Skip to main content

This guide demonstrates how to self-custody bitcoin using the SeedSigner. SeedSigner is a project that brings together free and open-source code, inexpensive and general-purpose hardware, and a do-it-yourself (DIY) approach to taking personal responsibility of your bitcoin.

This guide covers:

Unboxing

This section demonstrates what is included in the full SeedSigner kit. The kit can be purchased from BTC Hardware Solutions with worldwide shipping available. Alternatively, EU/U.K. customers can purchase the kit from GoBrrr or DIYNodes, and Philippines customers can use TechHaven.

unboxing00

The SeedSigner kit includes the following components:

  1. Raspberry Pi Zero
  2. Raspberry Pi Camera
  3. Ribbon cable for the camera
  4. WaveShare LCD HAT
  5. 3D-printed, open-face case
  6. Seven blank QR code/mnemonic phrase cards
  7. SeedSigner sticker
  8. "Getting Started" instructions
  9. "Thank You" card

The SeedSigner kit comes with most everything you will need to get started, the only pieces you will need to supply yourself are a MicroSD card of at least 4 GB capacity and a micro USB cable. Assembly required.

unboxing01

The included blank QR code/mnemonic phrase cards measure 64 millimeters (mm) by 89 mm. These cards feature 24 blank spaces for seed words on one side, along with a warning that reads: "Never enter seed words into a computer that connects to the internet." On the opposite side, there is a blank 29 by 29 QR code grid with room for the wallet fingerprint and some notes, along with a warning that reads: "Never scan seed QR into a computer that connects to the internet."

unboxing02

Alternatively, one can opt to use the stainless-steel version of the QR code backup. The stainless steel plates are made by @SeedMint21. All of its high-quality products are available at https://vulcan21.com/.

The SeedSigner stainless steel plate features a 3 mm by 66 mm by 91 mm plate that can withstand fire and flooding. This is a great alternative from paper because it can handle extreme environments. The plate featured in this guide has the SeedSigner logo on it, but future plates may not have this logo to help prevent revealing that this is a Bitcoin-related product. There is a 29 by 29 QR code grid on the plate and you can mark the indentations with a marker, check that it works and then stamp the marks with a punch to make them permanent.

You can set the SeedSigner kit aside for now while you prepare the software image on your microSD card in the next section.

Software

This section demonstrates how to download the SeedSigner image and flash it to your microSD card. You will need to supply your own microSD card that has at least a 4 GB capacity. Best practice is to test your hardware with the software image to make sure everything works prior to attempting assembly with the 3D-printed enclosure.

Step One: Download

Navigate to the SeedSigner GitHub repo and look for the latest release.

software00

Scroll to the bottom of that release section and click on the link to download the .zip file. If you would like to verify your download, click on the links to download the “.sha256” file and “.sig” file as well. Save these files in the same folder location. 

software01

Step Two, A: Verify — Windows

This step is optional but recommended. This will ensure that you have downloaded the file that the SeedSigner developers intended on you receiving. This step will demonstrate how to verify on a Windows platform. Skip to “Step Two, B” if you are using a Linux platform.

Or skip to “Step Three” if you do not wish to verify your software download that will be handling your Bitcoin private keys.

The following instructions make an assumption that you already use Kleopatra from the gpg4win software bundle and have your own PGP key setup.

  • First you will need the SeedSigner public key, which you can find here
  • Copy the public key to your clipboard.
  • Open Kleopatra, navigate to “Tools” then “Clipboard” then “Certificate Import”
software02
  • You should receive a dialog that informs you the certificate was imported successfully. Click on “OK.”
  • Now you can compare the fingerprint in Kleopatra to a known publicly-displayed fingerprint such as SeedSigner's Twitter profile.
software03
  • Now you can right click on the SeedSigner certificate in Kleopatra and select “Certify.”
  • You will be prompted to enter your password.
software04
  • Open the folder containing the .zip file, “.sha256” file and “.sig” file.
  • Right click on the “.sig” file.
  • Select “More GpgEX options” then “Verify.”
software05
  • Kleopatra will now use the signature file and the SeedSigner public key to verify the “.sha256” file.
  • You should receive a dialog displaying the successful verification. 

