 Show Posts
|
|
Pages: [1]
|
It' s different converting private key to pubkey with searching a UTXO linked to a every single addresses. |
|
|
|
2. the title is a little bit bad, right. You can edit it, for example: "Is a hidden derivation path enough to keep Bitcoin secure after compromised seed phrase?" thank you for your opinoin. |
|
|
|
Your thread's title is sort of bad, because if you actually loose your private keys that control UTXOs, nothing prevents an attacker to spend your coins. Your mnemonic recovery words aren't your private keys!
I'm not so sure about the "impossible" part. If you hide your coins in some custom derivation path, an attacker has to exhaust the derivation path space if he doesn't have any clues about what derivation you've used.
When the attacker has your mnemonic recovery words then he only needs to perform the computationally somewhat expensive 2048x PBKDF2 rounds only once. Further derivations down the branches of the derivation path are far less expensive per index than the PBKDF2 rounds to get to the BIP32 root key derivation.
An attacker would've to build a database of Bitcoin addresses which hold UTXOs. Querying this database for any particular derivation path down from the BIP32 root key is surely a pain and likely not feasible for more than two unknown branches of the derivation path.
While BIP32 allows an index space of mostly 232 per index, which wallet software actually supports such custom derivation paths? You might discover "funny" bugs while exploring custom derivation paths.
To secure a potential compromisation of mnemonic recovery words, I'd rather add a strong mnemonic passphrase instead of a custom derivation path. Reason is that brute-forcing a mnemonic passphrase is more computationally expensive because you always have to go through the 2048x PBKDF2 rounds for every try. This is very likely much slower than walking through derivation path indices.
1. whatever it is BIP44 or BIP32, It doesn't do with database something like that, Hacker has to search every single addresses (one by one) to find valid UTXO. So it takes time. 2. the title is a little bit bad, right. I don't use this dumb method. |
|
|
|
What if my coin is at m/86'/0'/1096823754'/1/1189356152 address? Chances are the attacker will never find your coins. BUT: making up your one "encryption scheme" largely increases the chance of losing access yourself! What makes you think you'll remember 1096823754 and 1189356152 and their exact locations 5 years from now? Read how I lost and regained access to my made-up brainwallet: it's a risk. If you want to add "something" extra on top of the seed words, why not extend the seed with a 13th (or 25th) custom passphrase? That's a much more standard method of adding time in case your seed gets compromised. How to protect my coin even if the mnemonic/passphrases are robbed To think about: what are the odds of getting robbed, and what are the odds of losing access yourself? This has always been the one compromise in Bitcoin I'm not entirely comfortable with.
Dear signature spammers, what's with the shitposting on the tech board without understanding or even reading what OP wrote?you are absolutely right. I don't use it like this m/86'/0'/1096823754'/1/1189356152 I just wondered whether how long will it take to find the balance (or is it possible to find it). The answer is "impossible" |
|
|
|
I wonder that How can he send balance when he doesn't even know if the private key has a UTXO with or without a balance?
Hackers don't even know what purpose wallet the owner of the private key made with mnemonic (p2tr, p2wpkh, p2pkh, p2sh) so they can send the balance? Impossible
If your story is true, rather than arguing with me, you must move your bitcoin to a new wallet, then when you finished that transaction with confirmations from Bitcoin miners, you can return to this thread, and argue with me again.
You said what you lost is a wallet mnemonic seed, that means hacker has access to all private keys in that wallet. Wallets, it's a chapter 5 in Mastering Bitcoin book. Reading it can help you understand about wallet mnemonic seed and a Hierarchical Deterministic (HD) key generation (BIP32). HD wallet: a tree of keys generated from a single seed.you don't understand what I mean. if My bitcoin is at m/86'/0'/1096823754'/1/1189356152, you can not figure out my balance. How do you find the UTXO unless I wouldn't say that? |
|
|
|
(Subtitle: How to protect my coin even if the mnemonic/passphrases are robbed)
If a hacker has acquired my mnemonic and passphrase, how does He look up the balance?
When a hacker has your wallet mnemonic seed, he can import it and steal your bitcoin. He does need to check all addresses in that wallet, if he import it and see bitcoin there, he will send your bitcoin to his wallet without need to know what addresses of yours have bitcoin. I meant he does not need to choose UTXOs for his sending. If you are fearful that your wallet is hacked, and balance is still there, you must sweep your fund to a new wallet. Do it as fastest as possible because a hacker can do his job faster than you. I wonder that How can he send balance when he doesn't even know if the private key has a UTXO with or without a balance? Hackers don't even know what purpose wallet the owner of the private key made with mnemonic (p2tr, p2wpkh, p2pkh, p2sh) so they can send the balance? The hacker needs to know the UTXO that the wallet has to specify the input of the transaction, How can he create a transaction when he doesn't know UTXO? |
|
|
|
|
(Subtitle: How to protect my coin even if the mnemonic/passphrases are robbed)
If a hacker has acquired my mnemonic and passphrase, how does He look up the balance?
Of course He is going to run the program,
Maybe there are all the balance in the first 2 to 30 addresses of the first account of each wallet type, right?
That is, if many people put it all in m/84'/0'/0/0~m/84'/0'/0'/0/20 (for example) as cold wallet default setting
Spotted my coin in an instant!
By the way, if I put the coin in a specific index of a specific account, will the hacker be able to find my coin???
In order to put two elements (a mnemonic and a passphrase) and find all the accounts and all the corresponding indexes, you need to browse all the addresses that the private key can have.
However, the number of addresses that a single private key can have is
Starting with the address varying depending on the wallet for what purpose (which may also be p2tr, p2wpkh, p2pkh, or Multisig1/1), there are number factors in the following cases.
In other words, in terms of the derived path of the HD wallet (based on bip44)
> m / purpose' / coin_type' / account' / change / address_index
Purpose: 44, 48, 49, 84, 86 (number 5) depending on wallet purpose
coin_type : Bitcoin 0
account : account (number 2^32)
change : ex/in : received address 0/ change address 1 (number 2)
address_index: address serial number (number 2^32)
To check the balance of all addresses that one private key has
5 x 2^32 x 2^32 = 1.8 x 10^20 addresses exist.
It takes 1.8x10^15 seconds to search for every address (even if it is a supercomputer) =58,454,204 years
What if my coin is at m/86'/0'/1096823754'/1/1189356152 address?
It takes 10 million years to discover, even if He is lucky.
|
|
|
|
|
