• econoalchemist

Using BIP85 on ColdCard to derive a fresh wallet & import it to Samourai.

An article on minimizing trust by generating keys offline, compiling an Android app, and using your own node.



In this article I describe how to generate a new 12-word seed phrase using the @COLDCARDwallet BIP85 implementation. Then I demonstrate how to build the Samourai Wallet app from source for an Android device. The 12-word seed phrase is then imported to @SamouraiWallet and then connected to my own @RoninDojoUI Bitcoin full node.

BIP85 enabled wallets can create private keys for many wallets. This way, users only need to secure one backup. From there, all other wallets can be restored by their index number. See the thread below for setting up a @COLDCARDwallet from scratch and other BIP85 uses.

https://www.econoalchemist.com/post/deriving-entropy-on-coldcard-wallet-with-bip85


Securing your master seed phrase in a durable medium like metal is advisable. @bitcoinbackup is awesome and there are many other resourceful solutions. For example, stamping your seed phrase into washers and securing them with a bolt:

https://twitter.com/econoalchemist/status/1312420720928911360?s=20



Once @COLDCARDwallet is set up with your master wallet, navigate to Advanced>Derive Entropy. If a BIP39 passphrase is present, a warning will be displayed. This means that in order to restore the BIP85 derived wallets, the ColdCard's master 24-word seed and the user's secret "25th word" are required for restoration.

Next select the private key format, @COLDCARDwallet can generate 12-word, 18-word, 24-word, WIF, xprv BIP32, 32-byte hex or 64-byte hex. @SamouraiWallet supports importing BIP39 & BIP44 keys. A 12-word key is being used here. Make note of the index number used! In the event wallet restoration is necessary for the wallet I'm about to import to Samourai Wallet I would need:

  1. My ColdCard PIN to access the hardware device.

  2. The master BIP39 passphrase to access the wallet that I was working in when deriving entropy for the Samourai Wallet.

  3. The index number I used to generate the 12-word phrase for the Samourai Wallet.

  4. The BIP39 passphrase for the resulting wallet.

Now that the 12-word seed phrase has been generated that I want to use for the Samourai Wallet, I'm going to set the ColdCard aside while I get the Samourai Wallet prepared. Next, the @SamouraiWallet Android application needs to be installed. In this example, it will be compiled from source by navigating to their repository:

https://code.samourai.io/wallet/samourai-wallet-android


Ensure the 'samourai-wallet-android' directory is selected, check the version number, and download the zip file or clone via other methods.




Open Android Studio or install if necessary. All the default settings will work for this example. Select open an existing project and navigate to the folder unzipped from the download.

https://developer.android.com/studio


Navigate to Tools>SDK Manager.

Ensure the SDK Tools tab is selected & the Show Package Details box is checked.

Then select 29.0.3, hit Apply, hit Ok.


Then navigate to Build>Build Bundle(s) / APK(s)>Build APK(s). This process should only take a few minutes to run and should populate a successful build notification in the lower left side of the interface window when finished.








Where ever the zip file was unpacked is where the APK file will be saved on your PC. Navigate to that folder and then the following file path:


samourai-wallet-android-develop\app\build\outputs\apk\production\debug


Plug the Android device into the PC. Drag & drop this APK to it. Ensure file transfer is enabled on your Android device.








Navigate to the Android device's Files folder and select the appropriate APK. One you select the appropriate APK it should prompt you asking if you want to install it. Some warning prompts may come up too.





Once the APK has been installed ensure Tor is activated, selected the 3-dot menu in the upper right-hand corner, & Connect to Dojo. Then scan the QR code on the @RoninDojoUI.



That will connect your Samourai Wallet on your Android device to your own Dojo full node. This means the xpub of your Samourai Wallet is not shared with anyone else and you are verifying your transactions against your own copy of the Bitcoin blockchain. If you are interested in building your own Dojo, I put together some information about the @SamouraiWallet + @RoninDojoUI stack in this article:

https://www.econoalchemist.com/post/samourai-wallet-ronin-dojo-an-article-on-privacy-anonymity-options




Once the Dojo is connected to Samourai Wallet, select the 3-dot menu again and choose Import Existing Wallet, then enter the 12-word phrase generated by @COLDCARDwallet. Optionally, a BIP39 phrase can also be added to this wallet. The BIP39 passphrase is separate from BIP85 key.






Now the @SamouraiWallet can be connected to Whirlpool GUI where UTXOs enjoy high entropy mixes that never reuse addresses and always break deterministic links, all backed by your own full node Dojo @RoninDojoUI. If the Android device is lost then @COLDCARDwallet has the backup. And if the ColdCard is lost, then the metal washer backup will have that backup, which can be used to recreate the Samourai Wallet.


Plus each @SamouraiWallet gets a BIP47 PayNym and has several privacy enhancing post-mix spending tools like Stowaway (PayJoin), Stonewallx2, & Ricochet.




Now I have an instance of Samourai Wallet on my Android device that I built from source, plus the private key was generated offline with my ColdCard, and the wallet is connected to my own Dojo full node.


To learn more about this content check out these resources:


https://bitcoinqna.com/post/coldcard-101


https://keepitsimplebitcoin.com/coldcard-2/


https://code.samourai.io/explore


https://wiki.ronindojo.io/


Some other thought provoking content on verifying entropy:

https://medium.com/@bjdweck/two-heads-are-better-than-one-de6df5562535


Thanks for reading! I hope this got you thinking about the many ways to backup your wallets and how BIP85 can be used to secure them with one device. And how this can all be done while keeping privacy in mind. So long as I have the metal backup, I could lose my phone and my ColdCard, and still be able to recreate both wallets from one backup.


If you enjoyed this content, leave me a tip here: Donate.


This article is available as a Twitter thread here.

166 views