The core security assumption of bitcoin self custody is a random and secret private key. As I am not a cryptographer, I cannot say anything particularly interesting here other than:

  1. A private key is a big number
  2. Randomly creating big numbers is hard for computers and humans
  3. A bitcoin seed is the ‘seed’ of this private key and can be used to generate the key in a bitcoin wallet
  4. A seed can be represented by a 24 word mnemonic, which is easier for humans to store, transcribe, remember without errors

Lunaticion has written more extensively on this problem here

To create a Minimum Viable (MV) offline private key, I’m going to describe the simplest setup possible:

1. A one use offline computer

If we do something sensitive on a computer, especially one connected to the internet, we might leave a trace for someone to find. If anyone can find our private key, they can steal all our bitcoin.

This is bad.

By using a one use operating system that loads into RAM, we won’t leave data artifact on the computer from seed generation. We can use any operating system that has a live image, but Tails is privacy and security focused, so we’ll use that.

2. A source of pretty random entropy

Computers and humans are both bad at being random. Don’t ask me why, its an established fact.

However dice and shuffled playing cards can be quite random. We’ll use either of those.

You can also create raffle tickets and combine random ticket drawings with dice, as described here

3. Offline software we can us to generate and verify our bitcoin private key / seed

We can take the entropy of dice or random card draws and combine them with the seedtool on an offline computer to create a seed.

But since we’re going to store actual money using this number, how do we verify that the created seed is valid?

We’ll test our seed using Ian Coleman’s Mnemonic Code Converter. If the 24 BIP39 seed words generated by the seedtool generate the same BIP39 seed in Ian’s Mnemonic Code Converter, then we have some assurance that we’ve copied the data down correctly and the seed generated by the seedtool isn’t malformed.

The process:

  1. Boot up tails
  2. Open up this website in your browser
  3. Download the seedtool
  4. Check the signature
  5. Load Ian’s mnemonic page
  6. Turn off networking (software and physical)
  7. Generate entropy using cards or dice
  8. Enter entropy into seedtool
  9. Write down your 24 seed words
  10. Put your 24 seed words into the Ian’s tool, caluculate, do your BIP39 seeds match?
  11. If yes, great, if not, try again
  12. Shutdown the computer

You now have a seed that was generated with convenient tools but in an offline environment with minimal chance of leakage.

Managing that seed? That’s a whole different problem.