Advantages of Managing Your Formosa Crypto Wallet

Managing cryptocurrency wallets hinges on a cryptographic recovery key, a secret phrase or word that users employ to safeguard and retrieve their wallets. The BIP39 recovery key implementation offers keyword possibilities that are significantly more user-friendly compared to the older random alphanumeric strings. This user-friendliness is why BIP39 is widely recognized for its significant positive impact on the cryptocurrency user experience. However, committing a BIP39 recovery key to memory is still a challenging task.

This is where Formosa comes in, a robust open-source initiative that produces recovery keys designed for enhanced memorability. Formosa is interoperable with BIP39, enhances security, and presents a variety of themes for users to select from. Users have the flexibility to switch between themes without jeopardizing their existing keys.

To familiarize you with Formosa, let’s explore the fundamentals of cryptocurrency wallet management using a tangible recovery phrase example. Following this, we’ll delve into a Python tutorial demonstrating how to utilize Formosa in security-focused projects.

Important: Refrain from using the Formosa keys or seeds provided in this example for any cryptocurrency wallet, as their public disclosure compromises their confidentiality.

Managing Your Crypto Wallet

Crypto wallet management encompasses the creation, recovery, and fundamental functions of a wallet, such as receiving and transferring coins. These high-level use cases rely on the corresponding seed generated during the wallet’s initialization.

Seed Structure, Security, and Recovery: A BIP39 Perspective

A unique and confidential seed is essential for a crypto wallet to operate as designed. It is crucial to maintain the secrecy of this seed and never share it. This seed forms the foundation for generating private-public key pairs used for signing and validating transactions.

Every private-public key pair generates a unique address used in transactions between wallets. An address, representing the “owner” of the currency, serves as an anonymous identifier of currency ownership on the blockchain. For optimal security and anonymity, it’s advisable to avoid reusing addresses from your crypto wallet.

Any crypto wallet can create or retrieve private-public key pairs and their associated addresses from any given seed. BIP39-compliant wallets offer a mechanism for entering our recovery word list and instantiating our corresponding keys and addresses on that specific platform or device.

The elegance of this cryptocurrency wallet system is that if a user loses access to their wallet, they can simply input the provided seed or its recovery phrase into any BIP39-implemented wallet. This action grants them access to their currency, linking that wallet to every transaction associated with that seed.

From a technical standpoint, how do these seeds work? A seed’s robustness increases exponentially with the number of bits it contains, typically either 128 bits or 256 bits.

BIP39 draws from a standardized pulls from a list of 2,048 words. Given that 2,048 = 2¹¹, establishing a one-to-one correspondence between all 2,048 BIP39 words and all possible 11-bit sequences is straightforward: binary notation is used (explaining the otherwise arbitrary choice of 2,048) to assign each word the bit sequence representing its position in the BIP39 word list.

With each word requiring 11 bits, 12 recovery words are used to generate a 128-bit seed. Observant readers will note that a 12-word sequence yields 132 bits—four more than needed for the 128-bit security standard. These four are checksum bits, used for data error detection, providing an extra security layer when these words are entered manually from memory or via transcription.

Mathematically: 12 words * 11 bits/word = 132 total bits, with 128 used for seed generation. 132-128 = 4 remaining checksum bits. If a transcription error occurs, a BIP39-equipped wallet using 128-bit seeds has a 1/2⁴ or 6.25% chance of missing the error.

For a 256-bit seed, BIP39 utilizes 24 words, resulting in eight checksum bits. Mathematically: 24 words * 11 bits/word = 264 total bits, with 256 generating the seed. 264-256 = 8 remaining checksum bits. In case of a transcription error, a BIP39-equipped wallet with 256-bit seeds has a 1/2⁸ or ≅ 0.4% chance of failing to detect the error.

Another notable BIP39 characteristic is the uniqueness of the first four characters in each word within its English word list. This facilitates efficient auto-complete functionalities and a BIP39 password format where the initial four characters of all words are concatenated. If a seed word is just three letters (the minimum length), a hyphen is appended as its fourth character to discreetly accommodate three-letter words. This results in a consistent ratio of 11/4 = 2.75 random bits per digit (excluding checksum bits) or (132-4)/(4*12) = 128/48 = 8/3 = 2.67 bits per digit (including checksum bits).

