Sample code for 30+ languages & platforms
Delphi DLL

BIP39 Compute Binary Seed from Mnemonic

See more Encryption Examples

Creates a binary seed from a mnemonic. Uses the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).

Chilkat Delphi DLL Downloads

Delphi DLL
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, BinData, Crypt2;

...

procedure TForm1.Button1Click(Sender: TObject);
var
crypt: HCkCrypt2;
mnemonic: PWideChar;
passphrase: PWideChar;
expectedSeed: PWideChar;
expectedMasterKey: PWideChar;
bdSalt: HCkBinData;
computedSeed: PWideChar;
bdSeed: HCkBinData;
hmacSha512_hex: PWideChar;
bdHmac: HCkBinData;
bdXprv: HCkBinData;
bdHash: HCkBinData;
secondHash: PWideChar;
computedMasterKey: PWideChar;

begin
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

crypt := CkCrypt2_Create();

// Test with the test vectors at https://github.com/trezor/python-mnemonic/blob/master/vectors.json

// This is the 2nd test vector..
mnemonic := 'legal winner thank year wave sausage worth useful legal winner thank yellow';
passphrase := 'TREZOR';
expectedSeed := '2e8905819b8723fe2c1d161860e5ee1830318dbf49a83bd451cfb8440c28bd6fa457fe1296106559a3c80937a1c1069be3a3a5bd381ee6260e8d9739fce1f607';
expectedMasterKey := 'xprv9s21ZrQH143K2gA81bYFHqU68xz1cX2APaSq5tt6MFSLeXnCKV1RVUJt9FWNTbrrryem4ZckN8k4Ls1H6nwdvDTvnV7zEXs2HgPezuVccsq';

// The mnemonic sentence (in UTF-8 NFKD) used as the password.
// The string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt.
// The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function.
// The length of the derived key is 512 bits (= 64 bytes). 

// We want the computed seed to be lowercase hex, therefore our salt must also be hex.
// The seed is the keyword "mnemonic" + passphrase (in this case is "TREZOR") converted to hex.
bdSalt := CkBinData_Create();
CkBinData_AppendString(bdSalt,'mnemonic','utf-8');
CkBinData_AppendString(bdSalt,passphrase,'utf-8');

computedSeed := CkCrypt2__pbkdf2(crypt,mnemonic,'utf-8','sha512',CkBinData__getEncoded(bdSalt,'hex_lower'),2048,512,'hex_lower');

Memo1.Lines.Add('Expected: ' + expectedSeed);
Memo1.Lines.Add('Computed: ' + computedSeed);

// To compute the hd_master_key, duplicate this Python code:

//     def to_hd_master_key(seed: bytes, testnet: bool = False) -> str:
//         if len(seed) != 64:
//             raise ValueError("Provided seed should have length of 64")
// 
//         # Compute HMAC-SHA512 of seed
//         seed = hmac.new(b"Bitcoin seed", seed, digestmod=hashlib.sha512).digest()
// 
//         # Serialization format can be found at: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Serialization_format
//         xprv = b"\x04\x88\xad\xe4"  # Version for private mainnet
//         if testnet:
//             xprv = b"\x04\x35\x83\x94"  # Version for private testnet
//         xprv += b"\x00" * 9  # Depth, parent fingerprint, and child number
//         xprv += seed[32:]  # Chain code
//         xprv += b"\x00" + seed[:32]  # Master key
// 
//         # Double hash using SHA256
//         hashed_xprv = hashlib.sha256(xprv).digest()
//         hashed_xprv = hashlib.sha256(hashed_xprv).digest()
// 
//         # Append 4 bytes of checksum
//         xprv += hashed_xprv[:4]
// 
//         # Return base58
//         return b58encode(xprv)

// First compute the HMAC-SHA512 of the computedSeed
bdSeed := CkBinData_Create();
CkBinData_AppendEncoded(bdSeed,computedSeed,'hex_lower');
CkCrypt2_putEncodingMode(crypt,'hex_lower');
CkCrypt2_putHashAlgorithm(crypt,'sha512');
CkCrypt2_SetMacKeyString(crypt,'Bitcoin seed');
hmacSha512_hex := CkCrypt2__macBdENC(crypt,bdSeed);

bdHmac := CkBinData_Create();
CkBinData_AppendEncoded(bdHmac,hmacSha512_hex,'hex_lower');

bdXprv := CkBinData_Create();
CkBinData_AppendEncoded(bdXprv,'0488ade4','hex_lower');
CkBinData_AppendEncoded(bdXprv,'000000000000000000','hex_lower');
CkBinData_AppendEncoded(bdXprv,CkBinData__getEncodedChunk(bdHmac,32,32,'hex_lower'),'hex_lower');
CkBinData_AppendByte(bdXprv,0);
CkBinData_AppendEncoded(bdXprv,CkBinData__getEncodedChunk(bdHmac,0,32,'hex_lower'),'hex_lower');

// Double hash using SHA256
CkCrypt2_putEncodingMode(crypt,'hex_lower');
CkCrypt2_putHashAlgorithm(crypt,'sha256');

bdHash := CkBinData_Create();
CkBinData_AppendEncoded(bdHash,CkCrypt2__hashBdENC(crypt,bdXprv),'hex_lower');
secondHash := CkCrypt2__hashBdENC(crypt,bdHash);
CkBinData_Clear(bdHash);
CkBinData_AppendEncoded(bdHash,secondHash,'hex_lower');

// Append the 1st 4 bytes of the bdHash to bdXprv.
CkBinData_AppendEncoded(bdXprv,CkBinData__getEncodedChunk(bdHash,0,4,'hex_lower'),'hex_lower');

// Base58 encode bdXprv
computedMasterKey := CkBinData__getEncoded(bdXprv,'base58');

Memo1.Lines.Add('Expected Master Key: ' + expectedMasterKey);
Memo1.Lines.Add('Computed Master Key: ' + computedMasterKey);

CkCrypt2_Dispose(crypt);
CkBinData_Dispose(bdSalt);
CkBinData_Dispose(bdSeed);
CkBinData_Dispose(bdHmac);
CkBinData_Dispose(bdXprv);
CkBinData_Dispose(bdHash);

end;