Bitcoin Forum>Other>Beginners & Help
Author

Topic: Why you're asked to move your mouse randomly while creating a new wallet? (Read 165 times)

Captain-Cryptory
newbie
Activity: 23
Merit: 853
Why you're asked to move your mouse randomly while creating a new wallet?
August 19, 2020, 06:24:12 AM
#7
Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
Have you ever wondered why you are asked to move your mouse randomly on the screen while creating a new wallet?
What purpose does it solve?



Being running every OS generates a bit stream consisting of  the digits taken from the end (in fact a few last bits are taken)  of the time stamp of any interruption event whether it was resulted from internal hardware like CPU,  HDD, you name it , or  peripheral like mouse or keyboard. That stream is called entropy pool. By moving you mouse you add some digits to that pool thus increasing entropy generated   by computer over the time. That pool is used by PRNG to "pull out" pseudo-random numbers which are needed to create wallets.
pooya87
legendary
Activity: 3472
Merit: 10611
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 19, 2020, 12:09:42 AM
#6
it is an extra entropy not the entropy itself.
usually implementations don't use the OS random number generator alone, instead they mix it with another entropy source which is again usually generated behind the scene without the user knowing. two blocks can be hashed and XORed together or it can be in a HMAC as its key and message to generate the final entropy.
it is done to avoid relying solely on OS random so that in case a vulnerability were found in it, the wallets wouldn't be at risk.
hatshepsut93
legendary
Activity: 3024
Merit: 2148
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 18, 2020, 11:19:02 PM
#5
Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
Sometimes, the OS uses random number generator along with some other source of entropy like mouse movements to add a human source of randomness , which is why you're asked to wiggle your mouse to generate that added randomness.

The OS never asks user to wiggle their mouse to collect entropy, it does it in background and it uses many other hardware sources. It also always has a software pseudorandom number generator, which is almost always available.

I only saw this request to move the mouse on paper wallet generator sites, one of which is a malicious one, which steals user's coins. I assume this was done because in the past Javascript didn't have good RNG, so developers decided to ask for entropy input manually. But this isn't needed now, because now JS has good crypto functions. Newer wallets like MEW use it and there has never been any problems with it.
o_e_l_e_o
legendary
Activity: 2268
Merit: 18748
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 18, 2020, 02:30:42 PM
#4
Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
A private key is just a number that is picked at random. It is similar to choosing a number from 1 to 2256.
A bitcoin private key cannot be any 256 bit number. The maximum it can be is n-1, with n being the order of the secp256k1 curve, a number very slightly smaller than 256 bits.

Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
It is usually done by bitcoin software through the underlying operating system, which uses a random number generator to generate 256 bits of entropy.
Not usually. As Charles-Tim says, most bitcoin wallets use a random number generator to generate the entropy needed to calculate the seed phrase. Private keys are generated deterministically from the seed phrase.
Charles-Tim
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 18, 2020, 02:08:36 PM
#3
Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
But this is irreversible, which means you can not generate a private key from the Public Key.
It is one way irreversible not because private key can not be generated from public key, but because the public key or address can not be used to brute force private key. Normally, public key can not be used to generation private key, it will always be private key that will be used in a way the private key used can not be known from the public key or addresses.

Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
A private key is just a number that is picked at random. It is similar to choosing a number from 1 to 2256.
You are right, but this is just like a brain wallet. It is the entropy that normal standard HD wallets are using to generate private keys, the randomness is in the entropy while the private key is later generated from the seed that is generated from the entropy after seed phrase is generated.

Quote from: Sahyadri on August 18, 2020, 12:26:00 PM
It is usually done by bitcoin software through the underlying operating system, which uses a random number generator to generate 256 bits of entropy.
The entropy generated by HD wallet ranges from 128 bits to 256 bits.

|  ENT  | CS | ENT+CS |  MS  |
+---------+----+---------------+--------+
|   128   |  4 |      132     |  12  |
|   160   |  5 |      165     |  15  |
|   192   |  6 |      198     |  18  |
|   224   |  7 |      231     |  21  |
|   256   |  8 |      264     |  24  |

ENT= Entropy
CS= Checksum
MS= Mnemonic sentence in words

I am not saying you are wrong, but I just included how private keys are generated in hd wallet which is the standard wallet for now that is embraced by developers.
seoincorporation
legendary
Activity: 3346
Merit: 3125
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 18, 2020, 02:07:37 PM
#2
The short answer is:

To generate entropy.

There are different ways to do this, you can write with the keyboard or move the mouse, that way with the right entropy we will generate a unique bitcoin address.

Not all the services ask us to do this, but most of the online address generators have it. (Never use one of this because you will risk your Privatekey)
Sahyadri
sr. member
Activity: 744
Merit: 266
Re: Why you're asked to move your mouse randomly while creating a new wallet?
August 18, 2020, 12:26:00 PM
#1
Have you ever wondered why you are asked to move your mouse randomly on the screen while creating a new wallet?
What purpose does it solve?

So your wallet is nothing but a digital database that stores your digital keys.

These digital keys include
  • Private Key
  • Public Key

The public key is hashed to create a Bitcoin address, which is used to receive bitcoin. While the private key is like a pin needed to spend the bitcoin received. The public key is generated from the private key through Elliptic Curve multiplication (There are a few articles related to this on this forum which you can read to understand it better). But this is irreversible, which means you can not generate a private key from the Public Key.

Then how the private key is generated?
A private key is just a number that is picked at random. It is similar to choosing a number from 1 to 2256.

But who chooses this number?
It is usually done by bitcoin software through the underlying operating system, which uses a random number generator to generate 256 bits of entropy.

Then where does wiggling the mouse come?
Sometimes, the OS uses random number generator along with some other source of entropy like mouse movements to add a human source of randomness , which is why you're asked to wiggle your mouse to generate that added randomness.

Bitcoin Forum>Other>Beginners & Help
Jump to: