Select Chapter
Chapter 1: Quickstart! Start Here!
Chapter 2: Guide For Bitcoin Beginners
Chapter 3: Hardware Features
Chapter 4: BIP-39 Passphrase
Chapter 5: COLDCARD Middle Ground Guide
Chapter 6: COLDCARD Paranoid Guide
Chapter 7: COLDCARD Ultra Quick Guide
Chapter 8: Comparing A Few Hardware Wallets
Chapter 9: Comparing Hardware Wallets
Chapter 10: Compatible Software Wallets and Tools
Chapter 11: Derivation Paths and Accounts
Chapter 12: Encrypted Backups
Chapter 13: HSM Mode and CKBunker
Chapter 14: How to Clone or Migrate a COLDCARD
Chapter 15: Migrate from Ledger or Trezor to COLDCARD
Chapter 16: Physical Security Notes
Chapter 17: Recovery Cards Downloads
Chapter 18: Sending and Receiving Bitcoin for Beginners
Chapter 19: Signing a Text File
Chapter 20: Upgrade Firmware
Chapter 21: microSD Card Related
Chapter 22: Settings Menu
Chapter 23: Address Explorer
Chapter 24: BIP-85 Passwords
Chapter 25: Descriptors & Multisig
Chapter 26: Ephemeral Seed
Chapter 27: NFC Tools
Chapter 28: Advanced Menu
Chapter 29: Importing or Creating Private Keys
Chapter 30: Multisig Features
Chapter 31: Command Line Tools
Chapter 32: Downloads
Chapter 33: Version History
Chapter 34: Verifying Dice Roll Math
Chapter 35: Paper Wallets
Chapter 36: Export Deterministic Entropy (BIP-85)
Chapter 37: Seed XOR
Chapter 38: Glossary
Chapter 39: Trouble Shooting
Chapter 40: Table of Contents
Docs Menu
  • COLDCARD Docs
  • User Guide
  • Other Features and Tools
  • Advanced Topics
  • Specifications
  • Guides by the Community
  • How To Videos
  • Glossary
  • Hardware Wallet Comparison
  • New in Mk4
    • /

    User Guide

    Select Chapter
    Chapter 1: Quickstart! Start Here!
    Chapter 2: Guide For Bitcoin Beginners
    Chapter 3: Hardware Features
    Chapter 4: BIP-39 Passphrase
    Chapter 5: COLDCARD Middle Ground Guide
    Chapter 6: COLDCARD Paranoid Guide
    Chapter 7: COLDCARD Ultra Quick Guide
    Chapter 8: Comparing A Few Hardware Wallets
    Chapter 9: Comparing Hardware Wallets
    Chapter 10: Compatible Software Wallets and Tools
    Chapter 11: Derivation Paths and Accounts
    Chapter 12: Encrypted Backups
    Chapter 13: HSM Mode and CKBunker
    Chapter 14: How to Clone or Migrate a COLDCARD
    Chapter 15: Migrate from Ledger or Trezor to COLDCARD
    Chapter 16: Physical Security Notes
    Chapter 17: Recovery Cards Downloads
    Chapter 18: Sending and Receiving Bitcoin for Beginners
    Chapter 19: Signing a Text File
    Chapter 20: Upgrade Firmware
    Chapter 21: microSD Card Related
    Chapter 22: Settings Menu
    Chapter 23: Address Explorer
    Chapter 24: BIP-85 Passwords
    Chapter 25: Descriptors & Multisig
    Chapter 26: Ephemeral Seed
    Chapter 27: NFC Tools
    Chapter 28: Advanced Menu
    Chapter 29: Importing or Creating Private Keys
    Chapter 30: Multisig Features
    Chapter 31: Command Line Tools
    Chapter 32: Downloads
    Chapter 33: Version History
    Chapter 34: Verifying Dice Roll Math
    Chapter 35: Paper Wallets
    Chapter 36: Export Deterministic Entropy (BIP-85)
    Chapter 37: Seed XOR
    Chapter 38: Glossary
    Chapter 39: Trouble Shooting
    Chapter 40: Table of Contents

    Verifying Dice Roll Math

    Background



    Video: COLDCARD Dice Rolls seed entropy

    You have the option of creating the seed value for your Coldcard by rolling a six-sided dice (D6). Choose "Dice Rolls" from the "Import Wallet" screen.