It is important to be able to distinguish between a valid and certified signature, a valid signature and an invalid signature. Because the SeedSigner public key was certified by comparing the resulting fingerprint to a known, publicly-displayed fingerprint, the Kleopatra software prints a valid and certified dialog in green.

software06

If you did not take the extra step to certify the SeedSigner public key, then Kleopatra can still determine that the signature is valid, but not certified. Meaning that the public key and accompanying signature are valid but that they could be from some other entity impersonating the developer. These dialogs will be printed in white. This is still a valid matching signature, it's just that unless you take that extra step to certify the fingerprint of the public key, then do you really know it is a valid signature from SeedSigner and not an impersonator?

software07

Or if there has been some manipulation in the file you downloaded and it is not authentically signed by the SeedSigner key, Kleopatra will print the dialog in red. This is an invalid signature and you should not proceed with decompressing the .zip file.

software08

Now that you have verified the authenticity of the accompanying “.sha256” file, you can rest assured that the SHA-256 hash value contained within it is in fact the hash value that you should be able to independently generate on the accompanying .zip file. To generate hash values on files, you can use a convenient freeware hex editor tool called HxD.

  • In HxD, navigate to “File” then “Open” and select the SeedSigner .zip file
  • Navigate to “Analysis” then “Checksums” then “SHA256”
software09
  • Now you can open the SeedSigner “.sha256” file with a text editor like Notepad.
  • Compare the hash values between HxD and the SeedSigner file.
software10

After verifying the hash value, you know that the .zip file is authentic. If the hash values do not match, then do not decompress the .zip file. It is a good idea to close the .zip file from HxD at this point. You can skip ahead to “Step Three” now. 

Step Two, B: Verify — Linux

Verifying signatures in Linux is a much more straightforward process. PGP tools come built in and can be executed from the command line terminal.

Before proceeding, ensure you have the .zip file, “.sha256” file and “.sig” file in your downloads directory.

  • Open your terminal
  • Import the SeedSigner public key to your key-chain with: 

curl https://raw.githubusercontent.com/SeedSigner/seedsigner/main/seedsigner_pubkey.gpg | gpg --import

  • You should see the terminal print “imported: 1”
  • Then change your directory to your downloads folder with “cd Downloads”
software12
  • Now verify the signature with: 

gpg --verify seedsigner_0_5_0.img.zip.sha256.sig 

Be sure to use the version relative to the one you are verifying, this was version 0.5.0 and releases are made often, so always use the latest one from SeedSigner’s releases page.

  • The terminal should print “Good signature from ‘seedsigner ’”
  • You will see the warning about the key not being certified, see the example in “Step Two, A” for a detailed explanation. Long story short, this is fine.
software13
  • Now you can verify the hash value with: 

shasum -a 256 -c seedsigner_0_5_0.img.zip.sha256 

Again, making sure to use the version appropriate for you.

  • The terminal should print “seedsigner_0_5_0.img.zip: OK”
  • You can ignore the warning about improperly formatted lines if you get it.
software14

That's it, you're done verifying the .zip file you downloaded. You can now move on to flashing the image to the microSD card in the next step.

Step Three: Flash

Using a program like Balena Etcher makes flashing the SeedSigner image easy. Navigate to the Balena Etcher website where you can download the application appropriate for your operating system. Follow your system prompts to install. Make sure you have a microSD card at least 4 GB in size formatted and connected to your computer.

software15

Once you have Balena Etcher installed and opened, select “Flash from file.”

software16

Select the .zip file from the file explorer. The .zip file can remain in its compressed state, Balena Etcher will decompress it.

software17

Select the target drive that you want to flash the image file to. You want to choose your microSD card here.

Click on the “Flash!” button and the flashing process should start automatically. The progress bar will move over to the left-hand side of the application and some promotional dialogs will be displayed on the right-hand side of the application. You do not need to interact with the promotional dialogs, just let the flashing process run.

There are three stages of the flashing process: decompression, flashing and validation. Just let the software run through all the steps and do not disconnect the microSD card during this process. If you get any operating system prompts saying the drive needs to be formatted, just ignore them.

Once finished, you should receive a message that lets you know the flash was completed successfully. If it was not completed successfully, try again and if the problem persists, then consider using a different microSD card.

software24

You can close the Balena Etcher application. Safely eject the microSD card from your computer if your system has not done so already. Now you are ready to mock up your hardware and test it prior to final assembly.

Hardware

This section demonstrates how to test and assemble the SeedSigner kit and also provides details on what each component is and alternative places to purchase these components in case you do not want to purchase the whole kit from one vendor. Best practice is to test that your components power on and the SeedSigner software works prior to assembly. The enclosure and or components can be damaged if you attempt disassembly.

