Expand description
BIP39 24-word encoding of the user’s AES-256 encryption key.
The 32-byte key from crypto::generate_aes_key() is encoded as 24
English words (256 bits of entropy + 8-bit BIP39 checksum). Users
display this once via cinch auth recovery show and re-import it on
a new device with cinch auth recovery restore.
No KDF — the AES key is already high-entropy random bytes from
OsRng. BIP39 is used purely as a human-friendly transport
encoding with a built-in checksum that catches typos.
Enums§
Functions§
- key_
to_ words - Encode a 32-byte AES key as a 24-word BIP39 phrase (English wordlist, space-separated, lowercase).
- words_
to_ key - Decode a 24-word BIP39 phrase back into the 32-byte AES key.