A New Mnemonic Scheme – Seedless, Passphrase-Sealed, Builtin Multichain

TL;DR: Today’s mnemonics are bare keys with no cryptographic protection. MSCIKDF adds passphrase-sealing, seedless operation, and multi-curve support in a single derivation scheme. The user's exposure to compromise/leakage risk can be periodically reset, marking a significant advancement in cryptographic security.

In the first half of 2025, more than $1.7B in crypto assets were stolen, and roughly 70% of those incidents involved mnemonic-compromise pathways. The core problem is structural: today’s mnemonics are bare assets—whoever sees them immediately owns everything, and there is no cryptographic-level protection, no rotation model, and no way to safely evolve toward PQC.

I built MSCIKDF to directly solve this.

MSCIKDF is a cryptographic primitive that introduces passphrase-sealed mnemonics, curve-isolated derivation, and rotatable secrets at the KDF layer. It ensures that: - The seed is never stored on disk, and never kept in memory—it only exists for ~20 microseconds during signing or verification. - A mnemonic and its passphrase can be rotated unlimited times without changing any addresses and without migrating assets. - One mnemonic supports all major elliptic-curve families (Ed25519, Secp256k1, sr25519, P-256, etc.), covering essentially all chains. - The algorithm is pluggable, allowing smooth PQC upgrades in the future while keeping the same mnemonic and the same addresses. - Bonus: it supports UNICODE (Chinese / Japanese / Korean / Arabic / Emoji) as passphrases.

Why these properties are possible?

Under the hood, MSCIKDF was designed around: - Single-root → multi-context isolation (each chain, wallet, device, agent, or application gets a mathematically isolated stream). - Zero-persistence secret handling (the derived seed is never kept in long-term memory or disk). - Rotatable passphrase sealing, allowing unlimited secret rotation with stable public identities. - Curve-agnostic, multi-algorithm derivation, supporting both signatures and encryption (Ed25519, X25519, Secp256k1, sr25519, ECDSA, etc.). - PQC compatibility, meaning post-quantum KDF modules can be plugged in without breaking identities or requiring wallet migrations. In short: MSCIKDF turns mnemonics from “bare private keys” into cryptographically protected, renewable, multi-curve identity roots.

Paper (arXiv): https://arxiv.org/abs/2511.20505 Playground: https://github.com/mscikdf/mscikdf-playground