How does private key compromise a wallet?

[beachbummer]

 Forgive me for my poor understanding and allow me what is probably a stupid question.

The private key methodology seems to me to be highly dependent on a a very large pool of random numbers for which it is assumed that there can be no collisions (i.e. the probability of 2 or more people having the same private key is as good as impossible (not impossible, just very low possibility)

Doesn't this mean that a crypto (coin, token) can be the victim of its own success because when more people have wallets for that crypto, the probability of guessing a legitimate private key increases?

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

[Koadharber]

Forgive me for my poor understanding and allow me what is probably a stupid question.

The private key methodology seems to me to be highly dependent on a a very large pool of random numbers for which it is assumed that there can be no collisions (i.e. the probability of 2 or more people having the same private key is as good as impossible (not impossible, just very low possibility)

Doesn't this mean that a crypto (coin, token) can be the victim of its own success because when more people have wallets for that crypto, the probability of guessing a legitimate private key increases?

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

Collision could really happen but if you do look up on the on how many units do have a certain wallet then it would really takes time for the users to have the same keys with other thinking off even on just capitalization of a certain Letter would already make the differences which we can really presume chances would really be small.

[covfefe_]

Private keys is the key to access to the wallet. You would not require the public address for accessing the balance but the private key.
To bruteforce a private key of 12 characters (example), you would need 7.5million hits and trials. Think about the bitcoins 64 character.

[pereira4]

Forgive me for my poor understanding and allow me what is probably a stupid question.

The private key methodology seems to me to be highly dependent on a a very large pool of random numbers for which it is assumed that there can be no collisions (i.e. the probability of 2 or more people having the same private key is as good as impossible (not impossible, just very low possibility)

Doesn't this mean that a crypto (coin, token) can be the victim of its own success because when more people have wallets for that crypto, the probability of guessing a legitimate private key increases?

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

It's simple: You have more chances of getting hit by an asteroid in your head than you have finding a private key by bruteforcing trying to find a collision.

There's a project that constantly tries to get private addresses that surpassed 1000 trillion addresses:

https://lbc.cryptoguru.org/stats

They claim 3 were achieved, with funds on them. I claim this points at wallet bugs rather than a legit collision.

[beachbummer]

It's simple: You have more chances of getting hit by an asteroid in your head than you have finding a private key by bruteforcing trying to find a collision.

There's a project that constantly tries to get private addresses that surpassed 1000 trillion addresses:

https://lbc.cryptoguru.org/stats

They claim 3 were achieved, with funds on them. I claim this points at wallet bugs rather than a legit collision.

I like the website you pointed out. It's quite an interesting effort. Mathematically speaking, their odds are getting better everyday when more Bitcoin wallets are opened. Whether "better" has any statistical significance is another matter. 😀

[redhorse]

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

The key space is just so enormous that it is really really unlikely to get such a collision. You might find this article interesting: http://bitzuma.com/posts/six-things-bitcoin-users-should-know-about-private-keys

This is a quote from the article:

If you could process one trillion private keys per second, it would take more than one million times the age of the universe to count them all. Even worse, just enumerating these keys would consume more than the total energy output of the sun for 32 years.

[Snaic]

In a personal (secret) key, so many letters, symbols and signs are used, that the probability of using them is repeatedly negligible and therefore, in my opinion, it is worth not to worry. However, on October 22, someone opened my wallet MyEtherWallet and transferred from there about six thousand IFT coins. The amount is relatively small and, in my opinion, was not worth the effort to select the key. Given that no one could use my key, I do not understand how it could be at all.

[beatleap]

If someone knows the private key then its literally the key to the wallet and all its funds.

[Poink]

In a personal (secret) key, so many letters, symbols and signs are used, that the probability of using them is repeatedly negligible and therefore, in my opinion, it is worth not to worry. However, on October 22, someone opened my wallet MyEtherWallet and transferred from there about six thousand IFT coins. The amount is relatively small and, in my opinion, was not worth the effort to select the key. Given that no one could use my key, I do not understand how it could be at all.

There are other means to get/steal  your key...

[jayc89]

If someone knows the private key then its literally the key to the wallet and all its funds.

That is if they have the wallet.dat file or if they have access to the wallet information. Most times the private key alone will just be a bunch of code that the average person won't understand.

[cryptoalfs76]

Forgive me for my poor understanding and allow me what is probably a stupid question.

The private key methodology seems to me to be highly dependent on a a very large pool of random numbers for which it is assumed that there can be no collisions (i.e. the probability of 2 or more people having the same private key is as good as impossible (not impossible, just very low possibility)

Doesn't this mean that a crypto (coin, token) can be the victim of its own success because when more people have wallets for that crypto, the probability of guessing a legitimate private key increases?

