Topic: Forget brainwallet - could you memorize an entire private key? - page 3. (Read 3047 times)

Let me drop knowledge: http://www.reddit.com/r/Bitcoin/comments/1ptuf3/
 or http://www.reddit.com/r/Bitcoin/comments/1nbmet/
They were always a bad idea.

Brainwallets were never a bad idea, they're just as secure as using a normal password. If you forget the password, bad luck, same goes with brainwallets.

It's easy to remember a simple phrase, such as "CandyMadeTheCowGoPoo", I can't understand why you think it's a bad idea.

Can we memorize a full Bitcoin private key?

I added a base26 encoding to pybitcointools to simply things (normal addresses and wallet-import-format private keys are Base58, with hard-to-memorize upper-case letters and numbers). Let's make some private keys. With this encoding, they have a usual and maximum length of 55 characters:

>>>bitcoin.encode(random.randint(1,2**256-432420386565659656852420866394968145599L), 26)
'digiglqzmbsylezyvovztjincftnxmpvcmtkszwcqrzttkgizgwgsrs'
'crbifkrcyokrerdtvfbliynoyyvspncuhenzanzoesdaggzjjccedyo'

Or if we separated them, lets try four or five letter groups:

'digi-glqz-mbsy-lezy-vovz-tjin-cftn-xmpv-cmtk-szwc-qrzt-tkgi-zgwg-srs'
'crbif-krcyo-krerd-tvfbl-iynoy-yvspn-cuhen-zanzo-esdag-gzjjc-cedyo'

We'd better check mistypes, two more letters from a hash of the key, for a 99.85% chance we detect a mistake - for a final form:

'digi-glqz-mbsy-lezy-vovz-tjin-cftn-xmpv-cmtk-szwc-qrzt-tkgi-zgwg-srsc-a'
'crbif-krcyo-krerd-tvfbl-iynoy-yvspn-cuhen-zanzo-esdag-gzjjc-cedyo-bi'

Do you have the brain power to commit a full-strength private to memory?


A private key is much stronger than a bitcoin address though - a private key is 256 bits, but an address hash is only 160 bits; every address probably has about 79228162514264337593543950336 private keys that could spend its money. As crazy as it seems, maybe we could get by only using private keys starting with 0x000000000000000000000000h; let's generate the rest:

>>> bitcoin.encode(2**160, 26)
'bdonjydfhmonirbfouktjpxyqzilesiamaq'

That is the minimum size of a computer-generated "brainwallet" key or password required to give you near the same strength as a regular Bitcoin address - 35 letters. A gifted individual could apply themselves and commit this to memory, just as there are those that memorize 1000 digits of pi.

Electrum cheats - it makes a 128-bit deterministic seed, even smaller than this (although the generated bitcoin private keys are spread around the keyspace in a way hard to reverse).

If you take letters randomly chosen from pages of a book, you need more letters (due to the frequency of certain letters). If you try to use English words, you need about 20 of them, randomly chosen from the entire Oxford dictionary (not ones you picked). If you try to make up your own password...well, you see the point.

Don't use your brain to store bitcoins.