The Enclosure

The enclosure included in the kit is an open-faced design, alternative designs are available from vendors linked below. The enclosure is 3D printed, you can even download the file and print one yourself. Be sure to check out some community designs as well. The enclosure featured here is designed to be the most basic enclosure and the quickest to reproduce. Various enclosure design files can be downloaded from here, and there are a number of distributors that offer alternate designs here, here and here.

The enclosure outer dimensions are 80 mm by 35 mm by 26 mm and there are a number of retention bumps, support ledges and journals to fit the components snugly inside. 

hardware00

The enclosure also features openings for the camera lens, micro USB ports, HDMI port and microSD card port.

hardware01

If you do not want to get the complete kit, you can buy a standalone enclosure of various designs from the following vendors:

The Camera And Cable

The camera is a 5MP OV5647 sensor, 30 frames per second (FPS), 2,592 pixel by 1,944 pixel resolution video camera module designed for a range of Raspberry Pis. The working voltage is 1.7 volts direct current (VDC) to 3 VDC. This module measures 25 mm by 24 mm by 9 mm. The camera ships with a protective film over the lens — be sure to remove this prior to assembly.

You want the “HBV-Raspberry-160FPC” golden ribbon cable for the Raspberry Pi Zero. This cable has a 16-flat-pin connector side measuring 16 mm, a 22-flat-pin connector side measuring 11 mm and the overall length is 160 mm.

hardware05

If you do not want to get the complete kit, you can buy a standalone camera and cable from the following vendors:

  • EU/U.K. delivery available from GoBrrr
  • North America delivery available from Amazon
  • Philippines delivery available from TechHaven

The Raspberry Pi Zero v1.3

The Raspberry Pi Zero is the smallest single-board computer Raspberry Pi manufactures. The v1.3 computer features a 1 gigahertz (Ghz) single-core CPU, 512 MB of RAM, mini-HDMI port, one micro USB port for power only, one micro USB port for data transfer, a hardware-attached-on-top (HAT)-compatible 40-pin header, composite video and reset headers, a microSD card slot and a CSI camera connector. The full hardware specification can be found here.

hardware07

 The Raspberry Pi Zero measures 66 mm by 31 mm by 11 mm.

hardware08

If you do not want to get the complete kit, you can buy a standalone Raspberry Pi Zero from the following vendors:

If you are having a difficult time finding the Raspberry Pi Zero hardware, some alternative sources are Rpilocator or possibly the Raspi Zero W — make sure to do your homework on compatibility with this version prior to purchasing it. Alternatively, if you are only able to find the WiFi- and/or Bluetooth-enabled versions of the Raspberry Pi Zero, then this guide by @DesobedienteTec will show you how to disable the communication radios.

The Waveshare LCD HAT Display

The Waveshare LCD HAT is a 65 mm by 30 mm module that attaches to the 40-pin connector on the Raspberry Pi Zero. This module features a 240 pixel by 240 pixel resolution RGB display measuring 39 mm diagonally. The embedded controls use a joystick and three push buttons. The operating voltage is 3.3 vdc. More specifications can be found here.

If you do not want to get the complete kit, you can buy a standalone Waveshare LCD HAT display from the following vendors:

Testing And Assembly

Testing

Testing the hardware with the SeedSigner software is a good idea. If you assemble everything and then find out that something doesn't work, you can damage the components and/or enclosure trying to disassemble it.

Step One: Release Camera Retainer

On the Raspberry Pi Zero board, gently pull the tabs out on the camera connection port. When these tabs are depressed, they will lock the ribbon cable in place.

testing00

Step Two: Connect Ribbon Cable

Make sure the ribbon cable is facing the correct direction, the gold connectors should be facing the bottom side of the Raspberry Pi Zero circuit board. Insert the ribbon cable until it stops, then press the tabs down to lock the ribbon cable in place.

Step Three: MicroSD Card

Insert the microSD card with the flashed SeedSigner image. Ensure the MicroSD card is facing the correct direction — again the gold contacts should be facing the bottom of the Raspberry Pi Zero circuit board.

Step Four: Display

Connect the LCD display, making sure that the pins on the Raspberry Pi Zero circuit board are all straight and that they won't get bent by being misaligned. This will just loosely attach to the Raspberry Pi Zero circuit board, it is not going to snap into place until you do the final assembly in the 3D-printed enclosure.

testing05

Step Five: Power On And Test

Connect your power cable and wait about 45 seconds for the SeedSigner to activate. Then test out the joystick and buttons on the LCD display and ensure that the camera works.

