 Fabiano asks, how do mnemonic seed words work? It looks like magic to me. I believe it was Arthur C. Clarke who said, any sufficiently advanced technology is indistinguishable from magic to a civilization that's not as advanced. I think one of the funny things about cryptography is that a lot of cryptography, a lot of mathematics involved in cryptography, seems like magic, and it takes a while to get used to and understand how it works. First of all, let's describe what mnemonic seed words are. Mnemonic seed words encode a specific amount of randomness. They are basically a number. That number is represented by words, but those words are simply an encoding of that number, almost like a look-up table. What does that mean exactly? If you use a standard mnemonic, which is a bit 39 mnemonic, then there is a dictionary of 2048 words. This dictionary of 2048 words has been carefully selected so that the words do not appear similar. You can always figure out which word you are looking at, just from the first four letters of that word. Four letters gives you a unique word in this dictionary, but the letters don't matter. What matters is that you have 2048 words. Think of each of them as a symbol. If you have, for example, a 12-word mnemonic, then that 12-word mnemonic encodes 2048 to the power of 12 possible numbers. Essentially, each word represents about 11 bits of information in binary, and those 11 bits can be used to construct. A key is essentially a seed. The seed is 128 bits, for example, if you have 12 words, or 256 bits if you have 24 words. From that 128-bit or 256-bit number, your wallet will then produce a master-private key through a process of stretching. Stretching is basically applying a hash algorithm again, and again, and again, and again. In the case of VIP 39, the hash algorithm is applied 2,000 times, together with an optional passphrase, to produce a master-public key. That master-public key is then used with repeated hashing functions to produce a series of private keys. These private keys can be used to do transactions. You start with a long number, 128 bits. That long number gets expressed as 12 English words from a dictionary of 2,048 words. Those words are then stretched through a hashing algorithm to produce an even longer number, which is used as your master-private key. That is usually a 512-bit number. That 512-bit number is used, again, with repeated hashing, to produce a sequence of private keys. In fact, a tree of private keys, and that is a hierarchical deterministic wallet or HD wallet. Each one of those private keys can then produce a public key and an address, and you can do transactions. If you take that mnemonic seed and put it into a new wallet, the new wallet can basically recreate that process and produce all of the private keys. There is an infinite number of private keys that can be produced from a seed in a specific sequence. What your wallet will do is start from the beginning, and it will keep looking on the blockchain to see if those keys have been used... by looking at the addresses and whether they ever had a balance or a transaction related to them. It will stop looking once it has found 20 empty addresses, assuming that you haven't used any of those, and you didn't get that far in the sequence. That is how a mnemonic seed is imported. All of this is part of two standards, BIP39, for mnemonic words, and BIP32, for hierarchical deterministic wallets. Quick question from Barnabas. It's a follow-up for that. The words themselves are not selected by hue. The words in a mnemonic phrase are produced from a random number, 128-bit or 256-bit random number. When we say random, what does that mean? Does that mean true random? Does that mean cryptographically secure pseudo-random number generator? Does that mean pseudo-random number generator? It really depends. You can generate the seed entropy in any way you like. You could use some kind of process that uses quantum fluctuations in order to produce a true hardware random number. But for most purposes, a cryptographically secure pseudo-random number generator, such as that one provided by your computer hardware, and with sufficient seeding, which means wiggling your mouse around, typing on the keyboard, etc., will produce sufficient entropy, sufficient randomness for the use of seeds. Theoretically, at least if you wanted to, you could take some casino dice, which are properly balanced, well-designed, and carefully audited dice. You could put them in a shoebox, shake them together, and keep throwing dice, using that to produce a 128-bit random number. From that, encoded as a mnemonic phrase of 12 English words, there is no requirement in the specification as to how you produce the randomness. Susanna asks, finally, can the mnemonic seed be imported to another wallet? Yes, one of the great features of mnemonic seeds, as long as they follow a well-supported standard, such as BIP39, can be moved from any BIP39 compatible to any other BIP39 compatible wallet. You can import a seed, and it should be able to find all of your transactions, addresses, and keys. You can also run the same mnemonic seed on multiple wallets simultaneously, and that means you can spend from all of them. But of course, keep in mind that possession of the seed means possession of your funds, so be very careful when managing seeds. The more places you type it in, the more places you put it, the more places you restore it from backup, the more likely you expose it to a system that has been compromised.