Post
Topic
Board Development & Technical Discussion
Re: Given the first 15 words out of 24, can a hacker crack the wallet?
by
lyw123
on 05/10/2023, 13:59:36 UTC
You may need a script to generate the latter. (can anyone provide the numbers if the latter if possible?)
Let's see.

You can generate a 12 word seed phrase with a valid checksum and use that as the first 132 bits of entropy for your 24 word seed phrase. Concatenate another 124 bits of entropy, and then calculate the 8 bit checksum to give yourself a valid 24 word seed phrase. Take the last 12 words of this seed phrase. Given 12 words have a 4 bit checksum, then there is a 1/16 chance that this checksum is valid. So it won't take long at all to bruteforce a valid combination.

Here's one I just made in just a few minutes:
Code:
pupil magic fun throw lecture sunset pizza fashion helmet couch auto impact despair height humor impose near plunge clever abstract swing laundry scheme acquire

Both the first 12 words and the last 12 words are valid seed phrases on their own:
Code:
pupil magic fun throw lecture sunset pizza fashion helmet couch auto impact
despair height humor impose near plunge clever abstract swing laundry scheme acquire



As I said to OP in another thread, his back up scheme is not great. He is planning to have some words written down, some words stored electronically, a variety of different encryption techniques, a variety of different passwords (are these being backed up too? Where? Or are you relying on memory? (Which is even worse!)), and more. It is far too complicated, and he runs a significant risk of failing to recover from his back ups and inadvertently locking himself out of his own wallets.

If you want to avoid a single point of failure, then you should use a standardized and tried-and-tested method for doing so, such as multi-sig or passphrases.