Early cryptocurrency wallets only used private keys without mnemonic phrases.
Private keys typically consist of dozens of letters and numbers. Any mistake—even a single character—renders the private key invalid, with no way to recover it.
Private keys are tied to a single chain and a single wallet.
For users with multiple chains or multiple wallets, backing up each private key individually becomes a monumental task.

Storing BIP39 mnemonic phrases in plaintext is extremely risky.
If exposed, anyone with knowledge of BIP39 can restore your wallet and steal your assets.

Each BIP39 word corresponds to a number (e.g., “office” = 1229), known as a BIP39 index (1–2048).

• Language-agnostic: Works with English, Chinese, or any other BIP39 wordlist.

• Less recognizable as crypto data, adding some obscurity.

However, index numbers in plaintext are still vulnerable if stolen by an attacker familiar with crypto.

Even combining plaintext BIP39 mnemonics with a passphrase remains high-risk.

• Complex passphrases are difficult to engrave onto stainless steel.

• Multiple wallets with multiple passphrases increase the workload dramatically.

Applying a monoalphabetic substitution cipher to the 26 English letters (e.g., a→e, d→y, f→k) may seem secure initially.

• Theoretically, 26! ≈ 4×10²⁶ possible mappings (~88 bits of security), seemingly out of reach for modern computers.

However, this is misleading. Monoalphabetic substitution preserves statistical patterns of the text, drastically reducing the actual search space to 10⁶–10⁹ possibilities using known techniques:

• Unique first 4 letters of BIP39 words
  Each word is uniquely identified by its first four letters. Only 26⁴ ≈ 456,976 mappings need to be checked.

• Uneven first-letter distribution
  Most BIP39 words start with a, b, c, e, s; letters like q, x, z rarely appear. Many candidate mappings are eliminated immediately.

• n-gram patterns preserved
  Common letter sequences (th, in, er, etc.) remain unchanged, allowing attackers to validate mappings efficiently.

• Word validity + checksum filters
  Invalid partial words or checksum mismatches discard incorrect candidates instantly.

• Modern optimization algorithms
  Hill climbing, genetic algorithms, and simulated annealing can test millions to billions of candidates per second.

• 12-word phrase: 3–30 seconds

• 18–24 words: 20 seconds to a few minutes

Monoalphabetic substitution provides essentially no meaningful protection for BIP39 mnemonics. It is practically plaintext.

Substituting digits 0–9 (e.g., 0→7, 1→3) is even weaker.

• Index numbers range 0001–2048; digit substitution preserves structure and length.

• Patterns like 0123, 0175, 2048 remain obvious.

• With 12–24 index values, attackers can deduce all mappings quickly.

Monoalphabetic substitution on BIP39 index numbers is instantly breakable.

Shifting letters (+3) or digits (+5 mod 10) is even less secure:

• Only 26 possibilities for letters, 10 for digits.

• Patterns remain intact; brute-forcing is trivial.

Caesar / Shift ciphers on BIP39 data are effectively plaintext.

Tamper-evident VOID labels only inform you after theft occurs.
They do not prevent theft and may only alert you months later—too late to protect your assets.

Easily destroyed by water, fire, or humidity; ink may fade, rendering data unreadable.

• Aluminum melts at ~660°C, insufficient for fire protection; corrodes under harsh conditions.

• Copper melts ~1085°C, lower than 316 stainless steel (~1370–1450°C).
  Copper also oxidizes, scratches, deforms easily, and is costly and difficult to process.

• High melting point (~1375–1400°C)

• Excellent waterproof, fireproof, corrosion-resistant, shock-resistant, and heat-resistant properties

• Durable and reliable for long-term storage

Letter tiles may fall out if pressure is applied, leading to potential total loss.

Products displaying Bitcoin, BTC, or “crypto recovery” are attractive targets for thieves.

Keeping only one or two fragile copies underestimates risk.
Multiple backups, ideally across materials and locations, are essential.

Security is not just about using the hardest medium. It is about three principles:

1. Persistence: The backup exists under any circumstances.

2. Concealment: Others do not see it.

3. Unbreakability: Even if stolen, it cannot be deciphered.

Based on all the pain points above, I developed CipherSeed — a hybrid DIY + service solution.
It’s not a magic cure, but it directly solves these real-world problems.

CipherSeed does not store private keys, plaintext BIP39 mnemonics, or BIP39 index numbers.
Instead:

• Convert BIP39 mnemonics to BIP39 index numbers.

• Apply a personal, unique random mapping to generate Cipher Numbers.

• Stamp Cipher Numbers onto 316 stainless steel washers.

• Assemble onto 316 stainless steel bolts with nuts and key rings to secure parts.

• Place the assembly into a plastic vial and store in a concealed location.

