCARD provides entropy for generating your 24 seed words. Options are available to add dice rolls to increase the randomness introduced into the seed generation process, or you can roll all 256 bits of entropy yourself. These random input values impact the resulting seed words. Once you have those seed words, you can use them recover your wallet if needed. What you can't do is work backwards from those seed words to recover the random input values. It's a one-way calculation.

BIP-85 sets up a one-way, but not one-time, process of creating entropy to generate new seeds using your master seed. This derived seed can be regenerated and restored by applying the same deterministic process to the same inputs (your master seed, seed type, and index as you'll see in the next section). The derived seed cannot be reverse engineered to determine the master seed. If one or more seeds become compromised, the master seed is still safe.

The repeatability of this process can be checked using a second COLDCARD. You can load another COLDCARD with a BIP-85 seed. Compare the addresses, extended public keys (XPUBs), etc., generated. Why? This proves the firmware is the same, XPUBs are the same, and the COLDCARD is reliable. All without exposing the master seed.

Export multiple seed types and explore different wallets

Different wallets use different seed standards, making it tedious to try out new wallets and back them up. Organizations want to maintain separate wallets for personnel or departments. Friends or family may look to a trusted person to help them learn about Bitcoin. Developers need to generate multiple wallet seed types quickly for testing. You can use one master seed for all these cases.

With deterministic entropy, you can create a variety of seeds to set up almost any type of wallet. Use your COLDCARD to export any of the following formats:

• BIP-39
  • 12 words
  • 18 words
  • 24 words
• WIF (private key)
• XPRV (BIP-32)
• Hex
  • 32 bytes
  • 64 bytes

Pick a format, choose an index number between 0 and 9999 and use the generated seed in the wallet of your choice!

Back up all your derived wallets with the master seed

Because the calculations involved are repeatable (deterministic), you can import your master seed on a different COLDCARD, use the Derive Entropy function, select the same seed format and index number and generate the exact same seed.

So what's the best way to back up this master seed? Saving an encrypted backup to a microSD card is an option though it has its drawbacks. Paper may be well-secured but it's easily destroyed. The solution is metal: SEEDPLATE^™— a durable metal backup for your master seed. You can take this a step further by protecting your master seed with Seed XOR. Seed XOR is a way to separate your master seed into two or more different sets of 24 BIP-39 compatible seed words. Store your SEEDPLATEs separately and bring them together only if necessary to restore your master seed.

Long-term hodl best practices

We still recommend people keep their deep cold hodl funds separate from their spending funds. It's best to have one or more master seeds for your spending wallet and one or more many master seeds for your long-term hodl. Use a spending master seed to generate more spending seeds. It's important to segregate funds.

Guides

•Find the official COLDCARD documentation here
•Econoalchemist: Using BIP85 on ColdCard to derive a fresh wallet & import it to Samourai. by @econoalchemist

video by @KISBitcoin