Enhancing Recovery Sentences: The Formosa Advantage

Formosa offers all the features of BIP39 and more. Similar to BIP39, a Formosa wallet functions with various cryptocurrencies, including Bitcoin. Regarding cryptographic strength, Formosa provides the same checksum bit ratio and password strength densities as BIP39, both with and without checksum bits.

However, Formosa surpasses BIP39 by encoding its confidential random data into sentences that are easier for us to remember compared to the conventional and disconnected BIP39 word list.

An additional valuable Formosa feature is its theme capability. With an impressive and expanding collection of themes (e.g., Fairy Tale, Tourism), Formosa allows us to generate phrases related to our chosen theme, making them more coherent and memorable. Phrases can be converted between Formosa themes without compromising security.

Furthermore, we can perform round-trip conversions between Formosa and BIP39 seeds without any security loss. A frequent reason for converting from BIP39 to Formosa is to access more memorable recovery phrase options while retaining existing crypto account addresses. From a user perspective, there might not be a direct use case for converting from Formosa to BIP39. However, our interface needs to perform such conversions each time we input our Formosa recovery phrases to access our existing BIP39 crypto account addresses.

A Step-by-Step Recovery Phrase Generation Example

The following example guides you through generating a BIP39 recovery phrase and its equivalent Formosa recovery phrase, starting with a specific seed. Remember, avoid using any of our example keys or seeds in actual crypto wallets or applications, as their publication renders them non-private.

Let’s use a 16-byte hexadecimal seed (i.e., a seed comprising 16*8 = 128 bits), 0XE41FEEEEE282BC5411CE97DF78B3660E, as our starting point. This is equivalent to the following 128-bit binary representation, along with its four checksum bits: 11100100000111111110111011101110111000101000001010111100010101000001000111001110100101111101111101111000101100110110011000001110 0100.

BIP39 divides this 132-bit output into 11-bit random words. Conversely, Formosa splits the 132-bit binary string into four 33-bit strings (represented by the four rows in the table below). Formosa then further divides each 33-bit array into a fixed pattern of five- or six-bit chunks to create phrases:

BIP39

Formosa (Medieval Fantasy Theme)

3 x 11-bit Chunks:
Random Word

5-bit Chunk:
Verb

6-bit Chunk:
Subject

6-bit Chunk:
Object

5-bit Chunk:
Adjective

6-bit Chunk:
Wild Card

5-bit Chunk:
Place

11100100000: tomato
11111111011: youth
10111011101: roof
11100: unveil100000: king111111: wine11011: sweet101110: queen11101: throne_room
11000101000: shallow
00101011110: cloth
00101010000: claw		11000: swing101000: ogre001010: club11110: wooden001010: cyclops10000: mountain
01000111001: elbow 11010010111: spray
11011111011: term		01000: create111001: summoner110100: spellbook10111: secret110111: spirit11011: temple
11000101100: sheriff 11011001100: sunset 00011100100: broken11000: swing101100: pirate110110: tankard01100: fizzy000111: buccaneer00100: brewery

The connections between the words forming a Formosa recovery key phrase provide a story-based alternative to a BIP39 phrase, resulting in more memorable outputs:

BIP39 Final Output

Formosa Final Output

tomato youth roof

king unveil sweet wine queen throne_room

shallow cloth claw

ogre swing wooden club cyclops mountain

elbow spray term

summoner create secret spellbook spirit temple

sheriff sunset broken

pirate swing fizzy tankard buccaneer brewery

Consider the following diagram illustrating the dependencies that lead to a Formosa recovery key:

The dependencies that lead to a Formosa recovery key.
  1. The initial bit chunk determines a verb: It’s interpreted as a number corresponding to an entry in a list within the Formosa theme’s JSON file.
  2. The second chunk determines a subject: It’s interpreted as a number corresponding to an entry in a list provided by the previously defined verb.
  3. The third chunk determines an object: It’s interpreted as a number corresponding to an entry in a list provided by the previously defined subject.
  4. The fourth chunk determines an adjective: It’s interpreted as a number corresponding to an entry in a list provided by the previously defined object.
  5. The fifth chunk determines a wildcard: It’s interpreted as a number corresponding to an entry in a list provided by the previously defined subject.
  6. The sixth chunk determines a place: It’s interpreted as a number corresponding to an entry in a list provided by the previously defined wildcard.

