I must be missing something then.
Let's say I (user id 17768) achieve Legendary status next tuesday, when my activity goes from 798 to 812. That means that:
799 <= 775 + conv(substr(sha1(concat('17768',secretSeed)), 1, 2), 16, 10) <= 812
24 <= conv(substr(sha1(concat('17768',secretSeed)), 1, 2), 16, 10) <= 37
0x18 <= substr(sha1(concat('17768',secretSeed)), 1, 2) <= 0x25
And by removing the substr(…, 1, 2) part we infer that secretSeed is either:
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 18, or
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 19, or
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 1a, or
...
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 25.
And it isn't difficult to find those 14 possible seeds, right?
That's like trying to find the equation of some particular line when you only have one point on the line. You can find an infinite number of possible lines, but there's essentially no chance that you'll find the correct line. And with SHA-1, you won't get any closer to finding the true "line" no matter how many points you have. There are very many possible seeds which would perfectly match the current list of Legendaries, but only one of them will also match all future Legendaries.