# Account Creation in Wallet ### 1. **Mnemonic Setup** When you first create a wallet, the system generates a **12-word or 24-word recovery phrase** , following the **BIP-39 standard** . #### Why Mnemonics Matter: * Acts as the **root of trust** for your wallet. * Deterministically generates all keys (signing + encryption). * Must be stored securely — it’s the only way to recover your wallet if lost. ### 2. **Key Generation** Two distinct key pairs are derived from the mnemonic: #### SLHDSA Keys (Signing) * **Algorithm**: NIST-standardized post-quantum signature scheme. * **Used for**: Signing transactions on **Quranium Chain** . * **How It Works**: * The mnemonic is converted into entropy using `mnemonicToEntropy`. * This entropy is processed with **SHAKE256** (an extendable-output function from SHA-3 family) to produce a 96-byte seed. * The seed is fed into `slh.slh_dsa_shake_256f.keygen` to generate the **SLH-DSA key pair** . #### ML-KEM Keys (Encryption) * **Algorithm**: Lattice-based post-quantum encryption scheme. * **Used for**: Securely encrypting backups, messages, and sensitive data. * **How It Works**: * The same mnemonic is used to derive a **seed** via BIP-39 (`mnemonicToSeed`). * A 64-byte seed is generated using **SHAKE256** . * The seed is passed to `ml_kem768.keygen`, which produces an ML-KEM public/private key pair. 3. Address Derivation: * Once the **SLHDSA public key** is generated, it is used to derive a blockchain address compatible with Quranium Chain. * Relevant code for generating signing key pair and address : ```typescript async generate(mnemonic: string, derivationPath?: string): Promise { const entropy = Buffer.from(mnemonicToEntropy(mnemonic), "hex"); const seed96 = shake256.create({ dkLen: 96 }).update(entropy).digest(); const keys = slh.slh_dsa_shake_256f.keygen(seed96); const originalPublicKey = Buffer.from(keys.publicKey); const strippedPubKey = originalPublicKey.subarray(1); const publicKeyHash = keccak256(strippedPubKey); const addressBytes = publicKeyHash.slice(-20); const address = bufferToHex(addressBytes); return { address: address.toLowerCase(), privateKey: bufferToHex(keys.secretKey), publicKey: bufferToHex(originalPublicKey), }; } ``` **Unique Feature:** Each account has separate keys for signing (SLHDSA) and encryption (ML-KEM).