“bitfools”, username checks out. You have no idea what you are talking about.
I don’t have a problem with newbies and non-experts who simply lack knowledge. Nobody is omnicient. But
I have a big problem with fools who spout off stuff and nonsense self-evidently made up on the spot, and pass that off as “knowledge”. If you don’t know, then say you don’t know—or shut up. Each and every conclusion in your post was substantially incorrect.
Well are you talking key like a BIT-INTEGER, or a seed 'in hex' or 'english'??
It really depends what you mean??
No, it doesn’t. Hex strings are only alternative representations of a binary value.
BIP 39 mnemonic phrases are also an encoding of a binary value (although that value is not used directly to create the binary seed). In all these cases, they represent large integers.
First step, take a step back and think about how this stuff works.
Seed is just that it feeds the box that generates a 'key', a key is just a BIG-NUMBER, it might have 70 base-10 digits, lets take a big number,
In Bitcoin, private keys are 256 bits. 2
256 ≈ 1.16×10
77; therefore, 256-bit numbers written in decimal require
up to 78 digits. Valid values for a Bitcoin private key include those from 0x1 (decimal 1; 1 digit) to 0xFFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFE BAAE DCE6 AF48 A03B BFD2 5E8C D036 4140. If I did not make a dumb mistake, in decimal that latter equals 115792089237316195423570985008687907852837564279074904382606316063022768341312. That number has 78 digits; count them.
502800 which might be the current block number of bitcoin, the 502 will call the big-endian, the 800 the little endian, if your key is 502800, and you give me the first 502xxx then I only got to run from 1 to 800 through my 'crack box' that tests every address known for every private-key in that range to match one of your addresses, super easy.
If you give me 800, it might take a super long time to 'guess' your address.
How the hell is the block number relevant to this discussion? No keys or address values are ever generated from the block number. Moreover, half the digits of a value are half the digits; it makes no difference whether it is the first half or the last half. To try all combinations of 502xxx requires 1000 guesses, 000–999; to check all combinations from xxx800 also requires 1000 guesses, 000–999. (And if bruteforcing random values, on average you will only need to try 50% before you hit the right one.)
On the same principle, if you have half the bits of a 256-bit private key, it does not matter whether it be the first half, the last half, or some part in between (just as long as you know the offset).
Now lets get real, your private key is normally seen as HEX or WIF, but in real when the work is done its a base ten number 1328921839L
Say what? Hexadecimal (base16) values, and also the base58 values in WIF, only encode values which the computer decodes and handles in binary (base2, bits).
WRT to your 'word' seed, a seed can be 12 random words that are hashed 2,000 times and a 64 char-random hex number is generated, the hashing isn't of any order so it doesn't help to know any part of your hash, on the other hand you give me the seed 'dog cat fish xxxx' where xxxx is what your forgot then I can run a dictionary on that and hash all possible combo's until I generate a priv-key that hits your addresses.
...
Most of what ppl see in BTC is hex 'hashed' data, but when you talk key or seed then normally your talking the real deal, most dev's on BTC to prefer to hide this stuff from the user on theory he's too stupid to be trusted with his own data,
Your question about 1/2
say your seed is
'dog cat fish horse mule monkey fudge poop' [ who care 6,8,12,18, or 24 words ]
even if I have just 1 or 2 of these words, and I know your ALGO ( I know which wallet you used, then I can crack your private-key super quick )
No, you cannot bruteforce 10–23 words of a BIP39 passphrase “super quick”. It does not matter if you know the “algo”. The “ALGO” is secure even if you know it. If you know “just 1 or 2” words, then the work required to bruteforce the rest will range from 2
110 to 2
253. There is nothing “super quick” about that!
Now, in the spirit of OP’s original question about knowing
half the desired value:
Each word of a BIP 39 seed encodes 11 bits of randomness—except for the last word, which contains the lowest-orer bits of randomness plus a checksum value. If you know the first 6 words of a 12-word seed, that means you know 66 bits of a 128-bit random value—slightly more than half. Bruteforcing the rest will require 2
62 work (128 - 66 = 62). That can certainly be done by those with powerful compute clusters or through distributed computing; but it is not a task which could be considered “super quick”.
If you know the first 12 words of a 24-word seed, that means you know 12*11 = 132 bits of a 256-bit random value. Bruteforcing the rest would require 2
124 work, which is infeasible even with a supercomputer.
I have thus far ignored the checksum bits. In a 24-word phrase, all 24 words together represent a 264-bit value representing 256 bits of randomness, plus an 8-bit checksum; a 12-word seed represents 128 bits of randomness plus a 4-bit checksum. By “exploiting” the checksum to discard values which do not match, you effectually remove the checksum; thus you can avoid running the results through 2048-iteration PBKDF2-SHA512, followed by the further hashing and EC maths required to generate addresses to check against. I know I have not explained this well—I simply note it parenthetically, so as to not forget the checksum. It’s not really relevant to this discussion.
By the way, this makes no sense whatsoever: “Most of what ppl see in BTC is hex 'hashed' data, but when you talk key or seed then normally your talking the real deal, most dev's on BTC to prefer to hide this stuff from the user on theory he's too stupid to be trusted with his own data,” Well,
you are too stupid to be trusted with anything.