Using our first 33-bit string example, the first chunk indexes the verb “unveil,” which is associated with 64 possible subjects. The second chunk indexes the subject “king,” linked to 64 possible objects and 64 possible wildcards. The third chunk indexes the word “wine,” associated with 32 possible adjectives, and selects the word “sweet,” which isn’t linked to an additional list. The fifth chunk indexes the word “queen,” linked to 32 possible places, and the sixth chunk indexes the phrase “throne_room.”

This process results in the sequence: king unveil sweet wine queen throne_room. To enhance memorability, a user can incorporate grammar and auxiliary parts of speech: "[The] king unveil[s the] sweet wine [to the] queen [in the] throne_room" or "[The] king unveil[s the] sweet wine [at the] queen[’s] throne_room" are example phrases for our sequence. The end product is a memorable, visual scenario.

Python and Formosa: Crypto Wallet Code Implementation

We’ve explored the fundamentals of cryptographic wallet security and usage, along with an example of converting random bits into a recovery phrase. Now, let’s implement Formosa in a simple Python project where we’ll generate a seed and convert it between BIP39 and Formosa formats.

First, clone the project, naming the project folder “Formosa.” Next, execute the following script in Formosa’s parent directory to import our library and create a standard BIP39 mnemonic:

1
2
3
4
5

# Import library into python project via:
from formosa.src.mnemonic.mnemonic import Mnemonic

theme = "BIP39"
mnemo = Mnemonic(theme)

Since the mnemo.generate method draws random bits, the output will differ if you run the script multiple times. Next, let’s generate a BIP39 word list with a strength (number of bits) that’s a multiple of 32 and falls between 32 and 256:

1
2
3

words = mnemo.generate(strength=128)
print(words)
# Output: tomato youth roof shallow cloth claw elbow spray term sheriff sunset broken

With the generated word list, we can determine the initial input bits of our BIP39-formatted phrase, presented as a hexadecimal string:

1
2
3

entropy = mnemo.to_entropy(words)
print(entropy.hex().upper())
# Output: E41FEEEEE282BC5411CE97DF78B3660E

Moreover, we can convert one mnemonic theme to another using the word list and both theme names. Let’s convert our BIP39 phrase to a Formosa phrase within the medieval fantasy theme:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10

new_words = mnemo.convert_theme(words, "medieval_fantasy", "BIP39")
# We instantiate a new Mnemonic object with the theme "medieval_fantasy", and then use it to format output.
print(Mnemonic("medieval_fantasy").format_mnemonic(new_words))

# Output:
# password            =   kiunswwiquthogswwoclcymosucrsespsptepiswfitabubr
# formosa_sentences =   king unveil sweet wine queen throne_room
#                       ogre swing wooden club cyclops mountain
#                       summoner create secret spellbook spirit temple
#                       pirate swing fizzy tankard buccaneer brewery

Similarly, we can convert it back to the original BIP39 theme:

1

original_words = mnemo.convert_theme(new_words, "BIP39", "medieval_fantasy")

In essence, Formosa enables anyone with a BIP39 passphrase to generate a themed semantic passphrase. These concise code blocks demonstrate the ease of using Formosa.

Formosa: Enhancing Your Cryptocurrency Wallet Experience

BIP39 wallets are widespread in the crypto realm and seamlessly integrate with Formosa recovery phrases to enhance the user experience. The numerous cryptocurrency users who already possess a recovery word list and corresponding addresses can retain and improve their current addresses by adopting Formosa. Formosa represents a significant advancement in effortlessly improving the human-machine interface for cryptocurrency users.

The editorial team of the Toptal Engineering Blog expresses gratitude to Edson Cilos Vargas Júnior for reviewing the code samples and technical content presented in this article.

Licensed under CC BY-NC-SA 4.0