Ninjastic
PostEdited versionsQuotes to this post
Next scheduled rescrape ... never
Version 2
Last scraped
Scraped on 08/06/2025, 05:43:32 UTC
Quote from: Ambatman on May 30, 2025, 05:25:25 PM
No like you assumed The seedphrase is not passed directly into PBKDF2 as a string of words. Instead, the mnemonic phrase is first converted back to its binary bits using the BIP39 wordlist not by the function but wallet software.
So the password input to PBKDF2 is this binary string i.e entropy and checksum, not the text of the mnemonic words themselves.

You are incorrect. The text of the mnemonic phrase is passed to the PBKDF2 function. The mnemonic phrase is not converted decoded back to the entropy it encodes. As such, anything can be passed to the PBKDF2 function. It does not have to be valid BIP-39. It doesn't even have to be text.

From BIP-39:
Quote
To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).
...
Although using a mnemonic not generated by the algorithm described in "Generating the mnemonic" section is possible, ...

The only reason for decoding the phrase to its original binary is to validate the checksum.
Version 1
Scraped on 08/06/2025, 05:18:46 UTC
Quote from: Ambatman on May 30, 2025, 05:25:25 PM
No like you assumed The seedphrase is not passed directly into PBKDF2 as a string of words. Instead, the mnemonic phrase is first converted back to its binary bits using the BIP39 wordlist not by the function but wallet software.
So the password input to PBKDF2 is this binary string i.e entropy and checksum, not the text of the mnemonic words themselves.

You are incorrect. The text of the mnemonic phrase is passed to the PBKDF2 function. The mnemonic phrase is not converted back to the entropy it encodes. As such, anything can be passed to the PBKDF2 function. It does not have to be valid BIP-39. It doesn't even have to be text.

From BIP-39:
Quote
To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).
...
Although using a mnemonic not generated by the algorithm described in "Generating the mnemonic" section is possible, ...
Original archived Re: Steps from Seed Phrase to Master Private Key
Scraped on 08/06/2025, 05:13:50 UTC
Quote from: Ambatman on May 30, 2025, 05:25:25 PM
No like you assumed The seedphrase is not passed directly into PBKDF2 as a string of words. Instead, the mnemonic phrase is first converted back to its binary bits using the BIP39 wordlist not by the function but wallet software.
So the password input to PBKDF2 is this binary string i.e entropy and checksum, not the text of the mnemonic words themselves.

You are incorrect. The text of the mnemonic phrase is passed to the PBKDF2 function. The mnemonic phrase is not converted back to the entropy it encodes. As such, anything can be passed to the PBKDF2 function. It does not have to be valid BIP-39.