always has been
okay I have to say BIP39 is a horrible fucking standard
first of all implementing it in any way violates the principle of “don’t do secret based memory accesses”
second of all fuck you because you need to run PBKDF on the seedphrase itself and not the entropy bits
cc nostr:npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmleku
Discussion
“a trie can be used for prefix compression” holy fuck let’s throw constant time out of the window
“run seeds through PBKDF2” if you want to slow down passphrase brute forcing then run the PW through PBKDF2