[arcane_node]

Thanks - I appreciate the comment. It's a valid concern, and one I thought about while making this. Just to clarify a few things:

- I've explicitly discouraged entering a real mnemonic, in several places. In fact I tried to steer people in a safe direction by putting the random generation component first. The article works best when starting with random entropy.

- All the BIP39 logic is handled client-side using paulmillr/scure-bip39, a minimal audited library.

- It works fully offline - no backend, no database, no server calls.

- There are no cookies or tracking scripts beyond simple pageview stats via Plausible (which is privacy-focused)

That said, I’d genuinely welcome suggestions on how to make it more trustable. Do you think open-sourcing the code for the page/site would help?

[jbermudes]

I think you did enough due diligence by putting the random part first, but I suppose one way to stop someone from putting in a real BIP39 mnemonic would be to use a completely different set of words than those allowed in BIP39.

[nick3443]

Make the text fields non-editable or drop them entirely? The writing and clickable demos provide a very good lesson without using any text input.

[sudahtigabulan]

I think the disclaimer is the best an honest site owner could do in this case.

If the site was malicious, there wouldn't be any disclaimer, and once you insert a passphrase, BIP39 or not, in a text field, it's game over. No need to press Submit even, some JavaScript will send it wherever it has to.

[sparkie]

Can you explain why this is a valid mnemonic?

    bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon bacon

[oakwhiz]

The last word contains checksum bits but not all of the bits it represents are checksum bits. It just so happens to be possible for all of them to be the same word here. In this case it can be bacon (139th word) or one of the following: cupboard, double, jelly, neutral, review, smile, voice

[arcane_node]

Exactly what oakwhiz said. Similarly, if you set all 256 bits of the entropy portion to 1 (i.e. you play minesweeper with my grid) then the resulting valid mnemonic is zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo vote. The last word contains the checksum, which is the hash of the string of 1s.