Now that you have checked that everything is working, you can power off the SeedSigner by selecting the power icon in the upper right-hand corner from the main menu. Then you can disassemble everything and re-assemble it in the 3D-printed enclosure.

Assembly

Prior to attempting assembly, ensure that you have tested that everything works by connecting the camera and display to the RaspberryPi Zero, inserting the microSD card with the SeedSigner image loaded, and powering on the device by connecting a micro USB cable to the power input port.

Step One: Materials Check

Gather your tested components. You should have the 3D-printed enclosure, Raspberry Pi Zero, microSD card, LCD display, camera module and ribbon cable.

assembly00

Step Two: Camera Module

Remove the protective layer of film from the camera lens. Then snap the camera module into place under the retainer clips. If the ports for the USB connections are facing away from you then the ribbon cable should be going to the right-hand side.

Step Three: Raspberry Pi Zero

Insert the Raspberry Pi Zero circuit board. Make sure you remove the microSD card first. The ribbon cable will fold over the camera module, with the slack tucking underneath the enclosure recess.

Align the USB connectors with the ports on the enclosure, the circuit board will be at a slight angle, then you can press down on the side with the pins until you hear it snap into place.

Step Four: MicroSD Card

Then you can insert the MicroSD card again. Then press the LCD display into place on the PINs of the Raspberry Pi Zero circuit board, taking care to ensure the pins are aligned. This should fit tightly and not be loose.

Step Five: Power On And Test

Plug in your power cable and make sure everything works. Then you are ready to start setting up your new Bitcoin seed phrase.

assembly09

You may be able to find additional resources in this guide by @shishi21m.

Generate A New Seed

This section will demonstrate two methods to generate a new master seed with the SeedSigner, with the camera or with dice, as well as how to calculate the checksum of a mnemonic phrase and also how to import a pre-existing mnemonic phrase.

The master seed is just a number, a really long and random number. In fact, this number is so long and random that it can be considered truly unique. Practically speaking, the only place in the universe this number exists is on your SeedSigner when you create it. For all intents and purposes, for someone to guess this number would be like guessing the exact same atom from the entire observable universe that you secretly picked.

This really long random number is used in some clever cryptographic functions to deterministically derive your Bitcoin wallet private/public key pairs. In other words, this is how you can generate many receiving addresses and spend from them. There are several ways to represent these long random numbers; binary ones and zeros, hexadecimal 0 to 9/A to F, a QR code, or even a list of words. Humans have a difficult time handling a numeric representation that is as abstract as 256 ones and zeros, this is why the word lists (or mnemonic phrases) are a popular solution. The long random number is turned into a list of words that are easier for the user to write down and interpret later with accuracy.

If you want to learn more about the processes used with hierarchical deterministic wallets and mnemonic phrases, check out BIP32 and BIP39.

Your SeedSigner can communicate this number to you in the form of a list of English words or a QR code; both methods contain the same information, your master seed. Keep in mind that anyone who gains access to this master seed information can use it to re-create your Bitcoin wallet and take the bitcoin from it, so be sure to handle this information securely and privately.

You will have a couple of choices when creating a new seed: capture an image or roll some dice. Both processes involve randomness, which is a key element in creating a secure master seed that cannot be guessed. Best practice is to use a 256-bit number for your master seed which translates to a 24-word mnemonic; the 12-word mnemonics are made from 128 bits.

Method One: With Camera

No two images will be exactly the same and they will all produce drastically different master seeds. The randomness of the image-method involves taking information from several frames prior to the image itself, along with some information in the image as well as the unique serial number of the Raspberry Pi Zero processor and the number of milliseconds the device has been powered on for.

Step One: Initiate Camera

From the SeedSigner main menu, navigate to “Seeds” then “+ Create a seed” then “;camera icon’ New seed.” This will activate the camera. During this time prior to you taking the image, the SeedSigner is capturing frames and using information from these frames to include in the generation of your master seed.

Step Two: Capture Image

Take an image of something unique. The SeedSigner will display the captured image and then you will have a choice to “reshoot” or “accept,” move the joystick in the appropriate direction for your decision.

Step Three: Mnemonic Length

Next, you will be asked which mnemonic length you want to use, 12-words or 24-words. Accept the warning telling you that this information needs to remain private and secure.

Finally, your mnemonic phrase will be displayed. The screen displays four words at a time.

seedgen07A

Follow the directions in the next section, "Seed Backup," to see how to secure this information.

