A fuestions about the recovery seed

While I'm waiting to hear back from Trezor from my postal-destroyed model T, I thought I'd read up on a few things on how it works – specifically how recovery seeds work. I read through this article on the wiki about how it works and I think I have a decent understanding about it. Note I'm in no way trying to poke holes or be critical about the process, just trying to figure out how it works and practical expectations.

Since a recovery seed can be used to restore a lost Trezor, this means every address can be derived from the recovery seed correct? In other words, while the seed may be random, once the seed is derived, creating new private keys is deterministic in some way using some defined algorithm?

Is there a way to circumvent this or what sort of limitations may I expect in regards to generating various addresses across various cryptocoins?

Can I use my own entropy in addition to the internal RNG to create the seed (thinking about things like rolling dice and other such randomness)?

Answered via this excellent comment.

A fuestions about the recovery seed

3 thoughts on “A fuestions about the recovery seed”

  1. >Since a recovery seed can be used to restore a lost Trezor, this means every address can be derived from the recovery seed correct?

    Yes, every address is derived from the seed phrase. BIP-39 is deterministic, and this is the standard that Trezor (and other) hardware wallets use.

    ​

    >Is there a way to circumvent this or what sort of limitations may I expect in regards to generating various addresses across various cryptocoins?

    Suite limits you to 10 accounts per coin, but that is only a Suite limitation. Not a limitation of the trezor device or the seed phrase (other wallets you connect the device to can create more addresses from the same seed phrase)

    ​

    >Can I use my own entropy in addition to the internal RNG to create the seed (thinking about things like rolling dice and other such randomness)?

    For the Trezor-generated seed phrase, no, but you can add a passphrase which basically modifies the seed phrase. This effectively does what you are asking. You could also create the entire seed phrase yourself and not use a Trezor generated seed phrase.

  2. The recovery seed gains you access to the wallet, which has all of the addresses in it. Any addresses you created new or old are associated to the trezor wallet, and the corresponding seed phrase. I do not think there is a way to add your own randomness to it. The seed is just a phrase to gain access to the wallet. The wallet has all of your addresses and information to the cryptos that is actually held on the block chains.

  3. > Can I use my own entropy in addition to the internal RNG to create the seed (thinking about things like rolling dice and other such randomness)?

    Not “in addition” but you can completely replace the RNG with dice (and coin). It is insanely complicated and impractical, but if you have loads of time, you can do it. Basically you can use dice (and coin) to pick 20 or 30 words to try to combine into a 12-word seed. You will generally have a 1 in 16 chance of “rolling” a valid seed mnemonic. So assuming it takes you 5 minutes to perform a recovery operation, this would take a few hours.

    BIP39-diceware full writeup (not for the faint at heart)

Leave a Comment