Sample code for 30+ languages & platforms
DataFlex

BIP39 Compute Binary Seed from Mnemonic

See more Encryption Examples

Creates a binary seed from a mnemonic. Uses the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes).

Chilkat DataFlex Downloads

DataFlex
Use ChilkatAx-win32.pkg

Procedure Test
    Handle hoCrypt
    String sMnemonic
    String sPassphrase
    String sExpectedSeed
    String sExpectedMasterKey
    Handle hoBdSalt
    Boolean iSuccess
    String sComputedSeed
    Variant vBdSeed
    Handle hoBdSeed
    String sHmacSha512_hex
    Handle hoBdHmac
    Variant vBdXprv
    Handle hoBdXprv
    Variant vBdHash
    Handle hoBdHash
    String sSecondHash
    String sComputedMasterKey
    String sTemp1

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    Get Create (RefClass(cComChilkatCrypt2)) To hoCrypt
    If (Not(IsComObjectCreated(hoCrypt))) Begin
        Send CreateComObject of hoCrypt
    End

    // Test with the test vectors at https://github.com/trezor/python-mnemonic/blob/master/vectors.json

    // This is the 2nd test vector..
    Move "legal winner thank year wave sausage worth useful legal winner thank yellow" To sMnemonic
    Move "TREZOR" To sPassphrase
    Move "2e8905819b8723fe2c1d161860e5ee1830318dbf49a83bd451cfb8440c28bd6fa457fe1296106559a3c80937a1c1069be3a3a5bd381ee6260e8d9739fce1f607" To sExpectedSeed
    Move "xprv9s21ZrQH143K2gA81bYFHqU68xz1cX2APaSq5tt6MFSLeXnCKV1RVUJt9FWNTbrrryem4ZckN8k4Ls1H6nwdvDTvnV7zEXs2HgPezuVccsq" To sExpectedMasterKey

    // The mnemonic sentence (in UTF-8 NFKD) used as the password.
    // The string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt.
    // The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function.
    // The length of the derived key is 512 bits (= 64 bytes). 

    // We want the computed seed to be lowercase hex, therefore our salt must also be hex.
    // The seed is the keyword "mnemonic" + passphrase (in this case is "TREZOR") converted to hex.
    Get Create (RefClass(cComChilkatBinData)) To hoBdSalt
    If (Not(IsComObjectCreated(hoBdSalt))) Begin
        Send CreateComObject of hoBdSalt
    End
    Get ComAppendString Of hoBdSalt "mnemonic" "utf-8" To iSuccess
    Get ComAppendString Of hoBdSalt sPassphrase "utf-8" To iSuccess

    Get ComGetEncoded Of hoBdSalt "hex_lower" To sTemp1
    Get ComPbkdf2 Of hoCrypt sMnemonic "utf-8" "sha512" sTemp1 2048 512 "hex_lower" To sComputedSeed

    Showln "Expected: " sExpectedSeed
    Showln "Computed: " sComputedSeed

    // To compute the hd_master_key, duplicate this Python code:

    //     def to_hd_master_key(seed: bytes, testnet: bool = False) -> str:
    //         if len(seed) != 64:
    //             raise ValueError("Provided seed should have length of 64")
    // 
    //         # Compute HMAC-SHA512 of seed
    //         seed = hmac.new(b"Bitcoin seed", seed, digestmod=hashlib.sha512).digest()
    // 
    //         # Serialization format can be found at: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#Serialization_format
    //         xprv = b"\x04\x88\xad\xe4"  # Version for private mainnet
    //         if testnet:
    //             xprv = b"\x04\x35\x83\x94"  # Version for private testnet
    //         xprv += b"\x00" * 9  # Depth, parent fingerprint, and child number
    //         xprv += seed[32:]  # Chain code
    //         xprv += b"\x00" + seed[:32]  # Master key
    // 
    //         # Double hash using SHA256
    //         hashed_xprv = hashlib.sha256(xprv).digest()
    //         hashed_xprv = hashlib.sha256(hashed_xprv).digest()
    // 
    //         # Append 4 bytes of checksum
    //         xprv += hashed_xprv[:4]
    // 
    //         # Return base58
    //         return b58encode(xprv)

    // First compute the HMAC-SHA512 of the computedSeed
    Get Create (RefClass(cComChilkatBinData)) To hoBdSeed
    If (Not(IsComObjectCreated(hoBdSeed))) Begin
        Send CreateComObject of hoBdSeed
    End
    Get ComAppendEncoded Of hoBdSeed sComputedSeed "hex_lower" To iSuccess
    Set ComEncodingMode Of hoCrypt To "hex_lower"
    Set ComHashAlgorithm Of hoCrypt To "sha512"
    Get ComSetMacKeyString Of hoCrypt "Bitcoin seed" To iSuccess
    Get pvComObject of hoBdSeed to vBdSeed
    Get ComMacBdENC Of hoCrypt vBdSeed To sHmacSha512_hex

    Get Create (RefClass(cComChilkatBinData)) To hoBdHmac
    If (Not(IsComObjectCreated(hoBdHmac))) Begin
        Send CreateComObject of hoBdHmac
    End
    Get ComAppendEncoded Of hoBdHmac sHmacSha512_hex "hex_lower" To iSuccess

    Get Create (RefClass(cComChilkatBinData)) To hoBdXprv
    If (Not(IsComObjectCreated(hoBdXprv))) Begin
        Send CreateComObject of hoBdXprv
    End
    Get ComAppendEncoded Of hoBdXprv "0488ade4" "hex_lower" To iSuccess
    Get ComAppendEncoded Of hoBdXprv "000000000000000000" "hex_lower" To iSuccess
    Get ComGetEncodedChunk Of hoBdHmac 32 32 "hex_lower" To sTemp1
    Get ComAppendEncoded Of hoBdXprv sTemp1 "hex_lower" To iSuccess
    Get ComAppendByte Of hoBdXprv 0 To iSuccess
    Get ComGetEncodedChunk Of hoBdHmac 0 32 "hex_lower" To sTemp1
    Get ComAppendEncoded Of hoBdXprv sTemp1 "hex_lower" To iSuccess

    // Double hash using SHA256
    Set ComEncodingMode Of hoCrypt To "hex_lower"
    Set ComHashAlgorithm Of hoCrypt To "sha256"

    Get Create (RefClass(cComChilkatBinData)) To hoBdHash
    If (Not(IsComObjectCreated(hoBdHash))) Begin
        Send CreateComObject of hoBdHash
    End
    Get ComHashBdENC Of hoCrypt     Get pvComObject of hoBdXprv to vBdXprv
vBdXprv To sTemp1
    Get ComAppendEncoded Of hoBdHash sTemp1 "hex_lower" To iSuccess
    Get pvComObject of hoBdHash to vBdHash
    Get ComHashBdENC Of hoCrypt vBdHash To sSecondHash
    Get ComClear Of hoBdHash To iSuccess
    Get ComAppendEncoded Of hoBdHash sSecondHash "hex_lower" To iSuccess

    // Append the 1st 4 bytes of the bdHash to bdXprv.
    Get ComGetEncodedChunk Of hoBdHash 0 4 "hex_lower" To sTemp1
    Get ComAppendEncoded Of hoBdXprv sTemp1 "hex_lower" To iSuccess

    // Base58 encode bdXprv
    Get ComGetEncoded Of hoBdXprv "base58" To sComputedMasterKey

    Showln "Expected Master Key: " sExpectedMasterKey
    Showln "Computed Master Key: " sComputedMasterKey


End_Procedure