Cipher Numbers are Transcoded Index Numbers — or you may call them Personal Permuted Index Numbers.
They are simply your BIP39 index numbers after being randomly permuted using your own private mapping table.

Even if an attacker obtains your CipherSeed steel plate, without your private conversion rule each 4-digit block is effectively just an unknown value between 0001–2048.
This means the attacker must still brute-force the original BIP39 mnemonic directly.

• 12 words: 2048¹² ≈ 4.7 × 10³⁹

• 24 words: 2048²⁴ ≈ 2.2 × 10⁷⁹ (≈ 2²⁶⁴)

• Cracking a 12-word seed: ~10¹⁴ years

• Cracking a 24-word seed: ~10⁵³ years

CipherSeed adds an obfuscation layer on top of normal BIP39.
As long as your private conversion rule is stored separately and never leaked, the attacker cannot shrink the search space.
They face the full 12-word or 24-word brute-force complexity.

Simply put: CipherSeed only translates your 12 or 24 seed words into meaningless numbers.
As long as you never store the “translation dictionary” together with the steel plate, it is just as secure as storing the original words.

With current (and foreseeable future) human computing power, it cannot be brute-forced — not even in ten thousand years.

Generate a private 1–2048 random permutation table in Excel:

• Column A: 0001–2048

• Column B: copy of A

• Column C: =RAND(), fill down

• Sort B by column C

• Column A → Column B is your A-to-B transcoding rule

Save as PDF, keep offline and separate.

Example: “office” = 1229 → Cipher Number 0456
Tip: Use one transcoding rule for all wallets.

Record the sequence in a worksheet.

Reverse the conversion to confirm recovery matches the original wallet.

DIY or use CipherSeed’s turnkey engraving service.

Washers → bolt → nut → key ring → plastic vial → concealed location.

Cipher Number Conversion Worksheet
Engraved Washers
Bolted Washer Stack
Washer Backup Kit

• Always store the cipher numbers and mapping table separately.

• Store backups in a bank safe, across multiple cities/states/countries.

• For underground burial, dig deep under a reference point (e.g., large tree).

• Place tamper-resistant stickers on bolt heads, not the vial, to remain inconspicuous.

• Inspect backups every 6–12 months.

The above represents my personal views. Feedback and corrections are welcome.
Due to space limitations, many operational details cannot be listed. Feel free to ask.

You can download necessary tools here:
https://cipherseed.io/tools/

Early cryptocurrency wallets only used private keys without mnemonic phrases.
Private keys typically consist of dozens of letters and numbers. Any mistake—even a single character—renders the private key invalid, with no way to recover it.
Private keys are tied to a single chain and a single wallet.
For users with multiple chains or multiple wallets, backing up each private key individually becomes a monumental task.

Storing BIP39 mnemonic phrases in plaintext is extremely risky.
If exposed, anyone with knowledge of BIP39 can restore your wallet and steal your assets.

Each BIP39 word corresponds to a number (e.g., “office” = 1229), known as a BIP39 index (1–2048).

• Language-agnostic: Works with English, Chinese, or any other BIP39 wordlist.

• Less recognizable as crypto data, adding some obscurity.

However, index numbers in plaintext are still vulnerable if stolen by an attacker familiar with crypto.

Even combining plaintext BIP39 mnemonics with a passphrase remains high-risk.

• Complex passphrases are difficult to engrave onto stainless steel.

• Multiple wallets with multiple passphrases increase the workload dramatically.

Applying a monoalphabetic substitution cipher to the 26 English letters (e.g., a→e, d→y, f→k) may seem secure initially.

• Theoretically, 26! ≈ 4×10²⁶ possible mappings (~88 bits of security), seemingly out of reach for modern computers.

However, this is misleading. Monoalphabetic substitution preserves statistical patterns of the text, drastically reducing the actual search space to 10⁶–10⁹ possibilities using known techniques:

• Unique first 4 letters of BIP39 words
  Each word is uniquely identified by its first four letters. Only 26⁴ ≈ 456,976 mappings need to be checked.

• Uneven first-letter distribution
  Most BIP39 words start with a, b, c, e, s; letters like q, x, z rarely appear. Many candidate mappings are eliminated immediately.

• n-gram patterns preserved
  Common letter sequences (th, in, er, etc.) remain unchanged, allowing attackers to validate mappings efficiently.

• Word validity + checksum filters
  Invalid partial words or checksum mismatches discard incorrect candidates instantly.

• Modern optimization algorithms
  Hill climbing, genetic algorithms, and simulated annealing can test millions to billions of candidates per second.

• 12-word phrase: 3–30 seconds

• 18–24 words: 20 seconds to a few minutes

Monoalphabetic substitution provides essentially no meaningful protection for BIP39 mnemonics. It is practically plaintext.

