Can I generate a brain wallet offline?

[cryptonia]

Is there a service that will let me do this?

[TryNinja]

Yes... You can do that with Bitaddress (check the 'Brain wallet' tab). Download its source code and run offline.

But note that this generally isn't the best idea. See this.

[keychainX]

Is there a service that will let me do this?

https://brainwalletx.github.io/

go offline before you try it.

/KX

[DaCryptoRaccoon]

If you have the ability to run Python you can create your brain wallet with this.

https://github.com/arzzen/python-simple-brainwallet

Download remove network connection create wallets, Store secure. Double check them then Destroy the HD or DBAN clear.

[o_e_l_e_o]

-snip-

3. The human brain is an exceptionally delicate organ, and anything from a simple blow to the head to a bad case of the flu can cause problems with memory and recall, and if you can't remember your password then all your coins are lost forever (unless your password is brute forceable, in which case your coins will sooner or later be stolen). There's a reason that you are supposed to write down your 12/24 word mnemonic phrase and not solely rely on committing it to memory.

[crofrihosl]

-snip-

3. The human brain is an exceptionally delicate organ, and anything from a simple blow to the head to a bad case of the flu can cause problems with memory and recall, and if you can't remember your password then all your coins are lost forever (unless your password is brute forceable, in which case your coins will sooner or later be stolen). There's a reason that you are supposed to write down your 12/24 word mnemonic phrase and not solely rely on committing it to memory.

are the mnemonic phrase safe?
will in 2020 upgrade to 48/96 word?

[pooya87]

-snip-

3. The human brain is an exceptionally delicate organ, and anything from a simple blow to the head to a bad case of the flu can cause problems with memory and recall, and if you can't remember your password then all your coins are lost forever (unless your password is brute forceable, in which case your coins will sooner or later be stolen). There's a reason that you are supposed to write down your 12/24 word mnemonic phrase and not solely rely on committing it to memory.

are the mnemonic phrase safe?
will in 2020 upgrade to 48/96 word?

yes they are very safe. the smallest word count (12) is coming from a 128 bits of entropy which is strong. there is no need to change this entropy strength any time soon, specially no in one year. probably in another 50 years or more depending on whether things are going to change in efficiency of computing the underlying algorithms.

[o_e_l_e_o]

As pooya87 says, the smallest amount of entropy with a seed phrase is 128 bits, if you use a 12 word phrase. 24 word phrases give you 256 bits of entropy, which is exponentially more difficult to brute force. The reason for these numbers is that each word from the list of 2048 words corresponds to an 11 bit number. 12*11 = 132 bits, but the last 4 bits are a checksum, giving 128 bits of entropy. For 24 word phrases, 24*11 = 264, but the last 8 bits are a checksum, giving 256 bits of entropy.

Taking the smaller of these two numbers, 128 bits, gives you this many possibilities for a seed:

2¹²⁸ = 340,282,366,920,938,463,463,374,607,431,768,211,456 = 3.4*10³⁸

Now, think of it this way. Lets say everybody on Earth (all 7 billion people) have 1 million computers each. Each computer can check 1 million possible seed numbers per second, with no duplications in the entire world. Lets say we let all these computers check 1 million seeds per second for 1 million years. This gives the following calculation:

7 billion * 1 million * 1 million * 1 million * 365 * 24 * 60 * 60 = 2.2*10³⁵

So in our hypothetical experiment, even after 7000 trillion computers running for a million years, we would still only have checked somewhere in the region of 0.06% of all possible 12 word seeds.

If you are using a 24 word seed, the numbers become hilariously stupid. Something along the lines of 0.*insert 39 zeros here*2%

Only significant breakthroughs in the power of computing would necessitate a move away from this, but such breakthroughs would also affect all other services which depend on encryption, such as all online shopping and banking.

