BIP39 Passphrase

(new in v2.0.0)

main-menu

The BIP39 standard supports an optional passphrase which encrypts the seed words and creates a new wallet (master private key) for every possible passphrase. Starting with version 2.0.0 of the Coldcard firmware, you can select a passphrase to be applied to your seed words.

The Coldcard never stores your passphrase. You must re-enter it each time you use the wallet. This improves security and flexibility because you have the option of using many different passphrases, each of which may or may not have funds in them.

Choosing a Passphrase

Thanks to the cryptographic design of BIP39, a weak passphrase does not weaken the safety of the other wallets or help to reveal the seed words. However, if an attacker had your seed words, they could exhaustively search for other wallets. So the usual warnings about using the most complex and longer passphrases does apply.

Entering the Passphrase

After entering your PIN code and unlocking the Coldcard, it starts with an empty passphrase. If you don't want to use the new BIP39 encryption features, you can proceed as you have previously and ignore this feature.

If you do want to use a passphrase, from the main menu of the Coldcard, choose "Passphrase". A explanation screen is shown with this message:

You may add a passphrase to your BIP39 seed words.  This creates
an entirely new wallet, for every possible passphrase.

By default, the Coldcard uses an empty string as the passphrase.

On the next menu, you can enter a passphrase by selecting individual
letters, choosing from the word list (recommended), or by typing
numbers.

Please write down the fingerprint of all your wallets, so you can
confirm when you've got the right passphrase. (If you are writing
down the passphrase as well, it's okay to put them together.) There
is no way for the Coldcard to know if your password is correct, and
if you have it wrong, you will be looking at an empty wallet.

Press OK (checkmark) to continue to the passphrase entry menu:

passphrase menu

The passphrase must be re-entered each time you power up the Coldcard, so we have a few different ways to enter the value.

  1. Edit Phrase
    Enter characters, numbers and symbols by moving up and down and left/right
  2. Add Word
    Choose a word from the BIP39 word list (2048 choices × 6 variations each)
  3. Add Numbers
    Directly enter up to 32 numeric digits using the numpad (very quick)

All three methods can be combined. For example, you could choose the word "Baby" then add your baby's birthday (8 digits) and then top that off with a few symbols, such as: !!!

You can also start over and clear what you have using the "Clear All" menu item.

Next Steps

Once you have entered your passphrase, choose "APPLY" from the menu.

after apply

The top line shows the fingerprint of the new wallet (extended master key fingerprint). It's an 8-digit hex number and it serves as a good check that you've entered the right passphrase.

Write Down Your Wallet Fingerprint

We recommend recording the fingerprint value on paper for later reference. It's safe to store that alongside your passphrase if you do commit both to paper.

At this point, you can press OK to continue and you will return to the main Coldcard menu, and the passphrase will be in effect until you use secure logout or turn off the Coldcard.

Press X to go back and adjust your passphrase if the fingerprint is not what you expected.

Using Coldcard with a BIP39 Passphrase

Related Feature: Lock Down Seed

Your 24 seed words combined with a passphrase, represent a full BIP32 HD-wallet. Normally, you would unlock the seed words based on the PIN code, and then enter the passphrase to get to the "real" wallet.

But we can store that result of those steps as the secret protected by the PIN. Doing so replaces the seed words with the newly calculated master private key (XPRV = extended master private key), and that secret includes the passphrase (securely---it is not reversible).

This option is available under: Advanced > Danger Zone > Lock Down Seed

lock down menu

When you choose that option, you will see a confirmation message, as follows:

This operation computes the extended master private key using your
BIP39 seed words and passphrase, and then saves the resulting value
(xprv) as the wallet secret.

The seed words themselves are erased forever, but effectively there
is no other change. If a BIP39 passphrase is currently in effect,
its value is captured during this process and will be 'in effect'
going forward, but the passphrase itself is erased and unrecoverable.
The resulting wallet cannot be used with any other passphrase.

A reboot is part of this process. PIN code, and funds are not affected.

After confirmation, the process starts and the system reboots. You should enter your PIN and confirm the new system has the correct fingerprint. The menu option to enter BIP39 passphrase will no longer shown.

Seed Words Are Destroyed

This command replaces the seed words inside the secure element. There is no way to recover the original seed words, nor the passphrase.

Backup files created going forward from this point will show an XPRV (extended private key) as the root secret. The seed words are no longer known to the Coldcard and so do not appear in the backup file.

Why Use This?