    You just keep pressing 1–6 as you roll.

    This allows you to remove any risk of the Coldcard's random number generator (RNG) being compromised, and you are creating the private key directly. In that way it's not really an 'key import', but a 'create key'.

    Number of Rolls

    Please note that each roll of a D6 dice provides only 2.585 bits of additional entropy (randomness). Therefore, for 128-bit security, which we consider the absolute minimum, you need 50 rolls, and for 256-bits of security, 99 rolls. The Coldcard does not limit the number of rolls, but will warn you if you apply too few rolls.

    Duplicating Our Math

    But what if we lied and still used some tricky way to pick a non-random but random-looking value for the seed?



    Video: Dice Rolls on Tails

    You may have noticed the first screen always looks like this:

    zero rolls

    The seed value is calculated as SHA256 over the rolls, when expressed as an ASCII string. Therefore, you will always see e3b0c... 27ae4... b855 as a starting value, since that's SHA256 over an empty string. You can calculate other values using Python as follows:

    >>> from hashlib import sha256
>>> sha256(b'').hexdigest()
'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
>>> sha256(b'123456').hexdigest()
'8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92'

    Values can also be calculated from the command line (shell) of most computers using one of the following commands:

    $ echo -n 123456 | sha256sum
8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92

    $ echo -n 123456 | openssl sha256
(stdin) = 8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92

    The ideal environment to perform this checking is a computer running Tails - The Amnesic Incognito Live System, preferable without any network connection and no hard drives. Do not use your actual dice rolls on a normal desktop system as that will completely comprise the security of your Coldcard!

    You may be worried that this hex number shown on the Coldcard is not honestly converted into the seed words. To check that we are applying BIP-39 correctly, you can use this simple python3 program: rolls.py or rolls12.py for 12 word seeds.

    $ echo 123456 | python3 rolls.py
8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92

WARNING: Input is only 15 bits of entropy

   1: mirror
   2: reject
   3: rookie
   4: talk
   5: pudding
   6: throw
   7: happy
   8: era
   9: myth
  10: already
  11: payment
  12: own
  13: sentence
  14: push
  15: head
  16: sting
  17: video
  18: explain
  19: letter
  20: bomb
  21: casual
  22: hotel
  23: rather
  24: garment


$ echo 123456 | python3 rolls12.py
8d969eef6ecad3c29a3a629280e686cf

WARNING: Input is only 15 bits of entropy

   1: mirror
   2: reject
   3: rookie
   4: talk
   5: pudding
   6: throw
   7: happy
   8: era
   9: myth
  10: already
  11: payment
  12: owner

    As you can see, it shows the hash (which you can cross verify as above with other command-line tools) and then shows the corresponding BIP-39 mnemonic words.

    Again, a Tails system is ideal for this verification process.

    1) Get a copy of rolls.py (or rolls12.py for 12 word seeds) onto the Tails system.

    2) Run your dice rolls through rolls.py (or rolls12.py):

    • In Tails, open "Applications > System Tools > Terminal".

    • Type this sequence of commands:

    $ cd "Tor Browser"
$ ls

    • You should see the rolls.py (or rolls12.py) program you downloaded already. If you used some other means to get it into your Tails system, go to the directory where it's located.

    • Further Internet access or write access to any media is not required or desired past this point.

    • Type this:

    $ echo 123456 | python3 rolls.py
# or
$ echo 123456 | python3 rolls12.py

    • It should print the hash and seed words shown above (8d96...6c92 and mirror .. garment).

    • Repeat but using the dice rolls you provided to Coldcard. Both should arrive at the same set of seed words.

    Previous Next

    Search Results for ""

    We've found relevant search results.