Topic: What is the guarantee that the SEED given to me is random generated ? (Read 593 times)

don't do it. you can not generate a truly random seed on your own, specially if you do it with hand or do it with a broken code that you make yourself.
also you can no longer use an arbitrary seed in electrum, you can read the sticky (https://bitcointalksearch.org/topic/why-you-cannot-enter-an-arbitrary-seed-in-electrum-153990) about it.

If I generate a seed on my own, how can I use it on ELECTRUM wallet? AS I know it generates it's own seed whenever we create a new wallet and does not allow us to type our own seed.

AMOD (OP),

The largest problem you would likely have with using Electrum would come from downloading a bogus file.  As an example; did you GPG/PGP verify the file you downloaded to use on your computer?  Most don't, and then if they grab a bad/infected file they try and blame Electrum's code.  I have looked through github project's stuff on Electrum and have found nothing.  In candor, I am not an expert level coder, but I have read through many posts there from other coders that are in fact great a working through the Electrum code.  Your confidence in just how well reviewed this code is would be greatly improved if you went and read through how thoroughly its vetted!  The code is vetted line by line with many branches suggested and tried while improvements are being considered.  Great reading there, and you will leave with such a great feeling about Electrum being ROCK SOLID.

If you are using the binary signed by Thomas and verified as good, the file is as solid as his reputation.  If you wanted to go one possible step further you could download the proven and signed source code and then do your own build.  This would eliminate any chance the public binary and source code do not match.  For that to occur Thomas would have to have purposely done something during the build.  Not going to happen, but just saying you could do your own build.  I use hardware wallets so this issue is moot in my case, but believe me when I tell you I used Electrum without hardware wallets for years.  Its never let me down.

It uses the Operating System's random number generator as shown in the https://bitcointalksearch.org/topic/m.1746905 reply.

I looked at the code and it looks like it uses ecdsa.util.randrange which uses os.urandom as the main source of entropy. This function returns random bytes from an OS-specific randomness source. The returned data should be unpredictable enough for cryptographic applications, though its exact quality depends on the OS implementation. On a UNIX-like system this will query /dev/urandom, and on Windows it will use CryptGenRandom()

I don't think there is any reason to fear that someone would be able to generate the same seed.

A related question:

What is the seed for the pseudo random number generator which creates the Electrum-seed?
Under normal circumstances I would just use the system time. But this would be a very bad idea here because then any attacker could just brute force over all time stamps (which are in seconds or milliseconds) of some day in the past and check for the generated seeds whether they are used, isn't it?
So from where comes the seed for the seed?

(I haven't looked into the code because I assume this would be too much effort for me to understand.)

Whenever it comes to an open source project, you have only two options:
- Either go through the code yourself and see what is happening in there
- Put your trust in the years which the code/wallet has being around (at least late 2011) and the number of people using that wallet.

If things you are assuming were true, somebody would have already found the shenanigans on the source code or have lost money

Yeah, this is definitely true. The code is open source so you can see the functions that generate the seeds and private keys to verify they are indeed random. You would of course have to have some programming experience to be able to understand the code, but the fact that the code is open source, means that many other people have reviewed the code and any issues would have been brought to light by now.

As mentioned above the Electrum wallet is open source and not trusting the developer cannot be an issue as you could compile and review the source code yourself , think of it logically even If you don't know Python , somebody else would find the backdoor If there was any. The developer of the wallet is also known in real life so doing such a thing will only result into going to jail and I don't see why he would take this risk.

Yes, you're worrying to much, ThomasV is a standup member of the community, and i seriously doubt he'd even attempt to sneek in a backdoor. Even if he would ever do such a thing (which i seriously doubt!!!), the sourcecode is open source, so i assume the backdoor would have been found by now.

If you're really, really, really, afraid of everything and everyone, you can always generate your own seed and use this in electrum.
You can use the seed to generate the xprv and xpub, and use online or offline tools to verify if the addresses generated by your own seed match the addresses generated by electrum

Thanks for reply.

However, i am not conversant with the language so cannot verify on my own.

Is there any other way to know that the SEED is not pre-decided ? Also how to ensure that private keys are built from this SEED only. Theoretically it is possible that the SEED is random but the private key building algorithm is fixed by the programmer. Programmer could have pre-created many Private key-public key-address combinations and the algorithm is generating only those outputs. Thus he can spent from my thus generated addresses.

Am I worrying too much and should go by the reputation of ELECTRUM?

You're free to read the sourcecode yourself, and compile the wallet using the sourcecode you manually verified.

https://github.com/spesmilo/electrum

Personally, i've used electrum for a long time, never had problems with it...

What is the guarantee that ELECTRUM has not pre-generated some seeds and knows those private keys and when i generate a new wallet, it gives me the same SEED?