Topic: Brain wallet, step-by-step guide (FIXED!)[Mod note: DO NOT USE BRAINWALLETS] - page 4. (Read 7074 times)

I am really surprised by the collective refusal of brain wallets. It all started roughly two years ago when suddenly a secret society of crypto guys started a war on brain wallets ... including popular ones like brainwallet.org that I have used thoroughly back then.
I guess it would be sufficient to just clearly state that the "passphrase" has to be unique and not "guessable" by anyone else, but that would be just to simple, wouldn't it?

I have personally lost BTC, that were stored in my mobile wallet (when my mobile was "borrowed" by a worthless asshat in the subway).
I have lost BTC that were stored in a wallet.dat when my SSD suddenly failed.
I have lost BTC that were stored in a wallet.dat when I accidently typed rm -rf / into the console.
But I am yet to lose any of my BTC that I have stored in a brain wallet.

People have tried to convince me to store it in an online wallet (where the owner may pull of Houdini's magic disappearence act anytime) or on a crappy 100$ SSD (which failure is a poisson distribution around it's END-OF-LIFETIME point) before, but that's not gonna happen!

Saying "all brainwallets will be emptied" is just as wrong as claiming that "alternative storage methods" are fool-proof.

Generally, my assumption is that when an otherwise intelligent person advocates for brainwallets, it's because they are hoping that foolish people with weak passphrases will store significant sums of bitcoin that they can later steal.

If you want to personally use a brainwallet. Go ahead.  None of us are stopping you. However, if you are going to advocate for them, then foolish people will read what you write and will lose money.

Anecdotal evidence (such as examples of brain wallets that haven't yet been cracked) aren't proof of anything.  The fact that something hasn't been broken yet is not proof that it can't be broken. I'd think that would be obvious.

A brainwallet refers to the concept of storing Bitcoins in one's own mind by memorizing a mnemonic recovery seed
I just find out of this kind of wallet, looks interesting. Need to learn about it later.
Yes, it's so hard to cracking brain wallet as the seed is memorized by the owner.
But, you still have to write it down, right? Just in case, because > If a brainwallet is forgotten or the person dies or is permanently incapacitated, the Bitcoins are lost forever.

Or for a different reason.
E. g. to research brain wallets.

This "research" paper does not say how many bitcoins they have collected as the result of cracking brain wallets.
The logical assumption is: because they haven't collected any significant amount, even though they "have been able to crack thousands of passwords including some quite difficult ones".
Because (most likely) they only cracked the passwords that nobody really cared about in the first place.
Proving only how silly the conclusion from their paper is.


Your claim would be true, if you had found at least one person who thinks that "those passwords are strong".
Otherwise it's just what you believe.

I will tell you what.
If you want to prove your point, all you need to do is take any password from the list (e.g. " say hello to my little friend"), find the address it came down to and see how many coins this address ever carried, for a longer period of time. If it was a significant amount, then you are right and I am wrong.
It's all in the blockchain - be my guest.

Alternatively, you can contact the authors of this paper and just ask them how many bitcoins they found on the addresses they cracked.
Tell them that there is a guy on bitcointalk.org who claims that they are a fraud and you are trying to clear their names...

Clearly multiple people chose those passwords to protect some amount of Bitcoin.

The point is that people think those passwords are strong passwords because online password checkers say that those passwords are strong. If you are recommending people to use brainwallets, they are likely to use those types of passwords thinking that they are strong passwords when in actuality they are not.

Those are pretty weak.

Sorry mate, but I've gone through these programs and "research" papers and I must say that if they have any value then it's rather entertaining than scientific.

Let me just refer to the last one from the list - this is their "conclusion" sections:

And this is the list of the "quite difficult ones" that they are so proud of cracking:

I mean, seriously?
What kind of idiot do you think would chose any of the above passwords to protect his life's savings?

This is the best attitude ! That's why I have created my own as well.

No thanks, I have my own.

I don't trust other people with their wallet software - no matter if it would be a brain wallet, a core wallet or a hardware wallet.

If you like you can take a look at my brain wallet.
It will even try to sign and verify a message to ensure that the generated key is working fine: https://github.com/OrdinaryDude/brain-wallet

I actually read it quite often and I always ignore it, but it was always upsetting me.

People saying basically "I know what I am talking about, don't us a brain wallet and if you do don't come to me crying after you loose your bitcoins".

