[arcane_node]

Hey, author here. I made this to help technically curious people understand what's really going on when they're handed a Bitcoin seed phrase (i.e. why it's not just a password). You can flip bits of entropy, explore checksum validation, and see how mnemonic phrases are turned into deterministic wallets. Feedback welcome. If anything breaks I’ll fix it fast.

[brudgers]

I could not help but think of a class of early internet scam websites offering to check if your credit card number was stolen.

I'm sure that you aren't just collecting wallet seeds, but that's what it reminds me of.

[arcane_node]

Thanks - I appreciate the comment. It's a valid concern, and one I thought about while making this. Just to clarify a few things:

- I've explicitly discouraged entering a real mnemonic, in several places. In fact I tried to steer people in a safe direction by putting the random generation component first. The article works best when starting with random entropy.

- All the BIP39 logic is handled client-side using paulmillr/scure-bip39, a minimal audited library.

- It works fully offline - no backend, no database, no server calls.

- There are no cookies or tracking scripts beyond simple pageview stats via Plausible (which is privacy-focused)

That said, I’d genuinely welcome suggestions on how to make it more trustable. Do you think open-sourcing the code for the page/site would help?

[jbermudes]

I think you did enough due diligence by putting the random part first, but I suppose one way to stop someone from putting in a real BIP39 mnemonic would be to use a completely different set of words than those allowed in BIP39.

[nick3443]

Make the text fields non-editable or drop them entirely? The writing and clickable demos provide a very good lesson without using any text input.

[sudahtigabulan]

I think the disclaimer is the best an honest site owner could do in this case.

If the site was malicious, there wouldn't be any disclaimer, and once you insert a passphrase, BIP39 or not, in a text field, it's game over. No need to press Submit even, some JavaScript will send it wherever it has to.

[sparkie]

Can you explain why this is a valid mnemonic?

    bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon

[oakwhiz]

The last word contains checksum bits but not all of the bits it represents are checksum bits. It just so happens to be possible for all of them to be the same word here. In this case it can be bacon (139th word) or one of the following: cupboard, double, jelly, neutral, review, smile, voice

[arcane_node]

Exactly what oakwhiz said. Similarly, if you set all 256 bits of the entropy portion to 1 (i.e. you play minesweeper with my grid) then the resulting valid mnemonic is zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote. The last word contains the checksum, which is the hash of the string of 1s.

[er4hn]

This is really fun, thanks for putting it together. I appreciated the checksum and entropy visualizers quite a bit, they made how it works "click" for me.

[arcane_node]

Thanks er4hn, I'm glad to hear it!