Method Two: With Dice

The randomness of the dice rolls is pretty self explanatory, best practice is to use a balanced dice. The technical definition of entropy with a six-sided dice is calculated by “log2(6) = 2.58 bits of entropy,” this is why it takes 50 rolls for 128 bits or 99 rolls for 256 bits: “log2(6)*99 = 255.9.” By rolling a dice 99 times, you are providing the randomness necessary to create a random number that is impossible to guess. The dice method will give you a choice between 128 bits/50 rolls/12 words or 256 bits/99 rolls/24 words.

Step One: Initiate Dice Entry

From the SeedSigner main menu, navigate to “Seeds” then “+ Create a seed” then “‘dice icon’ New seed.” Then select which mnemonic length you want to use, 12 words or 24 words. Accept the warning telling you that this information needs to remain private and secure.

Step Two: Roll The Dice

Next, you can roll your dice and then enter the result by selecting that number on the SeedSigner screen and pushing the joystick. Repeat this process for all of your rolls.

Step Three: Finalize

When you enter the last roll, the SeedSigner will display the warning about sharing this information. Accept the warning telling you that this information needs to remain private and secure. Finally, your mnemonic phrase will be displayed. The screen displays four words at a time.

seedgen14

Follow the directions in the next section, "Seed Backup," to see how to secure this information.

Calculating A Mnemonic Checksum

You can also calculate the last word of a mnemonic phrase with the SeedSigner. A 256-bit number is not quite long enough to generate 24 words. Each word represents 11 bits of the original 128 bit or 256 bit master seed. Each 11-bit segment translates to a numeric value on an index from zero to 2,047.

Each of the 2,048 words on the BIP39 list corresponds to a different numeric value on this index. For example, “256 / 11 = 23.27” but the mnemonic is 24 words or “128 / 11 = 11.63” but the mnemonic is 12 words. The original master seed is hashed with the SHA-256 algorithm, that hash value is hashed again. For a 128-bit master seed, the last four bits from that secondary hash value is appended to the end of the first hash value; for a 256-bit master seed, the last eight bits from that secondary hash value is appended to the end of the first hash value. This provides a checksum, so really your 12th or 24th word is actually a checksum that the rest of the proceeding mnemonic is correct. When you add 4 bits to 128 bits you get 132 bits, which equals 12 11-bit words. When you add 8 bits to 256 bits you get 264 bits, which equals 24 11-bit words.

SeedSigner can calculate this checksum for you and tell you what the 12th or 24th word is based on the rest of the proceeding mnemonic. This may be helpful if you have a mnemonic phrase that is missing the last word, or if you want to double check a mnemonic, or if you want to pick your own words from the BIP39 list. However, picking your own words from the BIP39 list will probably not be as random as using the random number generator found in tools like the SeedSigner.

From the main menu navigate to “Seeds” then “+ Create a seed” then “Calc 12th/24th word” then select mnemonic length “12 words” or “24 words.”

On the next screen you can start entering the first 11 words for a 12-word mnemonic or the first 23 words for a 24-word mnemonic. Start by entering the first letter of the desired word, the available letters to choose from for the next letter will be reduced to the only options based on the BIP39 word list. You can also scroll up or down through a list on the right-hand side of the screen using the “KEY1” and “KEY3” buttons on the HAT display. When you find the word you want, push “KEY2” on the HAT display to select that word and move on to the next one. Continue this process until all 11 or 23 words have been entered.

After the 11th or 23rd word has been entered, the SeedSigner will display the final word. You will have the option to load that seed into the SeedSigner’s active memory and apply an optional passphrase as well.

seedgen21

Importing A Mnemonic Phrase

You can also import a pre-existing 12-word or 24-word mnemonic in its entirety. From the main menu, navigate to “Seeds” then select “Enter 24-word seed” or “Enter 12-word seed.” Then follow the same process above, selecting the first letter of each word until you find the desired word and pressing “KEY2” on the HAT display to select that word. If you enter a word incorrectly, the calculated checksum will be incorrect and the SeedSigner will alert you.

Once all the words have been entered you will be presented with the wallet fingerprint and given the option to apply an optional passphrase.

seedgen24

Seed Backup

This section will demonstrate how to backup the master seed generated on the SeedSigner. There are two ways to backup this information: as a mnemonic phrase or as a QR code. A combination of these two methods can be used for redundant backups. Anyone who gains access to this information will be able to steal your bitcoin, so ensure that you take precautions when handling this information. Some basic best practices are to never store this information in a text file, don't save it to a computer, don't take a picture of it and don't speak the words out loud. Handle this information as if it were gold, cash or jewelry.