I just wonder whether in such case people can come to you crying when they used a non-brain wallet and then either lost it because they had no backup or because someone stole their (backup) wallet file.
Can they?

Because how can anyone objectively disagree (or agree) with a complexity of a technical challenge described by such words?

Do you even understand that cracking a brain-wallet's seed password is a serious technical challenge?

Which tool/approach would you have chosen to crack my brain wallet?


Which is exactly why guides like this can be very useful.
Unlike dogmatic statements based on someone's beliefs, basically coming down to: don't use a brain wallet, because you are too stupid to make a proper password.
IMHO, there is nothing more stupid (or arrogant) than assuming that all the other people are stupid, except greg and theymos

I have my entire BTC holdings in brain wallets, there is no safer place for them imho.

Why? I understand not using probably (I thought this was in beginners and help so it was primarily as a warning to noobs) but what is wrong with "horribly insecure"?

Cracking programs:

• https://github.com/ryancdotorg/brainflayer
• https://bitcointalksearch.org/topic/large-bitcoin-collider-collision-finders-pool-1573035 (semi related to cracking brainwallets, although geared towards cracking addresses in general)

Research:

• https://rya.nc/cracking_cryptocurrency_brainwallets.pdf (defcon talk, not research paper but close enough)
• http://fc16.ifca.ai/preproceedings/36_Vasek.pdf
• https://eprint.iacr.org/2016/103.pdf

This is not just something that I believe or my emotions. Many other people in the Bitcoin technical area have discussed how brainwallets are insecure and not recommended for general use. Off the top of my head, I know that greg and theymos has discussed this before.

It is possible to securely use brainwallets, but it should not be something that is recommended to newbies and those who do not understand technical aspects of Bitcoin IMO.

Please don't use words like "horribly" or "probably" trying to discuss technical issues.

Please refer me to the multiple research papers (and programs) you've mentioned.

I am able to discuss technical aspects (numbers, codes, algorithms) and science behind them.
I am not however willing to argue with your emotions or believes.

I use brain wallets myself, have been for years.
For me they are more secure, reliable and convenient than wallets which require to be stored and backed up.

I appreciate that you don't explicitly promote brain wallets, but you must admit that you did post a response in a thread that was started by OP to promote a "good" way of creating brain wallets (it wasn't) showing that your brain wallet was still safe as pro-brain-wallet evidence. Depending on how some will read that response, it could be misinterpreted as a general promotion of brain wallets (how many people will follow your link and read that entire thread? or even read the context in this thread?).... that was my complaint.

The purpose of this thread is to create a way to make brain wallet more secure using the BIP38 key stretching algorithm, I, however, bungled it, and the instructions are not nearly as secure as they can be. I am surprised that peer-review did not adequately explain this vulnerability, I will fix the instructions as soon as possible. They are still more secure than the normal brain wallet.

I haven't "promoted" the use of brain wallets but have simply stated (and have proven) that they "can be safe" as I think it is not reasonable for people to constantly state that *no brainwallet can be safe* due to being a human being (but I won't deny that perhaps for the vast majority it is probably not going to be safe).

I am considering to move that 1 BTC and then reveal the brainwallet passphrase that was used as an illustration of how one might go about creating such a thing (but I will not be *recommending* others to do this).

That last sentence is rather important, and usually gets lost in the noise.

It's not a question of whether or not it's theoretically possible to create a safe brain wallet, it's one of whether or not it's a wise idea to promote them.

I've no problem if CIYAM wants to create a brain wallet because he's demonstrated that he generally knows what he's talking about, and is willing to accept the risks.

I've a big problem with OP (or anyone else for that matter) promoting brain wallets in general because of the damage it can cause. This is further compounded by the fact that most people (I'm no exception) tend to overestimate their knowledge of a subject they haven't thoroughly studied ("maybe someone else will choose a bad brain wallet, or forget their brain wallet due to a wetware malfunction, but surely I'm smart enough to avoid these problems").

In short: please don't use brain wallets. Please don't promote them (that includes you, CIYAM).

And yet if you look here: https://blockchain.info/address/1Au4v6dZacFVsWXeKUMJd99AtyBZeqti2L

1 BTC that has been there since 2012 is still there - I posted about this here: https://bitcointalksearch.org/topic/a-challenge-to-the-idea-that-no-one-can-create-a-good-brainwallet-885616

It certainly isn't a simple thing to create an effective brainwallet but it also certainly isn't impossible (as I've demonstrated for four years).