Hi Guys,
Im Evil Knievel and I am new here. Im from the beauiful Brazil and get more and more intrested in the question how secure bitcoin eventually is.
"The only way to improve security is to unveil its flaws" - 2013, Evil-Knievel
Unfortunately I am a newbie and restricted to this forum. However I have the feeling, that the Electrum Brainwallet Principle is not fully secure.
Let me first summarize how Electrum works.
In Electrum you have a "Master-Key" which (even when you lose your wallet due to hard disk failure and stuff) you can fully restore all your wallets / change-wallets etc.
This "Master Public Key" what they call it, is represented by a "memorizable" string of 12 random words from a word list.
While in theory (at a word list length of 1626) you have 1626^12 different possibilites we are not yet sure if the search space is really that big. It yet has to be determined if (and how many) collisions e.g. word combinations leading to the same Master-Public-Key actually exist, and yet to be checked if some words are picked more likely than others depending on the entropy coming from pythons esdsa random function.
But as a first step I have come up with an Electrum Cracker, that will search for active wallets created by random combinations of 12 words. I would hope you guys want to participate in that experiment and maybe contribute in this open source project.
Checkout the script on github (
https://github.com/Evil-Knievel/electrum-cracker). Hope you like it, and I also hope for an intresting discussion towards electrum's brainwallet stuff.
You just need to wait for 4 hours after making this post, and you can escape this newbie jail
Regarding your problem, the seed generated by Electrum is indeed a 128-bit random number, and encoded as a sequence of 12 words.
FYI, you may refer to
https://bitcointalk.org/index.php?topic=153990.0