> For the complete documentation index, see [llms.txt](https://programmingblockchain.gitbook.io/programmingblockchain/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://programmingblockchain.gitbook.io/programmingblockchain/key_generation/bip_38.md). # BIP38 (Part 2) We already looked at using BIP38 to encrypt a key, however this BIP is in reality two ideas in one document. The second part of the BIP, shows how you can delegate Key and Address creation to an untrusted peer. It will fix one of our concerns. **The idea is to generate a PassphraseCode to the key generator. With this PassphraseCode, they will be able to generate encrypted keys on your behalf, without knowing your password, nor any private key.** This **PassphraseCode** can be given to your key generator in WIF format. > **Tip**: In NBitcoin, all types prefixed by “Bitcoin” are Base58 (WIF) data. So, as a user that wants to delegate key creation, first you will create the **PassphraseCode**. ![](/files/-LL8tRwHV_AQP7UEu7C2) ```csharp var passphraseCode = new BitcoinPassphraseCode("my secret", Network.Main, null); ``` **You then give this passphraseCode to a third party key generator.** The third party will then generate new encrypted keys for you. ![](/files/-LL8tRwJIUwZLtVTgAt_) ```csharp EncryptedKeyResult encryptedKeyResult = passphraseCode.GenerateEncryptedSecret(); ``` This **EncryptedKeyResult** has lots of information: ![](/files/-LL8tRwLQWGXnnWv1EZZ) First: the **generated bitcoin address**, ```csharp var generatedAddress = encryptedKeyResult.GeneratedAddress; // 14KZsAVLwafhttaykXxCZt95HqadPXuz73 ``` then the **EncryptedKey** itself (as we have seen in the previous, **Key Encryption** lesson), ```csharp var encryptedKey = encryptedKeyResult.EncryptedKey; // 6PnWtBokjVKMjuSQit1h1Ph6rLMSFz2n4u3bjPJH1JMcp1WHqVSfr5ebNS ``` and, last but not least, the **ConfirmationCode**, so that the third party can prove that the generated key and address correspond to your password. ```csharp var confirmationCode = encryptedKeyResult.ConfirmationCode; // cfrm38VUcrdt2zf1dCgf4e8gPNJJxnhJSdxYg6STRAEs7QuAuLJmT5W7uNqj88hzh9bBnU9GFkN ``` As the owner, once you receive this information, you need to check that the key generator did not cheat by using **ConfirmationCode.Check()**, then get your private key with your password: ```csharp Console.WriteLine(confirmationCode.Check("my secret", generatedAddress)); // True var bitcoinPrivateKey = encryptedKey.GetSecret("my secret"); Console.WriteLine(bitcoinPrivateKey.GetAddress() == generatedAddress); // True Console.WriteLine(bitcoinPrivateKey); // KzzHhrkr39a7upeqHzYNNeJuaf1SVDBpxdFDuMvFKbFhcBytDF1R ``` So, we have just seen how the third party can generate encrypted keys on your behalf, without knowing your password and private key. ![](/files/-LL8tRwNReLh--vQgd7-) However, one problem remains: * All backups of your wallet that you have will become outdated when you generate a new key. BIP 32, or Hierarchical Deterministic Wallets (HD wallets) proposes another solution, which is more widely supported. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://programmingblockchain.gitbook.io/programmingblockchain/key_generation/bip_38.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.