Author

Topic: 24 word recovery seed: How does it work? Secure? (Read 227 times)

newbie
Activity: 44
Merit: 0
hahaha ok point made wow....I definitely feel better now. Thanks guys.
HCP
legendary
Activity: 2086
Merit: 4363
Hmmm, it doesn't seem like it would be that rare that the same key is produced. Very interesting. Thanks for replying and explaining it.
The current (english) wordlist for BIP39 has 2048 words in it... a "typical" seed uses 12 words... some wallets use 24 words... even with just 12 words, the basic calculation for the number of combinations is:

204812 = 5.4445179 * 10^39

With 24 words that would become:

204824 = 2.9642775 * 10^79

even discounting "invalid" seeds (the last word is actually a checksum, so not ALL combinations of words actually generate a valid seed mnemonic) , that's still some fairly large numbers Wink Then you can factor in the fact that you can also add a "passphrase" onto the 24 word seeds... which pretty much makes the number of combinations infinite.
newbie
Activity: 44
Merit: 0
The specification for the mnemonic is BIP 39. That mnemonic is then typically used with BIP 32 to generate your private keys.

How does your wallet know not to generate 24 words that are already in use by someone else
It doesn't know, and it does not need to know. The search space is so massive that a crytpgraphically secure random number generator has an extremely small change of generating a seed that someone else has generated before. The probability of that happening is so infinitesimally small that it is nearly impossible. This principle of unlikelihood is the basis of all modern cryptography.

and what happens if someone even accidentally enters your 24 words?
Then they can generate your private keys and spend your Bitcoin. The odds of this happening are extremely small, so much so that it is impossible.

Hmmm, it doesn't seem like it would be that rare that the same key is produced. Very interesting. Thanks for replying and explaining it.
staff
Activity: 3458
Merit: 6793
Just writing some code
The specification for the mnemonic is BIP 39. That mnemonic is then typically used with BIP 32 to generate your private keys.

How does your wallet know not to generate 24 words that are already in use by someone else
It doesn't know, and it does not need to know. The search space is so massive that a crytpgraphically secure random number generator has an extremely small change of generating a seed that someone else has generated before. The probability of that happening is so infinitesimally small that it is nearly impossible. This principle of unlikelihood is the basis of all modern cryptography.

and what happens if someone even accidentally enters your 24 words?
Then they can generate your private keys and spend your Bitcoin. The odds of this happening are extremely small, so much so that it is impossible.
newbie
Activity: 44
Merit: 0
I can't find any real good answers on it. Apparently there is something called bip 32 and those 24 words create private keys based on that program. Those 24 words in that order will always produce the same private keys.

How does your wallet know not to generate 24 words that are already in use by someone else and what happens if someone even accidentally enters your 24 words?
Jump to: