Topic: Not funny problem I opened a wallet that was not mine (Read 279 times)
Did it have funds? You can open wallets with few changes in your own pvk but there is measly chance to have funds in it.
The math doesn't lie!
Wait, what? So, does that mean that 21 million is a finite number?
Wait until OP finds out about BIP39 passphrases that can be use with BIP39 mnemonics that allow you to use *any* password and get a completely different wallet! 
What a *HUGE* backdoor!
Seriously tho, hopefully this has been an educational experience for the OP... just because the 12/24 word seed looks exceptionally "simple", doesn't mean that it is easy for a bot to simply generate every wallet ever used. The math doesn't lie!
What a *HUGE* backdoor!
Seriously tho, hopefully this has been an educational experience for the OP... just because the 12/24 word seed looks exceptionally "simple", doesn't mean that it is easy for a bot to simply generate every wallet ever used. The math doesn't lie!
Using just the valid words what is the likelihood of opening a wallet?
Obviously not hard as I did it
Obviously not hard as I did it
You really need to do the math first.
Luckily someone else already did that for you.
Now the next step is to actually understand it. If you still have valid questions, feel free to ask.
Otherwise, try using the search engine. This question has been answered at least a few hundred times already.
And yet doing so is still trillions of times easier than stumbling across someone else's seed phrase.
Random Bitcoin addresses often appeal to the imagination. My first thought when entering a 12 word seed phrase and getting suggested words after 2 or 3 characters was the same: "wait a minute, I can do this!". Until I started doing the math.Random large numbers aren't intuitive, and quite hard to grasp. Finding a properly generated Bitcoin private key by chance is much less likely than typing my creditcard number by chance. Or even easier: my phone number. And yet, nobody would try to brute-force either one of those, because in those cases it's obvious how unlikely the odds are.
On a twelve-word phrase there are 132 bits of entropy as you said
132 bits of data; 128 bits of entropy.The difference being that your IP address will usually be locked out after a certain number of bad attempts for the first two examples, while there's no such mechanism when restoring from a seed phrase. Maybe that's what OP thinks is a problem.
OK sure. Then let's consider the FBI trying to decrypt a criminal's device that they have in their possession, or someone trying to crack the password to an encrypted wallet file. Both have unlimited attempts, both are far quicker processes of simply trying a password compared to generating a private key, converting to a public key, converting to an address, and checking for balance, and both are impossible with a full ASCII password of only around 12+ characters. And yet doing so is still trillions of times easier than stumbling across someone else's seed phrase. 
The difference being that your IP address will usually be locked out after a certain number of bad attempts for the first two examples, while there's no such mechanism when restoring from a seed phrase. Maybe that's what OP thinks is a problem.
Not if you have direct access to their database, like from a security leak, and then check every permutation against that database assuming the account numbers aren't stored as plaintext and instead are stored as hashes for example. 
When entering account details to a website, I can input any string of characters as a username and password, but the chances of finding someone else's account by doing this is almost zero.
When entering credit card details online, I can input any string of numbers and other details, but the chances of finding someone else's credit card by doing this is almost zero.
When restoring a wallet, I can enter any combination of words (including with invalid checksums, if I so desire), but the chances of finding someone else's wallet by doing this is almost zero.
When entering credit card details online, I can input any string of numbers and other details, but the chances of finding someone else's credit card by doing this is almost zero.
When restoring a wallet, I can enter any combination of words (including with invalid checksums, if I so desire), but the chances of finding someone else's wallet by doing this is almost zero.
The difference being that your IP address will usually be locked out after a certain number of bad attempts for the first two examples, while there's no such mechanism when restoring from a seed phrase. Maybe that's what OP thinks is a problem.
Note that there are only this many combinations if you include all 12 word seed phrases with an invalid checksum.
Yep, I had totally forgot that and as I tried, you can't import a seed phrase with an invalid checksum on exodus (see below). On a twelve-word phrase there are 132 bits of entropy as you said, which leaves us with 4 bits checksum. So, Tichama typed a completely random phrase and it was valid, meaning that he/she succeeded on 1 in 16 chances. Not that difficult, but even that sounds weird.
with a valid checksum is actually 2132 - 24 = 2128.
Wouldn't that be 2132 / 24 = 2128 ? There are 204812 different combinations
Note that there are only this many combinations if you include all 12 word seed phrases with an invalid checksum. 204812 is the same as 2132, which makes sense when you consider each of the 12 words encodes 11 bits of data, and 12*11 = 132. However, when you also consider that the last word contains 4 bits of checksum data and only 7 bits of entropy for a 12 word phrase, then the total number of combinations with a valid checksum is actually 2132 / 24 = 2128.Edit: Fixed the math, thanks.
Obviously not hard as I did it
If you don't own a machine that consumes sun's energy every millisecond, then it's exceedingly hard.You read what are the chances. There are 204812 different combinations, but you found one that was previously generated? Doesn't this seem odd to you? Was your seed phrase a random guess or did you enter the same word eleven times along with the last, checksum valid, twelfth word and it popped you some spent outputs?
Try importing the same mnemonic on electrum, just to confirm that exodus isn't functionating falsely.
You're going to be amazed when you find out you can create a Bitcoin private key by rolling a dice! Let's put it this way: any wallet you create is yours.
Maybe this helps: Bitcoin private key aren't secured in a "traditional" way: there is no password or lock on it. There's only a very large number. Anyone can come up with a large number, but nobody will come up with the exact same number.
Theymos puts it like this:
Maybe this helps: Bitcoin private key aren't secured in a "traditional" way: there is no password or lock on it. There's only a very large number. Anyone can come up with a large number, but nobody will come up with the exact same number.
Theymos puts it like this:
Imagine a massive wall of lockers. Each locker is 1mm by 1mm, and the entire wall of lockers is a square 2 light years on each side. When you choose a private key, you pick one of these lockers at random. When someone sends you bitcoins, there's some magical inbox which puts the bitcoins into your locker without telling the sender anything about the location of your locker.
The lockers don't have locks. If someone knew the location of your locker (ie. your private key), then they could just go take what's in it. Similarly, it's possible to choose a locker at random and find that someone has used it already at some point in the past. But there are just so many lockers that in reality it's never going to happen, even if humanity devotes all of its efforts to searching through all of the lockers.
The lockers don't have locks. If someone knew the location of your locker (ie. your private key), then they could just go take what's in it. Similarly, it's possible to choose a locker at random and find that someone has used it already at some point in the past. But there are just so many lockers that in reality it's never going to happen, even if humanity devotes all of its efforts to searching through all of the lockers.
When entering account details to a website, I can input any string of characters as a username and password, but the chances of finding someone else's account by doing this is almost zero.
When entering credit card details online, I can input any string of numbers and other details, but the chances of finding someone else's credit card by doing this is almost zero.
When restoring a wallet, I can enter any combination of words (including with invalid checksums, if I so desire), but the chances of finding someone else's wallet by doing this is almost zero.
When entering credit card details online, I can input any string of numbers and other details, but the chances of finding someone else's credit card by doing this is almost zero.
When restoring a wallet, I can enter any combination of words (including with invalid checksums, if I so desire), but the chances of finding someone else's wallet by doing this is almost zero.
You can't call it "a wallet that was not mine" just because you entered some words and saw some addresses. You can type in any random combination of words selected from the 2048-word long wordlist and end up with a valid checksum that lets you derive addresses.
Here is a simple example changing 1 word but changing more would work too. All valid mnemonics:
Here is a simple example changing 1 word but changing more would work too. All valid mnemonics:
Code:
bulb piece heavy share impact eyebrow weird copy wish claim crew abandon
bulb piece heavy share impact eyebrow weird copy wish claim crew acquire
bulb piece heavy share impact eyebrow weird copy wish claim crew ahead
bulb piece heavy always impact eyebrow weird copy wish claim crew ahead
bulb piece heavy approve impact eyebrow weird copy wish claim crew ahead
bulb piece heavy share impact eyebrow weird copy wish claim crew acquire
bulb piece heavy share impact eyebrow weird copy wish claim crew ahead
bulb piece heavy always impact eyebrow weird copy wish claim crew ahead
bulb piece heavy approve impact eyebrow weird copy wish claim crew ahead
Seriously, was there anything in the wallet you opened? A bitpenny or 100btc?
How could I have opened one? Obviously not all the words in red are required, just the ones in white
It is statistically improbable. The combination of words has to be in the correct permutation for your wallet to be recovered. The complexity of being able to find a set of seed phrases that has been used is roughly the same as finding a used private key as well. Provided that your RNG is random enough. If the length of the seed phrase is at least 12 words long, you're fine.
If you have opened someone else's wallet, then there is a problem with your wallet, probably generating seed phrases insecurely.
The worst is basically someone opens all wallets with a bot
3*10^38 wallet combinations
How could I have opened one? Obviously not all the words in red are required, just the ones in white
The worst is basically someone opens all wallets with a bot
Sure, but let's think about it: You can open 10,000 wallets a second with a super bot. Off you go.
3*10^38 wallet combinations/10k a second=3*10^34 second.
Divide again by 60 seconds to a minute, 60 minutes to an hour, 24 hours to a day, 365.25 days to a year and you will search all the wallets in:
950,642,634,420,868,507,110,806,905 years.
So be sure to grab a cup of coffee before starting, it may take a bit.
How long before we hit one?
Well, let's take a guess of 100,000,000 wallets with some form of coin in them, just as a starting point. If we divide the above number by 100,000,000 we get:
9,506,426,344,208,685,071 years to find a wallet on average.
So about 9.5 quintillion years and you will most likely find one. Given that the sun will go nova in 4 billion years you have a good solid .0000000420768% chance of hitting a wallet with coin before the sun blows up.
Go go, time's waiting!
I guess you could enter a valid seed phrase? Am I right?
A seed phrase usually consists of 12 words. Considering the 4 bits of checksum, these 12 words generate 128 bits of entropy.
This means that there are around 3 * 1038 valid 12-word seed phrases.
It's extremely easy to enter a valid seed phrase.
It's extremely unlikely to enter a seed phrase already generated by someone else and steal the fund.
In other words, you can enter a valid seed phrase and generate valid addresses. But you can't generate funded addresses.
A seed phrase usually consists of 12 words. Considering the 4 bits of checksum, these 12 words generate 128 bits of entropy.
This means that there are around 3 * 1038 valid 12-word seed phrases.
It's extremely easy to enter a valid seed phrase.
It's extremely unlikely to enter a seed phrase already generated by someone else and steal the fund.
In other words, you can enter a valid seed phrase and generate valid addresses. But you can't generate funded addresses.
Using just the valid words what is the likelihood of opening a wallet?
Obviously not hard as I did it
Sure, you can open *A* wallet, but since there are a very large number of possible wallet addresses and only a small number of those have actual coin your chances of stumbling on an address with anything in it is pretty low. There are people who look for these kind of intersections, but unless it is a really stupid passphrase it's highly unlikely you will hit anything by trying random seed combos. But give it a go, what's the worst that can happen?
The worst is basically someone opens all wallets with a bot
I guess you could enter a valid seed phrase? Am I right?
A seed phrase usually consists of 12 words. Considering the 4 bits of checksum, these 12 words generate 128 bits of entropy.
This means that there are around 3 * 1038 valid 12-word seed phrases.
It's extremely easy to enter a valid seed phrase.
It's extremely unlikely to enter a seed phrase already generated by someone else and steal the fund.
In other words, you can enter a valid seed phrase and generate valid addresses. But you can't generate funded addresses.
A seed phrase usually consists of 12 words. Considering the 4 bits of checksum, these 12 words generate 128 bits of entropy.
This means that there are around 3 * 1038 valid 12-word seed phrases.
It's extremely easy to enter a valid seed phrase.
It's extremely unlikely to enter a seed phrase already generated by someone else and steal the fund.
In other words, you can enter a valid seed phrase and generate valid addresses. But you can't generate funded addresses.
Using just the valid words what is the likelihood of opening a wallet?
Obviously not hard as I did it
Sure, you can open *A* wallet, but since there are a very large number of possible wallet addresses and only a small number of those have actual coin your chances of stumbling on an address with anything in it is pretty low. There are people who look for these kind of intersections, but unless it is a really stupid passphrase it's highly unlikely you will hit anything by trying random seed combos. But give it a go, what's the worst that can happen?
Jump to: