All I can say to that is people who are not a cryptography expert should never try to invent their own cryptography algorithms. Not to mention that you still can't solve the other more important issue with brainwallets which is the issue with forgetting things over the long term.
Well I'm not sure what qualifies someone as a "cryptography expert" but I think we all use things that may have flaws. For example, BIP-32. Could 2 different starting seeds have some overlap in derived keys? If so, is that something the designer felt an acceptable occurrence? Or did they even think about that issue at all?
But you're right that the limitation of brainwallets is the human memory, but even so...
Quote
Maybe no one thinks to try the above procedure for a long time, but one day, someone learns that the above person has a lot of coin, their favorite number is 420, and they like to generate their private keys via non-standard methods. This might lead someone to try to generate private keys via psudo-random methods in various ways using '420' as the seed up to a certain level of entropy that can be easily cracked.
What I'm thinking is if I designed some super secret but easy for me to remember branwallet algorithm, it wouldn't even help you to know my starting brainwallet passphrase simply because the main source of entropy is the algorithm itself. And you could spend an eternity going through those before you hit on the correct one.
some people might argue that it's impossible to degisn such an algorithm thats easy to remember. for me, it's the opposite way. i could remember an algorithm but i would have more trouble memorizing a 30 character phrase that had 120 bits of entropy. because a human doesn't have the capability to truly generate such a thing i dont think. unless they roll dice but then that would make it impossible to memorize...
Quote
It's more likely they'll lose access to their coin because they forget small detail of the parameter/protocol specification or bug within implementation. They also need to keep the implementation software since it's unlikely they'll rewrite it when they use different device, which open new vulnerability.
Maybe but trying to memorize a 30 character phrase may not be easy either. for me, algorithms are easier to remember than long strings.
