reee (OP)
Sr. Member
 Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
 |
July 21, 2017, 04:54:15 PM |
|
Would it be feasible to generate a "micro-seed" to "memorize" the private key of a single address?
Now there is a seed of 12 words that can be use to recover a wallet with many addresses.
So I thought, with 2-3 words it would be possibile to recover a single address? Or it would need more words?
Are there some services that do this? I know there was "brainwallet" but it wasn't secure.
|
|
|
|
|
|
|
|
|
|
|
Bitcoin mining is now a specialized and very risky industry, just like gold mining. Amateur miners are unlikely to make much money, and may even lose money. Bitcoin is much more than just mining, though!
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
bL4nkcode
Copper Member
Legendary
Offline
Activity: 2142
Merit: 1305
Limited in number. Limitless in potential.
|
|
July 21, 2017, 05:02:46 PM |
|
I guess no, it cannot recover only one or two address out of 2-3 words in a recovery seed. Only you can generate the private keys of this address from your wallet using the 12 seed to the mnemonic converter, and choose the address you want to recover and copying the address's private key them simply import it to any client.
|
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 05:18:27 PM |
|
I guess no, it cannot recover only one or two address out of 2-3 words in a recovery seed. Only you can generate the private keys of this address from your wallet using the 12 seed to the mnemonic converter, and choose the address you want to recover and copying the address's private key them simply import it to any client.
I know that electrum hasn't this functionality, i was asking if it would be feasible to create a stand-alone "micro-seed" to recover a single address. I was curious about the amount of words needed to memorize a single private key. |
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 05:30:29 PM |
|
I guess no, it cannot recover only one or two address out of 2-3 words in a recovery seed. Only you can generate the private keys of this address from your wallet using the 12 seed to the mnemonic converter, and choose the address you want to recover and copying the address's private key them simply import it to any client.
I know that electrum hasn't this functionality, i was asking if it would be feasible to create a stand-alone "micro-seed" to recover a single address. I was curious about the amount of words needed to memorize a single private key. No it wouldn't be possible using electrum's default word list because using three words wouldn't result in enough entropy. A three word seed would result in an address associated with a low entropy private key that would be fairly easy for an attacker to calculate. Any coins sent to that address could be stolen by an attacker. |
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 06:38:39 PM |
|
No it wouldn't be possible using electrum's default word list because using three words wouldn't result in enough entropy. A three word seed would result in an address associated with a low entropy private key that would be fairly easy for an attacker to calculate. Any coins sent to that address could be stolen by an attacker.
It's strange that 12 words can "encode" safely many keys, and 3 keys can't "encode" a single address. So, what is an easy way to memorize a single private key? |
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 07:04:45 PM |
|
No it wouldn't be possible using electrum's default word list because using three words wouldn't result in enough entropy. A three word seed would result in an address associated with a low entropy private key that would be fairly easy for an attacker to calculate. Any coins sent to that address could be stolen by an attacker.
It's strange that 12 words can "encode" safely many keys, and 3 keys can't "encode" a single address. This stackexchange page explains how 12 words are just used to derive an extremely long random number. That extremely long number is what is used to create an almost limitless number of private keys. Three words from the electrum word list couldn't be used to derive a random number long enough to securely create a single private key. https://bitcoin.stackexchange.com/questions/44272/electrum-seed-lengthThe 13-word mnemonic is just a way to encode a 128bit number into something human-readable and memorable. The 13th word is a checksum, and 12 words would suffice to recover the number encoded. So, what is an easy way to memorize a single private key?
I doubt it's possible for most people to memorise a single private key. Maybe someone with a photographic memory could do it, but I doubt many normal people could. |
|
|
|
|
kolloh
Legendary
Offline
Activity: 1736
Merit: 1023
|
|
July 21, 2017, 08:45:17 PM |
|
So, what is an easy way to memorize a single private key?
I doubt it's possible for most people to memorise a single private key. Maybe someone with a photographic memory could do it, but I doubt many normal people could. I'm sure it is possible with enough practice. People memorize 100s to 1000s of digits of Pi, so certainly it could be done. It isn't very practical though and wouldn't be worth the time commitment it would take to memorize it. There is also too much at risk if you forget the key and don't have it backed up somewhere else. |
|
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 08:50:26 PM |
|
So, what is an easy way to memorize a single private key?
I doubt it's possible for most people to memorise a single private key. Maybe someone with a photographic memory could do it, but I doubt many normal people could. I'm sure it is possible with enough practice. People memorize 100s to 1000s of digits of Pi, so certainly it could be done. It isn't very practical though and wouldn't be worth the time commitment it would take to memorize it. There is also too much at risk if you forget the key and don't have it backed up somewhere else. Maybe it's possible to do it for a short time, but it would be very hard to be sure of memorising a key for years. I can easily remember passwords I use every day, but I often find myself at a loss when trying to remember one I haven't used in years. |
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 08:51:47 PM |
|
I was asking a way like the electrum seed, not memorizing the entire alphanumeric sequence
|
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 09:01:30 PM |
|
I was asking a way like the electrum seed, not memorizing the entire alphanumeric sequence
You could try the method of loci. People use it to memorise a shuffled pack of cards among other things. Apparently it works, but I don't know if it's good for memorising things for years, and I would be very cautious about trusting my coins to it even it's reliable in the long term. https://en.wikipedia.org/wiki/Method_of_lociWhat if you have an accident that affects your memory, or a health condition affects it? No memorisation technique can secure your coins in that situation. |
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 09:16:23 PM |
|
I don't really want to memorize a private key, I was just curious.
