You may have heard the term BIP38 before, but what does it actually mean?
BIP38 is basically a standard way to encrypt a Bitcoin private key with a password. So if someone finds your encrypted key he can’t decipher it without knowing the password.
BIP stands for Bitcoin Improvement Protocol – meaning if you have an idea to make Bitcoin better, you can draft it up, and if it’s accepted by the community, they will start using it. So BIP38 is just the 38th proposal submitted to the Bitcoin Improvement Protocol which is currently adopted by Bitcoin users for protecting their private keys.
There are two ways you can use BIP38. The first is to encrypt an existing private key with a password.
The second way to use BIP38 is to let someone else create a private key for you and not allow them to spend your Bitcoins. So if you buy a physical Bitcoin, for example, you’ll notice they have a private key printed on them, and the guy who created them knows that key. So having BIP38 allows the creation of these coins and still protects you from the seller’s ability to spend them.
Keep in mind that private keys encrypted with BIP38 will usually start with 6p instead of the usual 5j.
BIP38 Status Today
BIP38 is still marked as a draft proposal, and it hasn’t changed over the years. These days, it’s seen as more of a legacy format rather than something people actively use to secure their Bitcoin. Most modern wallets have moved on to better methods, so if you come across a BIP38 key, it’s usually because it was created a long time ago.
Important Safety Update
Paper wallets are now considered outdated and risky. If you find an old BIP38 paper wallet, the safest move is to decrypt it and move the coins into a modern wallet straight away. For new cold storage, you’re far better off using a hardware wallet, a carefully set up offline wallet, or a multisig arrangement.
Two Ways BIP38 Works
BIP38 can be used in two different ways:
- Encrypt a key you already have: You take a private key and lock it with a passphrase.
- Create a deposit address without sharing your passphrase: This uses something called an intermediate code that you can give to someone else so they can make a Bitcoin address for you. There’s also an optional confirmation code that helps double-check you typed the passphrase correctly, plus “lot” and “sequence” numbers that keep everything unique.
This second method used to be handy if you wanted someone to print you a paper wallet without giving them your password. Nowadays, people mostly use hardware wallets or seed phrases instead.
BIP38 Settings and What the Keys Look Like
BIP38 uses settings that are deliberately slow to crack, which is why a long, strong passphrase is so important.
- Encrypted private keys always start with 6P.
- Unencrypted private keys start with 5 (old uncompressed style) or K/L (newer compressed style).
Handy Reference Table
To make things easier, here’s a quick reference table that shows how different types of private keys and codes look, what they’re used for, and how to recognize them at a glance. This is especially useful if you’re dealing with an old paper wallet or trying to figure out what kind of key you have in front of you.
What it is
What it does
What it looks like
Encrypted private key (BIP38)
A single key locked with a passphrase
Starts with 6P
Unencrypted private key (old style)
A regular private key without a passphrase
Starts with 5
Unencrypted private key (compressed)
A newer version of a regular private key
Starts with K or L
Confirmation code
Helps you check that the passphrase is correct
Shows a short address fingerprint
Intermediate code
Lets someone create a deposit address for you without knowing your password
Shared code, not the passphrase
Knowing these formats will help you avoid mistakes when handling old keys. If you spot something starting with 6P, you’re looking at an encrypted BIP38 key. If it starts with 5, K, or L, it’s a regular unencrypted key. Intermediate and confirmation codes are less common today but are still important to understand if you’re recovering older funds.
BIP38 vs BIP39: Don’t Confuse Them
People often mix these two up:
- BIP38 protects a single private key with a passphrase.
- BIP39 gives you a seed phrase that can generate an entire wallet and many addresses.
If you find an old BIP38 key today, the usual approach is to decrypt it and move (or “sweep”) the funds into a modern wallet that uses a seed phrase or a hardware device.
How to Deal With an Old BIP38 Paper Wallet
If you ever come across one of these, here’s the safest way to handle it:
- Go offline if you can. Use a clean, trusted computer or device.
- Decrypt the 6P key with your passphrase to get the actual private key.
- Sweep the coins into a new wallet. Don’t just import the key — move the funds completely.
- Switch to modern storage. Once you’ve moved the coins, retire that old key and store your coins using a better method, like a hardware wallet.
Common BIP38 Mistakes to Avoid
- Using a weak passphrase: This is the biggest risk. A short or common password can be guessed with modern tools.
- Importing instead of sweeping: Importing a private key keeps your coins tied to the old key. Sweeping moves them safely to a new one.
- Storing only the encrypted key: If you lose the passphrase, you lose the coins. Always back up both.
- Treating BIP38 as “extra security” for a seed phrase: It’s not the same thing. BIP38 works with single keys, not full wallets.
Conclusion
BIP38 played an important role in the early days of Bitcoin by giving people a way to lock a single private key with a passphrase. While the format hasn’t changed, the way we secure Bitcoin has moved on. Paper wallets and manually encrypted keys come with real risks today, especially if the passphrase is weak or the wallet is stored carelessly.
If you come across a BIP38 key now, the safest move is to decrypt it and move the funds into a modern wallet as soon as possible. For long-term storage, use a hardware wallet or a properly set up cold storage solution. Understanding how BIP38 works will help you recognize old keys, recover funds safely, and avoid common mistakes.
Why you can trust 99Bitcoins
Established in 2013, 99Bitcoin’s team members have been crypto experts since Bitcoin’s Early days.
Weekly Research
100k+Monthly readers
Expert contributors
2000+Crypto Projects Reviewed
