BIP-85 simply explained
Create any number of wallets with just one backup
With the help of BIP-85 and "deterministic entropy", it should be possible to create any number of additional wallets from an existing wallet without having to save a new backup. How is this supposed to work and, above all, what is it all for?
Words, just words
Anyone who has ever set up a Bitcoin wallet will probably already be familiar with the concept of 12 or 24 recovery words. With this "seed phrase", it is possible to restore all private and public keys, and therefore control over an entire wallet, at any time. And this is completely independent of the software or hardware wallet used.
Behind these words is basically nothing more than a very large number, or in other words Information. Theoretically, any number could be used, converted into valid recovery words and typed into a wallet. Of course, such a wallet can only be considered truly secure if this number was generated completely randomly and no one has unauthorized access to it.
Derivation paths
If you delve a little deeper into the technical functionality of modern Bitcoin wallets, you quickly come across the topic of so-called derivation paths. After all, it must be possible to generate any number of new Bitcoin addresses and therefore new private keys from the fixed recovery words, which cannot simply be changed. This is exactly what happens with the help of cryptographic hash functions, which are also used in mining. From a technical perspective, hash functions such as SHA-256 are what make the security of the Bitcoin network possible in the first place.
The specific details of how the private keys are derived can be omitted here and have already been described in detail elsewhere on Blocktrainer.de. The only important thing for the actual topic of this article is that we can use derivation paths to determine exactly which private key we want to derive from the original recovery words. Put simply, these paths simply describe how often a hash function must be applied to the recovery words or the number behind them.
BIP-85
Remember: the real secret behind a Bitcoin wallet is nothing other than information, i.e. a number. So why not use a key derived from 24 words, for example, to create new 24 words and thus a new wallet? This is precisely where the BIP-85 (Bitcoin Improvement Proposal) comes in and proposes a uniform standard for creating new wallets based on an existing wallet. Strictly speaking, the functionality of BIP-85 is not limited to the creation of new wallets, but can be used in general for deriving information (called "deterministic entropy" in the standard).
An exclusive derivation path is used to derive the BIP-85 keys ("child keys"). In the normal use of a wallet, e.g. with the currently common native Segwit addresses, you do not even come close to this path. The keys derived using BIP-85 are therefore never used for other purposes and are "isolated", so to speak, from the rest of the wallet and the actual private keys.
Due to the "one-way street" nature of the hash functions used, it is also not possible for anyone to deduce the original seed from a BIP-85 key or the newly created wallet, just as it is not possible to deduce the underlying private key from a Bitcoin address. For this reason, BIP-85 child keys that were created with a hardware wallet, for example, can be used as a "hot wallet" on a potentially insecure device without jeopardizing the secure "cold wallet".
Note: Any number of keys can be derived from the seed of a wallet. BIP-85 is a standard for using this feature to create new wallets, for example, without coming into contact with the "actual wallet".
Why all this?
One of the use cases of BIP-85, the creation of new wallets, has already been mentioned several times. But why do you need a standard that seems complicated at first glance when you can create a completely new wallet "as normal"?
The major advantage of BIP-85 can be broken down into a single, but not unimportant aspect: Backups. Like the derivation of private keys, the derivation of BIP-85 child keys can be repeated as often as required. Due to the clear link to the original seed, the same BIP-85 child keys and therefore all other wallets can always be restored - with just a single backup.
Note: BIP-85 can generally be used to derive secret information without having to additionally secure it. All BIP-85 child keys can be restored with just one backup, which is already available anyway.
Exemplary applications for this would be:
- Creating additional Bitcoin wallets, e.g. as a hot wallet on a smartphone or for a family member.
- Creating important passwords that must not be forgotten.
- The creation of a Nostr account.
- ...
BitBox Brienz update
Fortunately, BIP-85 is not just a boring theory, but can already be used in practice with various wallets. This includes BitBox02, which recently received support for creating new wallets using BIP-85 with the Brienz update. Users of the latest version can use the expert settings in the BitBox app to derive new recovery words, both with 12 and 24 words, as often as they like.
The Lightning wallet in the BitBoxApp, which is currently still under development, is also derived with the help of BIP-85, which makes uncomplicated recovery with BitBox02 possible in the first place.
Conclusion
BIP-85 offers a simple and practical way for users to use their existing backup for more than just one wallet. Instead of numerous recovery words for various lighning and hot wallets flying around on pieces of paper, the private key for the Nostr account not being backed up anywhere anyway and having to worry about your spouse's wallet backup, BIP-85 can bring order to the system. The secure storage of a single backup is the focus and allows you to keep track of your own digital key ring.
