[Ethereum] best to use – Private Key or Mnemonic

contract-designcontract-developmentmnemonicprivate-key

Is there a best practice for which one to use?

Many tutorials online take various approaches – the older ones seems to use mnemonic whereas the newer ones tends to utilize private key.

I understand that the mnemonic is the parent of all it's private keys – so I can see logically how the usage of a private key would be better in this sense.

Truffle seems to suggest mnemonic

I suppose this is related to the usage of HD Wallet Provider

Hardhat seems to suggest Private Key

In the case of Private Key/ Mnemonic:

[1] Is there a known best practice in this case and where is it defined?

[2] What is your preference and why have you chosen it to be so?

Best Answer

Directly pasting a mnemonic or a private keys in your code is a practice you should only use for non critical stuff like development on test network. Once you go in production, you will have to secure your keys another way. Tutorials usually don't show you that a lot.

That said, there's two ways to handle keys for your dapp (I assume you are talking about dapp development given the tools you mentioned):

let users handle the keys (metamask, hardware wallet,...) and only let your dapp work if a wallet is connected. This is really the preferred way and you don't have to hold any keys, just use the the API (see metamask JS API). It works for most use cases where users are the key holders (also provides the most decentralised architecture).
handle keys on your side, for instance on your local computer to deploy your smart contract and dapp or on server side (custodial architecture). I'm not fond of custodial architecture but it may make sense sometimes (in centralised exchanges for instance). In these cases, it's your responsibility to secure keys. You should make sure to properly hide the computer that holds the keys from the outside and anyone trying to hack your system. Contract deployment using Truffle should be signed using a hardware wallet (so you don't even know the private key and only have a backup mnemonic on paper safely hidden somewhere). For online custodial apps, favour use of signing proxies (search for instance for Ethsigner) and get keys secured using HSMs or Vaults so the private key doesn't leave the secure enclave. Any other setup is dangerous and will lead to hacks and loss of assets and confidence from your users.

Disclosure: as indicated in my profile, I work for Consensys that is the author of Ethsigner, an open source Apache 2.0 signer and Metamask, the open source wallet.

Related Solutions

[Ethereum] How to create private key from mnemonic and extra-word using web3

The "Extra Word" is a BIP-39 passphrase. It looks like you're using Ethers.js, so you can do something like this:

const { utils, Wallet } = require('ethers');

const hdNode = HDNode.fromMnemonic(mnemonic, passphrase).derivePath(utils.defaultPath);
const wallet = new Wallet(hdNode);

The fromMnemonic function does not provide a way to specify a passphrase directly, but this essentially does what fromMnemonic does with the extra passphrase.

Private Key Generation – How to Create from Mnemonic

(1) I could use keccack256 online tool to transform a word to a private key. Would this be a valid key ?

Any 256-bit number is a valid private key, so yes, it would be a valid key. But this isn't enough entropy to generate a secure private key. I could just run every word in the dictionary through keccak256() (and every other widely used hash function that generates 256-bit numbers) and check whether there are any funds associated with each private key until I find yours.

The whole idea behind using 12-24 dictionary words as the seed is to make the entropy sufficient to make it secure.

https://xkcd.com/936/

You can't have both the seed and the hash function known or easy-to-guess. (keccak256() is known, dictionary words are easy to guess.)

So how is it possible to generate a private key from a single word.

You have 2 choices:

Use a difficult-to-guess seed with a known hash function, or
Use a difficult-to-guess hash function with an easy-to-guess seed

For the first option, you could use a password manager to generate a secure password, then run that through keccak256() or any other hash function that can give you a 256-bit number. However, your secure password (high entropy) doesn't come under your definition of "mnemonic".

For the second option, you would need to run your chosen dictionary word (low entropy) through a hash function you had written yourself (or, alternatively, a series of known hash functions in an order only you know).

Best Answer

Related Solutions

[Ethereum] How to create private key from mnemonic and extra-word using web3

Private Key Generation – How to Create from Mnemonic

Related Topic