So the software knows a certain combination of 24 words matches a certain keypair.
Obviously the software doesnt have all the possible combinations stored. It generates the 24 words and keypair using certain algorithm.
Obviously the software doesnt have all the possible combinations stored. It generates the 24 words and keypair using certain algorithm.
No.
The software chooses 24 words (out of a set of 2048 words as specified in BIP39 [1]) randomly(!).
Thats 2.96427748 * 1079 different seeds. Way more than someone could ever create (by far).
Why cant this process be reversed?
The software chooses 24 words. This seed is used to derive the private key (or multiple private keys..).
To be more accurate:
Quote
To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic sentence (in UTF-8 NFKD) used as the password and the string "mnemonic" + passphrase (again in UTF-8 NFKD) used as the salt. The iteration count is set to 2048 and HMAC-SHA512 is used as the pseudo-random function. The length of the derived key is 512 bits (= 64 bytes). [1]
Together with BIP44 [2] this basically creates a one-way-function. This makes it impossible to get the mnemonic seed out of a private key.
The public key is derived from the private key using ECDSA [3].
And the address is a RIPEMD160 hash of a SHA256 hash of the public key (hash functions are one-way-functions) [4]
[1] https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
[2] https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki
[3] https://de.wikipedia.org/wiki/Elliptic_Curve_DSA
[4] https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