Substituting digits 0–9 (e.g., 0→7, 1→3) is even weaker.

• Index numbers range 0001–2048; digit substitution preserves structure and length.

• Patterns like 0123, 0175, 2048 remain obvious.

• With 12–24 index values, attackers can deduce all mappings quickly.

Monoalphabetic substitution on BIP39 index numbers is instantly breakable.

Shifting letters (+3) or digits (+5 mod 10) is even less secure:

• Only 26 possibilities for letters, 10 for digits.

• Patterns remain intact; brute-forcing is trivial.

Caesar / Shift ciphers on BIP39 data are effectively plaintext.

Tamper-evident VOID labels only inform you after theft occurs.
They do not prevent theft and may only alert you months later—too late to protect your assets.

Easily destroyed by water, fire, or humidity; ink may fade, rendering data unreadable.

• Aluminum melts at ~660°C, insufficient for fire protection; corrodes under harsh conditions.

• Copper melts ~1085°C, lower than 316 stainless steel (~1370–1450°C).
  Copper also oxidizes, scratches, deforms easily, and is costly and difficult to process.

• High melting point (~1375–1400°C)

• Excellent waterproof, fireproof, corrosion-resistant, shock-resistant, and heat-resistant properties

• Durable and reliable for long-term storage

Letter tiles may fall out if pressure is applied, leading to potential total loss.

Products displaying Bitcoin, BTC, or “crypto recovery” are attractive targets for thieves.

Keeping only one or two fragile copies underestimates risk.
Multiple backups, ideally across materials and locations, are essential.

Security is not just about using the hardest medium. It is about three principles:

1. Persistence: The backup exists under any circumstances.

2. Concealment: Others do not see it.

3. Unbreakability: Even if stolen, it cannot be deciphered.

Based on all the pain points above, I developed CipherSeed — a hybrid DIY + service solution.
It’s not a magic cure, but it directly solves these real-world problems.

CipherSeed does not store private keys, plaintext BIP39 mnemonics, or BIP39 index numbers.
Instead:

• Convert BIP39 mnemonics to BIP39 index numbers.

• Apply a personal, unique random mapping to generate Cipher Numbers.

• Stamp Cipher Numbers onto 316 stainless steel washers.

• Assemble onto 316 stainless steel bolts with nuts and key rings to secure parts.

• Place the assembly into a plastic vial and store in a concealed location.

Cipher Numbers are Transcoded Index Numbers — or you may call them Personal Permuted Index Numbers.
They are simply your BIP39 index numbers after being randomly permuted using your own private mapping table.

Even if an attacker obtains your CipherSeed steel plate, without your private conversion rule each 4-digit block is effectively just an unknown value between 0001–2048.
This means the attacker must still brute-force the original BIP39 mnemonic directly.

• 12 words: 2048¹² ≈ 4.7 × 10³⁹

• 24 words: 2048²⁴ ≈ 2.2 × 10⁷⁹ (≈ 2²⁶⁴)

• Cracking a 12-word seed: ~10¹⁴ years

• Cracking a 24-word seed: ~10⁵³ years

CipherSeed adds an obfuscation layer on top of normal BIP39.
As long as your private conversion rule is stored separately and never leaked, the attacker cannot shrink the search space.
They face the full 12-word or 24-word brute-force complexity.

Simply put: CipherSeed only translates your 12 or 24 seed words into meaningless numbers.
As long as you never store the “translation dictionary” together with the steel plate, it is just as secure as storing the original words.

With current (and foreseeable future) human computing power, it cannot be brute-forced — not even in ten thousand years.

Generate a private 1–2048 random permutation table in Excel:

• Column A: 0001–2048

• Column B: copy of A

• Column C: =RAND(), fill down

• Sort B by column C

• Column A → Column B is your A-to-B transcoding rule

Save as PDF, keep offline and separate.

Example: “office” = 1229 → Cipher Number 0456
Tip: Use one transcoding rule for all wallets.

Record the sequence in a worksheet.

Reverse the conversion to confirm recovery matches the original wallet.

DIY or use CipherSeed’s turnkey engraving service.

Washers → bolt → nut → key ring → plastic vial → concealed location.

Cipher Number Conversion Worksheet
Engraved Washers
Bolted Washer Stack
Washer Backup Kit

• Always store the cipher numbers and mapping table separately.

• Store backups in a bank safe, across multiple cities/states/countries.

• For underground burial, dig deep under a reference point (e.g., large tree).

• Place tamper-resistant stickers on bolt heads, not the vial, to remain inconspicuous.

• Inspect backups every 6–12 months.

The above represents my personal views. Feedback and corrections are welcome.
Due to space limitations, many operational details cannot be listed. Feel free to ask.

You can download necessary tools here:
https://cipherseed.io/tools/