With Wasabi you can generate unlimited number of Bitcoin wallets very fast, without any cost, and without asking anyone for permission. Each wallet has separate private and public keys in a unique backup, and they are not at all linked to the other wallets generated on the same computer. So with several wallets you can conveniently manage your bitcoin for different use cases without worrying about revealing that you control them.
Generating the wallet step-by-step
Launch Wasabi Wallet. The very first time you run the software the
Generate Wallettab will be automatically open, but you can also access it by clicking on File -> Generate Wallet in the menu bar.
Label the new wallet precisely to ensure a proper differentiation at any point in the future. This label is not shared with anyone, it is only stored locally on your computer.
Write a long and random password and back it up. It encrypts your secrets and you will need it every time you want to spend bitcoin from this wallet. Consider using diceware wordlists or a secure password generator to protect yourself against brute force attacks.
Backup your password!
Without the password, you cannot spend your bitcoin or recover your wallet, even if you have the recovery words (Seed phrase). So tripple check that you have a proper backup!
- Write down the 12 recovery words (Seed phrase). You can use this seed phrase with your password to recover your wallet on a different computer using Wasabi or another BIP 38 compliant wallet. If you have only the recovery words, but not the password, then you cannot spend the bitcoin nor recover this wallet. But whoever has both, gets full access to all the transaction history and gains control over every satoshi locked up in this wallet.
Backup your recovery words!
Without the recovery words (Seed phrase) and the password, you cannot recover your wallet. So tripple check that you have a proper backup! Make sure the backup is separate from the password, which decrypts the recovery words.
- Test the password before you can load the wallet, to make sure that your backup password is correct.
So type or paste the password in the text box, and click
What password to choose
Wasabi integrates BIP 38: Password-Protected Private Key, which means that the secrets needed to spend the bitcoin are encrypted on the computer. If someone has compromised your operating system and hardware and he only has the encrypted secrets, then no bitcoin can be spent. You need both the encrypted secrets, and the password in order to get the private key which can sign a spending transaction. This means that the password is your last line of defense against anyone who tries to steal your bitcoin.
It is very much recommended to use long and random passwords for everything, especially for your money!.
What not to do
Here are a couple of examples that do it completely wrong, you should not generate your password like this:
Do not use publicly known information like your grandma's maiden name and the birthday of your Dog.
Emma1992is a really really really bad password, because it can easily be guessed and it is very short.
Do not use the same password that you have used in other places. Because if one password is leaked, then other ones are compromised.
Do not use only letters, or only numbers in your password.
Don't roll your own crypto. You shouldn't try to re-invent the wheel for something as complicated and nuanced as cryptography, and especially in regards to entropy. These are some of the industry best practices:
Rolling a dice might be the easiest way to get high entropy and randomness in numbers. You can also use the diceware wordlists to get something similar to your Bitcoin recovery words (Seed phrase). Now you have a verbal password that was generated completely off-line with sufficient randomness.
Flip through the pages of a book, stopping on an arbitrary page and pick up one word somewhere on that page. Although this is not as random as a dice-roll, there is still a large set of possible words in a book. You can further increase the randomness by selecting different books.
Use a well tested password manager with a cryptographic secure random number generator. A good password manager will use sufficient entropy to generate a password with letters, numbers and special characters. Although this is on-line and digital, a good software should still be secure enough for most cases.
How are the secrets created
Wasabi uses BIP 38: Password-Protected Private Key
+--------------+ | Entropy | +--------------+ +------------+ | | Word list +------------>+ +------------+ | +------v-------+ | Mnemonics | +--------------+ | +---------> | | | +------v-------+ | | Seed | | +--------------+ | | +-----------+ | | | Password +---+ +------v-------+ +-----------+ | | Extended Key | | +--------------+ | | | | | +------v-------+ | | Private key | ** This step is needed to use bip38 | +--------------+ | | +-------------+ +-------->+<-------------+ Network | | +-------------+ +------v-------+ | Encrypted | | secret | +--------------+ | | | +--------------------+ | Save encrypted | | secret+chaincode+ | | Fingerprint+ExtPub | +--------------------+
What do you need to get the keys?
This is needed to backup and recover your wallet:
|Data||Does it need password to recover?|
|entropy||No, this is unencrypted|
|mnemonic||No, this is unencrypted|
|seed||Yes, it is encrypted|
|extendedkey||Yes, it is encrypted|
|privatekey+chaincode+fingerprint||Yes, it is encrypted|
|encryptedsecret+chaincode+fingerprint||Yes, (this is the Wasabi Backup)|