how safe is the passphrase revovery seed

[funcho]

i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?

[1715680465]

1715680465

[1715680465]

1715680465

[1715680465]

1715680465

[1715680465]

1715680465

[Xavofat]

I'm not familiar with the length of seed or the the number of possible words in the seeds for Coinomi or Mycelium, but I know that my TREZOR has a 24-word seed. 

Their explanation of the security of their seed phrase is:

in order to check all possible orderings in a 24-word seed, you need to run SHA-512:

24! ÷ 256 × 8096 = 19621680704813697269760000 times

The bitcoin network is capable of preforming 176 537 883 000 000 000 iterations of SHA-256 each second.

If we wave our hands a bit, we can claim that SHA-512 and SHA-256 are the same difficulty (which they aren’t but let’s pretend they are). Therefore, it should take somewhere around half of:

(24! ÷ 256 × 8096) ÷ 176 537 883 000 000 000 ÷ 60 ÷ 60 ÷ 24 ÷ 365 = 3.5 years

for the ENTIRE BITCOIN NETWORK to crack the seed.

So with modern technology, it's outrageously impractical to attempt to crack a 24-word seed.  12-word and 18-word seeds are also perfectly secure, assuming that they were generated randomly.

[bL4nkcode]

i have lots of clients
coinimi
mycelium .............................
which uses pass seeds to restore the wallet

i still dont undersrand it ... is it something which will work even in 10 years from now and i can rely on it =?

It should be working for even 20 years or so, since bitcoin will still working and will be mine until 2110–2140, and this word seed is one of those ways to generate bitcoin address so most probably this recovery seed will still work until that year

[bob123]

A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

[funcho]

A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Wow super cool thx

[Stedsm]

A Hierarchical Deterministic (HD) wallet uses a seed (12/18/24 word seed) to generate private-/public key pairs (your addresses and private keys).
Basically there are mathematical operations which will be performed on your seed plus a counter to generate multiple addresses (to put it simply).
You actually don't need your wallet software to restore your addresses. You only need a BIP 39 compatible tool which will caluclate your keys out of the seed.
As long as you have access to a pc and internet you can always restore your coins from this seed.

Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?

[bob123]

Can a duplicate seed / passphrase be generated for any address by wallets in any means?
If yes, what's the possibility of it being done, I mean in how much time addresses' seeds and passphrases may go stagnant if ever?

Theoretically, yes. Private keys could be generated "a second time". This is called address collision.
There are 2^160 possible addresses which can be generated. Since, in theory, you have to search 1/2 of the search space to find a collision (birthday paradox),
you would need to calculate 2^159 priv-/pubkey pairs, on average, to find a collision by an address being generated a second time.
2^159 = 7307508200000000000000000000000000000000000000000000000
So the chances of a collision are almost zero. It is considered to be "bullet proof"

Provided the wallet you are using is using a good random number generator (with enough entropy).