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

In my own perception its hard that two or more person have a randomly disame number of private key in wallet,that can make a compromise to the owner of other wallet,because before etherwallet make this system they already  debug this kind of error,before they serve this to the bitcoin society.

[beachbummer]

In a personal (secret) key, so many letters, symbols and signs are used, that the probability of using them is repeatedly negligible and therefore, in my opinion, it is worth not to worry. However, on October 22, someone opened my wallet MyEtherWallet and transferred from there about six thousand IFT coins. The amount is relatively small and, in my opinion, was not worth the effort to select the key. Given that no one could use my key, I do not understand how it could be at all.

Like all things dealing with probability, it is not impossible for someone to successfully guess the private key, just a very, very, very low chance of that happening (but still a chance).

[babsjoe]

Private keys is the key to access to the wallet. You would not require the public address for accessing the balance but the private key.
To bruteforce a private key of 12 characters (example), you would need 7.5million hits and trials. Think about the bitcoins 64 character.

Well, MEW has taking your assertion a step further, you could actually check your token balance without having to log in your private key before you could do so. Of course there are limitation of not been able to transact in view mode! On the final analysis, checkimg your balance with your public key  is way better than having to log in your private key everytime you want to do so. Development in ethereum is faster and better than bitcoin at the moment!

[hello_good_sir]

Are you saying if bitcoin adoption goes up the chances of someone just randomly guessing a private key with funds in it will go up? If this is what you mean then i think that you're right actually. But then, the chance is going to be so low still that getting hacked is going to be way more likely than your funds being stolen from someone randomly guessing your private keys.

BTC is actually a lot more secure than credit cards, even though there is an illusion of security with most centralized banking services.

[parekoy]

It's still very impossible even to brute-force the keys because you're dealing with millions of guesses and you'll end up nothing but creating your own wallet and earning tokens as everybody does today.

[redhorse]

If someone knows the private key then its literally the key to the wallet and all its funds.

That is if they have the wallet.dat file or if they have access to the wallet information. Most times the private key alone will just be a bunch of code that the average person won't understand.

You don't need the wallet.dat. You can import the private key into the wallet software and that's it - you have access to all coins linked to that private key.
Or did you mean with your comment, that the average user will/can not do that? Maybe if doesn't now what he just found - but I wouldn't count on that.

[swissgang]

Forgive me for my poor understanding and allow me what is probably a stupid question.

The private key methodology seems to me to be highly dependent on a a very large pool of random numbers for which it is assumed that there can be no collisions (i.e. the probability of 2 or more people having the same private key is as good as impossible (not impossible, just very low possibility)

Doesn't this mean that a crypto (coin, token) can be the victim of its own success because when more people have wallets for that crypto, the probability of guessing a legitimate private key increases?

 Just for example,  let's say that I have a 1 in 1000000 chance of guessing correctly for 1 wallet user. If there are 2 wallet users, my chances have doubled to 1 in 500000. If there are 4, my chances now are 1 in 250000.

For this example, if the crypto is popular and gets 500000 wallet users, I have a 50 percent chance of randomly guessing a private key!

I'm probably getting something wrong somewhere, so I'm hoping someone could help.

It's simple: You have more chances of getting hit by an asteroid in your head than you have finding a private key by bruteforcing trying to find a collision.

There's a project that constantly tries to get private addresses that surpassed 1000 trillion addresses:

https://lbc.cryptoguru.org/stats

They claim 3 were achieved, with funds on them. I claim this points at wallet bugs rather than a legit collision.

I think you are right, if not, what if this wallet is owned by bitfinex or poloniex? with lots of coins. It is clear that it is impossible to access wallets by this method today. Hackers should look at smart contracts  

[followmenot]

This makes me remember Rick's word from Rick & Morty: "Answer is: don't think about it"
Similar situation is true for credit cards but I am sure its very very very low chance to think about in current conditions. Even altcoin keys are very hard to find.

[jakelyson]

I read it somewhere but I can't find the link. If all computers on earth are supercomputers, and all the stars in the universe is earth, it will still take thousand of years to compute all the private keys. So i think the probability of collission is so low that you can disregard the possibility of it happening.

[beachbummer]

Well, the odds of Earth itself existing is so low (http://blogs.discovermagazine.com/d-brief/2016/02/22/earth-is-a-1-in-700-quintillion-kind-of-place/#.Wf8iO2iCyM8) and yet we cannot disregard the possibility that it did happen.

I am just taking the scientific/mathematical aspect of this and not involving religion here... :p