Author

Topic: how safe is the passphrase revovery seed (Read 570 times)

legendary
Activity: 1624
Merit: 2481
November 17, 2017, 06:05:28 AM
#7
Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?

Theoretically, yes. Private keys could be generated "a second time". This is called address collision.
There are 2^160 possible addresses which can be generated. Since, in theory, you have to search 1/2 of the search space to find a collision (birthday paradox),
you would need to calculate 2^159 priv-/pubkey pairs, on average, to find a collision by an address being generated a second time.
2^159 = 7307508200000000000000000000000000000000000000000000000
So the chances of a collision are almost zero. It is considered to be "bullet proof"

Provided the wallet you are using is using a good random number generator (with enough entropy).
legendary
Activity: 3052
Merit: 1273
November 16, 2017, 12:59:08 PM
#6
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?
jr. member
Activity: 153
Merit: 2
do your own research
November 16, 2017, 09:40:00 AM
#5
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Wow super cool thx
legendary
Activity: 1624
Merit: 2481
November 16, 2017, 09:00:27 AM
#4
A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.
copper member
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
November 16, 2017, 03:05:49 AM
#3
i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?

It should be working for even 20 years or so, since bitcoin will still working and will be mine until 2110–2140, and this word seed is one of those ways to generate bitcoin address so most probably this recovery seed will still work until that year
hero member
Activity: 938
Merit: 559
Did you see that ludicrous display last night?
November 15, 2017, 05:49:33 PM
#2
I'm not familiar with the length of seed or the the number of possible words in the seeds for Coinomi or Mycelium, but I know that my TREZOR has a 24-word seed. 

Their explanation of the security of their seed phrase is:
in order to check all possible orderings in a 24-word seed, you need to run SHA-512:

24! ÷ 256 × 8096 = 19621680704813697269760000 times

The bitcoin network is capable of preforming 176 537 883 000 000 000 iterations of SHA-256 each second.

If we wave our hands a bit, we can claim that SHA-512 and SHA-256 are the same difficulty (which they aren’t but let’s pretend they are). Therefore, it should take somewhere around half of:

(24! ÷ 256 × 8096) ÷ 176 537 883 000 000 000 ÷ 60 ÷ 60 ÷ 24 ÷ 365 = 3.5 years

for the ENTIRE BITCOIN NETWORK to crack the seed.
So with modern technology, it's outrageously impractical to attempt to crack a 24-word seed.  12-word and 18-word seeds are also perfectly secure, assuming that they were generated randomly.
jr. member
Activity: 153
Merit: 2
do your own research
November 15, 2017, 02:42:18 PM
#1
i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?
Jump to: