Brain wallet, step-by-step guide (FIXED!)[Mod note: DO NOT USE BRAINWALLETS]

[BillyBobZorton]

I have learned recently that brainwallets are not a good idea, mostly because I lurk the bitcoin reddit and I think I saw you posting about it.

Now my fear/question is: are Electrum seeds also compromised? In theory isn't it the same as brainwallets? It creates a seed and this seed contains everything. I think the new HD wallet in bitcoin core is not like that (you can't "spawn" everything with a single seed) but with electrum it seems the same idea to me than brainwallets and now im worried... (im not a coder or anything so I dont understand the details, it just seems the same to me in practice)

The two main problems problems with brainwallets is that (1) humans created the randomness and humans are surprisingly bad at that (and, worse, can't tell how bad they are) and (2) they depend on human memory to perfectly remember a long highly random string.  Human memory is not very good at this either.

Electrum seeds, used correctly, don't have either of these problems.

The electrum seeds claim to be as safe as keeping your bitcoins in your bitcoin core wallet.dat...

What is the Seed?

The seed is a random phrase that is used to generate your private keys.

Example:

constant forest adore false green weave stop guy fur freeze giggle clock

Your wallet can be entirely recovered from its seed. For this, select the “restore wallet” option in the startup.
How secure is the seed?

The seed created by Electrum has 128 bits of entropy. This means that it provides the same level of security as a Bitcoin private key (of length 256 bits). Indeed, an elliptic curve key of length n provides n/2 bits of security.

Is this really the case? and how do you "correctly use" Electrum seeds? because you made a "if used correctly" remark.

I think the fact that you can memory the Electrum seed is cool, and if it's as safe as the way Bitcoin Core stores the keys, then why not also give us a way to generate our wallet.dat from an human readable seed like Electrum's if its as safe? now that Bitcoin Core supports HD wallet wouldn't this be possible? maybe im mixing things up tho, just using common sense im too dumb for the math/coding.

[1714788470]

1714788470

[1714788470]

1714788470

[gmaxwell]

Is this really the case? and how do you "correctly use" Electrum seeds? because you made a "if used correctly" remark.

Coming up with the string on your own rather than having the software do it or storing it only in your memory.

[ArcCsch]

There are security guarantees if you generate passphrases correctly.
If you generate a passphrase uniformly and at random from a set of size S, you can be sure (well...not really sure, there is always a chance an attacker will randomly guess your passphrase, but this is unavoidable) that an attacker preforming N computations, the probability of getting hacked is not more than P=N/S.
If you use words from a book, or a sentence that makes sense, or anything you come up with without a high quality source of randomness (dice, for example), you have no such security guarantee, and it is impossible to estimate the chances of getting hacked.
If you use Diceware with Warp Wallet, you will be safe as long as you don't forget the passphrase.

[Abdussamad]

Is this really the case? and how do you "correctly use" Electrum seeds? because you made a "if used correctly" remark.

Coming up with the string on your own rather than having the software do it or storing it only in your memory.

I think you mean using the software generated one and not coming up with a string on your own. Just saying that your answer is not clear and might confuse newbies.

Besides, since electrum v2.x you* can't make your own seed coz it has to have a checksum in it. You have to rely on the software.



* i mean lay people.