
All your savings in a paper with only 12 to 24 random words: those are your private keys or seed phrase. Those words are the single thing in the world that will give you access to your cryptocurrencies. Nothing and no one else. So, couldn’t someone, anyone, just… guess which words are? Your wallet isn’t the only one that exists, after all. There must be tons of seed phrases around. If someone with a lot of free time starts to just guess random words to recover random wallets, would they eventually succeed? Well, if they’re immortal beings with nothing else to do but wait until the end of the universe, maybe. Let’s see how this works. How Seed Phrases Work They do seem simple, but seed phrases are just a tool to make our lives easier as average crypto users. You see, most crypto wallets use the BIP-39 standard to create these random words, not with human logic, but with complex math. BIP-39 was proposed in 2013, so, before that, private keys used to look like this for everyone: E9873D79C6D87DC0FB6A5778633389CFEF4F3C8A4E9B6D7C1F2A3B4C5D6E7F8 Not exactly user-friendly and quite intimidating. These private keys still exist underneath as huge numbers. BIP39 mainly changes how humans back up and restore them. The seed phrase isn’t the private key itself, but a human-readable representation of random entropy. From those words, the wallet derives a master private key and then many child private keys through standards such as BIP32 (deterministic wallets, the ones we know today). In other words, the security never decreased, only transformed into something human-readable. Now, speaking of that security… Why Seed Phrases Resist Guessing A 12-word seed phrase is generated from an enormous amount of randomness (entropy) inside the wallet software, while a 24-word phrase uses far more random data. In practical terms, that creates a mind-bending number of possible combinations. A 12-word phrase alone has about 340 undecillion possibilities . That number stretches so far that writing it in full becomes annoying… but let’s do it just for funsies. 340,282,366,920,938,463,463,374,607,431,768,211,456 This number is so large that it’s considered just theoretical. As Knowing Bitcoin explains: “If every computer on Earth tried a billion seed phrases per second, it would take trillions of times the current age of the universe to try them all. The 24-word version is the square of that — a number so vast it exceeds the estimated number of atoms in the observable universe.” We dare say that no one is going to "guess" your seed phrase anytime soon. No, not even the not-quite-ready quantum computers . The Real Weak Point: Human Habits Hackers and scammers aren’t out there trying to guess your private keys with sheer willpower. Actually, they rely quite a bit on your own carelessness for that. For instance, you may buy crypto, receive a seed phrase, then save it in a phone screenshot because “it’ll just stay there for a day.” Six months later, the screenshot sits inside a cloud backup connected to three devices and an old email account from high school. One security leak later, the wallet vanishes. One accidental malware installation , goodbye funds. Fake wallet websites and emails also cause enormous losses . A scam page or message may pop up claiming there’s an urgent problem with an account, then ask for the seed phrase “for verification.” Entering the words hands over total control immediately. No one, no company, and no legitimate party will ever ask for your seed phrase. It’s private for a reason. Phishing wallet apps (imitations) also exist, even on Google Play and the App Store. Try spotting red flags like grammatical mistakes, bad reviews, recent additions, or very few installations. And remember that the humble paper backup tucked safely offline is your best way to secure your funds. In Obyte , you can create a simple textcoin to contain most of your funds offline, and set up a multidevice account for higher security. Featured Vector Image by vectorjuice/ Freepik
View original source — Hacker Noon ↗


