Bitcoin Forum

Hello, I'm trying to figure out how much time would it take to guess a backup seed of a wallet if I had all 12 or 24 but they were shuffled.
I know how many combinations that is. 12! and 24! are fairly simple answers.
What I can't figure out is how much time would it actually take to some CPU using a specially designed script? Just creating all possible variables and then trying them out.
How many processor operations does it take to set up first 24 words and then run it through some wallet to test it out?
How many of this variables can some intel core i7 try out in a second?
Can anyone help me out? I wasn't able to find my answers in different parts of the internet. Most of the talk is about brute-force if you just know it can be any of 2048 words.

You will never know if you don't test them out first. Like you said it is a brute-force method and it depends on your processor how speed could brute your wallet.
If you are looking for a CPU benchmark you can check this site https://www.cpubenchmark.net/CPU_mega_page.html

and honestly, most of brute-force user use GPUs to crack the wallet base on what I heard.

12! is "only" 479,001,600 different orders... so if you know all 12 words and just need to try different orders, it wouldn't take tooooooo long for a script to chug through them all. Probably measured in hours (maybe days depending on the computer and/or scripting language being used).

24! is a significantly larger number... 6.204484e+23 so you'd definitely be days if not weeks/months.

It's also important to realise that you aren't just making combinations of words... you have to test each combination to see if it is actually a valid combination (ie. try and convert to seed and see if checksum is valid)... so that'll slow things down a little.

Thank you for your replies.
We are working on a metal case for backup seed and hardware wallet. We want to laser engrave the seed on small plates from stainless steel, but also make to it 100% secure. Out attempt is not to make our customers trust us but instead, make it that there is no need to trust us. They are protected by math. :)
I'm absolutely certain that our model is safe. Every customer will need to give us 60 words. That gives us 2.2e40 variations. I just need to put some easily understandable numbers behind it.
That's way figuring out how much variations can some known processor try out in a second would give me pretty much all I need.

So your plan is to engrave all 60 words onto the plate? ???

How is the user supposed to remember which of the 60 words are the seed? Won't that then necessitate that the user then have some special method of working out which of the 60 words are actually their seed? And how would they back that information up? ???

It would seem that the methods employed by CryptoSteel (https://cryptosteel.com/) or Billfodl (https://billfodl.com/) whereby the user is provided a bunch of individual letters which they arrange themselves... or Blockplate (https://www.blockplate.com/), where the user needs to use a metal punch to encode the words themselves removes the "trust" part of the equation.

There are more examples of similar products listed here: http://bulletproofbitcoin.com/


The math "sort of" supports your method... but the problem is that you're effectively shrinking the search space from 2048 to 60 words... which is a massive reduction... and then asking people to trust you. That could be the very hard part... People in Crypto are VERY suspicious of everything :P

No, not a single plate. https://scontent.fbts2-1.fna.fbcdn.net/v/t1.0-9/38255348_1298298466973557_3477126375184269312_o.jpg?_nc_cat=107&_nc_eui2=AeGb8WX0eKb1PfxFjiScrDwsh-lQ8Qry4-cvcXbYJgvdTqnHZe6jULCDTuvbDs5jfwryIODXGYOdZSvcGqXifqG6eJtqegvu_CElBbIK2qUXBA&_nc_ht=scontent.fbts2-1.fna&oh=11515e1816e8a13f2bdee5002c5c3b9d&oe=5C7A2815
Yes, it's quite similar to cryptosteel, but a lot nicer and for slightly different use. It is bigger because it can store your trezor or ledger, which is the main added feature. So the best way to use it is to bury it under the ground in your backyard and wait for the apocalypse to come. Then you dig it out, take out the trezor, put seed in it and you are good to go surviving. :)
Or you can just put it on your table as it is a really nice piece of metal. :)

Ahhhhh ok, so they give you 60 words, you engrave them all on individual pieces and then send them all to the user who uses just the 24 they want...

That's a pretty neat idea! :)

Now I see why you need to work out the math... Shouldn't be too difficult to work out. If I get a chance I'll try and benchmark a simple script.

It should also be noted, that if the user implements a passphrase ("25th word") of "reasonable strength", even if you knew the exact 24 words, it would still be next to impossible for you to crack their wallet

FYI, It doesn't happen often, but is is possible for words to appear multiple times.

These are valid (albeit poorly generated) 12-word seeds:

abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about
zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo zoo wrong