Go to file
dependabot[bot] c1329350e7
Bump gradle/wrapper-validation-action from 3.3.2 to 3.5.0 (#293)
Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action) from 3.3.2 to 3.5.0.
- [Release notes](https://github.com/gradle/wrapper-validation-action/releases)
- [Commits](216d1ad2b3...f9c9c575b8)

- dependency-name: gradle/wrapper-validation-action
  dependency-type: direct:production
  update-type: version-update:semver-minor

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-17 10:44:53 +02:00
.github Bump gradle/wrapper-validation-action from 3.3.2 to 3.5.0 (#293) 2024-07-17 10:44:53 +02:00
bip39-lib [#270] Audit issue C: Properly check read() 2024-04-14 15:31:23 +02:00
CHANGELOG.md [#269] Release v1.0.8 2024-04-14 15:31:48 +02:00



license maven


A concise implementation of BIP-0039 in Kotlin for Android.

Only about 30kB in total size. For comparison, the entire library is about 3X the size of this README file (because there are no dependencies)!


  • There are not many bip-39 implementations for android
  • Most that do exist are not Kotlin
    • or they are not idiomatic (because they are direct Java ports to Kotlin)
    • or they have restrictive licenses
  • Most implementations fail to validate the checksum, which can easily lead to loss of funds!
    • validating the checksum prevents: leading/trailing white space, valid words in the wrong order, mistyping a valid word (like chief instead of chef) and other similar issues that could invalidate a backup or lose funds.
  • No other implementation uses CharArrays, from the ground up, for added security and lower chances of accidentally logging sensitive info.

Consequently, this library strives to use both idiomatic Kotlin and CharArrays whenever possible. It also aims to be concise and thoroughly tested. As a pure kotlin library, it probably also works outside of Android but that is not an explicit goal (Update: confirmed to also work on a Ktor server).

Plus, it uses a permissive MIT license and no dependencies beyond Kotlin's stdlib!

Getting Started


Add dependencies (see Maven badge above for latest version number):

dependencies {
    implementation "cash.z.ecc.android:kotlin-bip39:${latestVersion}"

repository {


This library prefers CharArrays over Strings for added security.
Note: If strings or lists are desired, it is very easy (but not recommended) to convert to/from a CharArray via String(charArray) or String(charArray).split(' ').

  • Create new 24-word mnemonic phrase
import cash.z.ecc.android.bip39.Mnemonics.MnemonicCode

val mnemonicCode: MnemonicCode = MnemonicCode(WordCount.COUNT_24)

// assert: mnemonicCode.wordCount == 24, mnemonicCode.languageCode == "en"
  • Generate seed
val seed: ByteArray = mnemonicCode.toSeed()
  • Generate seed from existing mnemonic
val preExistingPhraseString = "scheme spot photo card baby mountain device kick cradle pact join borrow"
val preExistingPhraseChars = validPhraseString.toCharArray()

// from CharArray
seed = MnemonicCode(preExistingPhraseChars).toSeed()

// from String
seed = MnemonicCode(preExistingPhraseString).toSeed()
  • Generate seed with passphrase
// normal way
val passphrase = "bitcoin".toCharArray()

// more private way (erase at the end)
charArrayOf('z', 'c', 'a', 's', 'h').let { passphrase ->
    passphrase.fill('0') // erased!
  • Generate raw entropy for a corresponding word count
val entropy: ByteArray = WordCount.COUNT_18.toEntropy()

// this can be used to directly generate a mnemonic:
val mnemonicCode = MnemonicCode(entropy)

// note: that gives the same result as calling:
  • Validate pre-existing or user-provided mnemonic
    (NOTE: mnemonics generated by the library "from scratch" are valid, by definition)
// throws a typed exception when invalid:
//     ChecksumException - when checksum fails, usually meaning words are swapped
//     WordCountException(count) - invalid number of words
//     InvalidWordException(word) - contains a word not found on the list
  • Iterate over words
// mnemonicCodes are iterable
for (word in mnemonicCode) {

mnemonicCode.forEach { word ->
  • Clean up!
mnemonicCode.clear() // code words are deleted and no longer available for attacker

Advanced Usage

These generated codes are compatible with kotlin's scoped resource usage

  • Leverage use to automatically clean-up after use
MnemonicCode(WordCount.COUNT_24).use {
    // Do something with the words (wordCount == 24)
// memory has been cleared at this point (wordCount == 0)
  • Generate original entropy that was used to create the mnemonic (or throw exception if the mnemonic is invalid).
    • Note: Calling this function only succeeds when the entropy is valid so it also can be used, indirectly, for validation. In fact, currently, it is called as part of the MnemonicCode::validate() function.
val entropy: ByteArray = MnemonicCode(preExistingPhraseString).toEntropy()
  • Mnemonics generated by the library do not need to be validated while creating the corresponding seed. That step can be skipped for a little added speed and security (because validation generates strings on the heap--which might get improved in a future release).
seed = MnemonicCode(WordCount.COUNT_24).toSeed(validate = false)
  • Other languages are not yet supported but the API for them is in place. It accepts any ISO 639-1 language code. For now, using it with anything other than "en" will result in an UnsupportedOperationException.
// results in exception, for now
val mnemonicCode = MnemonicCode(WordCount.COUNT_24, languageCode = Locale.GERMAN.language)

// english is the only language that doesn't crash
val mnemonicCode = MnemonicCode(WordCount.COUNT_24, languageCode = Locale.ENGLISH.language)

Known issues

  • When publishing the library, a Gradle warning will be printed. This is a known issue in Kotlin Multiplatform and can be safely ignored.


  • zcash/ebfull - Zcash core dev and BIP-0039 co-author who inspired creation of this library
  • bitcoinj - Java implementation from which much of this code was adapted
  • Trezor - for their OG test data set that has excellent edge cases
  • Cole Barnes - whose PBKDF2SHA512 Java implementation is floating around everywhere online
  • Ken Sedgwick - who adapted Cole Barnes' work to use SHA-512