I still don't understand why 12 words are good for encode many private keys, and 3 are not enough to memorize a single private key.
Probably it's because also the order matters.
The article you linked says electrum uses a dictionary of 1626 words.
How many private keys are there in bitcoin? If we know this, we can find how many word are necessary by solving:
1626^x=numer_of_possible_private_keys
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 09:25:14 PM |
|
mmh, i read that the number of possible private keys is 2^256 (because bitcoin keys are 256bit long). So we have: 1626^x=2^256 solution is: x = 23.99899907 so 24 words for a single private key. Electrum uses only 13 words for many keys  |
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 09:32:17 PM |
|
mmh, i read that the number of possible private keys is 2^256 (because bitcoin keys are 256bit long). So we have: 1626^x=2^256 solution is: x = 23.99899907 so 24 words for a single private key. Electrum uses only 13 words for many keys It doesn't use the words to generate a private key, it uses the words to generate a very long random number, then uses that number to generate private keys. The number has 135 bits of entropy. This page explains how secure the electrum seed is. http://docs.electrum.org/en/latest/seedphrase.html |
|
|
|
|
reee (OP)
Sr. Member
Offline
Activity: 439
Merit: 252
Get Paid to Play your Media on Current
|
|
July 21, 2017, 09:39:20 PM |
|
So the 20 generated addresses are not "independent", but they have a link each other, so there aren't 2^256^20 possible wallets but a lower number, that however is probably still safe for normal use.
|
|
|
|
HI-TEC99
Legendary
Offline
Activity: 2772
Merit: 2846
|
|
July 21, 2017, 10:09:38 PM |
|
So the 20 generated addresses are not "independent", but they have a link each other, so there aren't 2^256^20 possible wallets but a lower number, that however is probably still safe for normal use.
The addresses electrum generates are all part of a deterministic wallet. They are perfectly safe to use unless an attacker finds out your wallet's master public key and one private key from a singe address. It's possible to calculate all the other private keys in your wallet using those two pieces of information. Bitcoinmagazine explains all about deterministic wallets, and that exploit. https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276/The problem is this: although you certainly can securely hand out child keys with no risk to the parent key, and you can hand out master public keys with no risk to the master private key, you cannot do both at the same time. The exploit for when that situation does arise is actually quite simple, and can be done with two lines of pybitcointools code. That bitcoinmagazine article also points out that electrum's seed words are as difficult to memorise as random strings of characters. the standard (Electrum) implementation of the second approach is too difficult to memorize – studies show that passphrases like “glow date cost bloody curve wheel cousin picture ring finally bubble press” are no easier to memorize than random strings of characters of an equal security level. |
|
|
|
|
HCP
Legendary
Offline
Activity: 2086
Merit: 4316
<insert witty quote here>
|
|
July 22, 2017, 10:44:04 AM |
|
They may not be easier to memorise, but they do offer some protection from mistakes when transcribing... Given a normal English word like "finally" and a random string like "De0itl5" which one do you think you might get wrong when writing it down?
Additionally, by attempting to use non-similar words, it also tries to enable recovery from minor errors in transcribing. Granted the current word list isn't exactly great for this with word like kit, kid, kite etc...
But still... If you write down "finaly" instead of "finally" you're likely to be able to fix that by looking at the word list... However, if your random string is "De0itl5" and it isn't working when you try and type it in... What are you options for figuring out which character is wrong... Or missing?
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3612
Merit: 1564
|
|
July 22, 2017, 11:28:43 AM |
|
Would it be feasible to generate a "micro-seed" to "memorize" the private key of a single address?
Now there is a seed of 12 words that can be use to recover a wallet with many addresses.
So I thought, with 2-3 words it would be possibile to recover a single address? Or it would need more words?
Are there some services that do this? I know there was "brainwallet" but it wasn't secure.
A single private key is 256bits and you can't represent that in 2-3 words. You can't even represent it in 12 words. The 12 words of an electrum seed only gets you 124bits of entropy. |
|
|
|
|
Abdussamad
Legendary
Offline
Activity: 3612
Merit: 1564
|
|
July 22, 2017, 01:47:20 PM
Last edit: July 22, 2017, 02:00:49 PM by Abdussamad |
|
mmh, i read that the number of possible private keys is 2^256 (because bitcoin keys are 256bit long). So we have: 1626^x=2^256 solution is: x = 23.99899907 so 24 words for a single private key. Electrum uses only 13 words for many keys Electrum used to have a dictionary that size in the past. Now the dictionary is of 2048 words and typical seed size is 12 words. However 1 of those 12 words is used to encode meta data such as the seed version, wallet type and a checksum. The 11 words that you have available allow you to encode a 124 bit random number. However the author believes that even the meta data cannot be guessed and an attacker would have to brute force it just like the rest of the seed so he believes in reality its more than 124 bits. You're fundamental point that the seed has less entropy than the private key is correct. But 124 bits is considered secure so it doesn't matter much. If you want a smaller or larger seed you can actually generate one using electrum command line options: will tell you more. |
|
|
|
|
|
