I want to add a some safety to my seed phrase storage for current wallets. I am not attempting to make it completely safe, simply need to make it far more troublesome to entry my fund if somebody finds my seed phrase storage.
I am contemplating this strategy:
- convert the seed phrase to entropy
- encrypt entropy with a password
- convert the encrypted-entropy to a brand new seed phrase (which is longer)
- retailer the encrypted seed phrase
Then, once I need to use seed phrase, I do the reverse to retrieve the preliminary seed phrase. I’ve included JS code to exhibit it beneath. I used AES CEB with out preliminary vector, and empty key salt in order that I do not want them for decryption.
I ponder if there’s any main flaw in my strategy or my code.
I perceive making my seed phrase storage safer with a password makes it extra probably that I lose entry to my seed phrase storage if I overlook the password.
import crypto from "crypto";
import bip39 from "bip39-light";
const algorithm = "aes-256-ecb";
const initialVector = null;
const keySize = 32;
const keySalt = "";
const inputPassword = ""; // password goes right here
const inputMnemonic = ""; // 12 phrase seed phrase goes right here
// encrypt 12-word enter mnemonic to 24-word mnemonic
const encryptedMnemonic = encryptMnemonic(inputMnemonic, inputPassword);
// decrypt 24-word mnemonic again to 12-word mnemonic
const decryptedMnemonic = decryptMnemonic(encryptedMnemonic, inputPassword);
console.log({ inputMnemonic, encryptedMnemonic, decryptedMnemonic });
operate encryptMnemonic(mnemonic, password) {
const key = crypto.scryptSync(password, keySalt, keySize);
const entropy = bip39.mnemonicToEntropy(mnemonic);
const cipher = crypto.createCipheriv(algorithm, key, initialVector);
let encryptedEntropy = cipher.replace(entropy, "hex", "hex");
encryptedEntropy += cipher.closing("hex");
let encryptedMnemonic = bip39.entropyToMnemonic(encryptedEntropy);
return encryptedMnemonic;
}
operate decryptMnemonic(mnemonic, password) {
const key = crypto.scryptSync(password, keySalt, keySize);
let encryptedEntropy = bip39.mnemonicToEntropy(mnemonic);
const decipher = crypto.createDecipheriv(algorithm, key, initialVector);
let decryptedEntropy = decipher.replace(encryptedEntropy, "hex", "hex");
decryptedEntropy += decipher.closing("hex");
let decryptedMnemonic = bip39.entropyToMnemonic(decryptedEntropy);
return decryptedMnemonic;
}