[crofrihosl]

i get it = don't waste your time

i think you right guy to fulfill my curiosity 

for bitcoin addresses that start with 1D

Code:

1DbvVigRB6M5Nw5Ak6hGKDnzDPeCWbudqo

what are the chances of getting this address if keep you generating only addresses starting with 1D , and how many years you need

[mocacinno]

--snip--
what are the chances of getting this address if keep you generating only addresses starting with 1D , and how many years you need

You can't "just" generate private keys that result in an address that starts with "1D".

The private key is used to generate the public key. The public key is hashed to generate the address.
Both steps are one-directional, they cannot be reversed. You can't say: my address has to start with "1D", so i'll reverse the hash function to find all possible public keys, nor can you start with a public key and calculate the private key...

The only thing you can do is scan the complete private key space, calculate the public keys belonging to the private keys, then hash the public keys and filter out addresses starting with "1D"... This would take even more time than  scanning the complete private key keyspace, calculating the public keys, hashing the public key and NOT filtering out addresses starting with "1D". Do realise that scanning the complete keyspace is ludicrous, even if you pool all computers in existence together, the earth will have ceased to exist before you can scan a significant part of the keyspace

[o_e_l_e_o]

what are the chances of getting this address if keep you generating only addresses starting with 1D , and how many years you need

As mocacinno says, what you are suggesting is impossible.

Think of this analogy. You have a mixed up pack of cards face down, and someone says "Pick the Queen of Hearts without turning over any other card". What you are saying is the same as saying "What if I only choose from the subset of Hearts". It is impossible for you to know which cards are the Hearts without also turning them (and many incorrect cards) over first. There is no way to "only" turn over the Hearts. All you can do is turn over random cards and hope for the best. In the same way, there is no way to "only" generate addresses starting with "1D". All you can do is generate random addresses, and see if they fit your criteria. For that reason, there is no way to narrow down your search to the address you listed. The only way to guarantee you generate that specific address is to generate every private key, which as we said, is completely impossible.

Now, if you wanted to generate ANY address which began with "1D" (and you didn't care what the other 32 characters were), then you could brute force that quite easily. There exist a number of programs (such as VanitySearch) which you can input the first few characters to an address, and they will brute force private keys until they find a match. Brute forcing 1, 2 or 3 characters is pretty trivial, but it gets exponentially more difficult with each additional character. By the time you are up to 7 or 8 characters you are looking at weeks or months depending on your hardware, and beyond that you are looking at years or decades.

[crofrihosl]

--snip--
what are the chances of getting this address if keep you generating only addresses starting with 1D , and how many years you need

You can't "just" generate private keys that result in an address that starts with "1D".

The private key is used to generate the public key. The public key is hashed to generate the address.
Both steps are one-directional, they cannot be reversed. You can't say: my address has to start with "1D", so i'll reverse the hash function to find all possible public keys, nor can you start with a public key and calculate the private key...

The only thing you can do is scan the complete private key space, calculate the public keys belonging to the private keys, then hash the public keys and filter out addresses starting with "1D"... This would take even more time than  scanning the complete private key keyspace, calculating the public keys, hashing the public key and NOT filtering out addresses starting with "1D". Do realise that scanning the complete keyspace is ludicrous, even if you pool all computers in existence together, the earth will have ceased to exist before you can scan a significant part of the keyspace

i have enough time with the md5 encryption i know what you want  me to understand one way cannot be reversed
also i think i understand how vanity addresses works
i thought filtering and focusing for specific address will reduce my times and my chances will increase 

-my big problem i can't check every address that i generate for balance or tx (0 experience with api)

- one of the methods i try:
from random hex64 number extract both comp and uncompressed private key and finally the public address (this part very low) run it for a day and got bored and back to vanity addresses 

[crofrihosl]

By the time you are up to 7 or 8 characters you are looking at weeks or months depending on your hardware, and beyond that you are looking at years or decades.

by the time with vanitysearch 8 char you can find 1 match every 2day
vanitygen for the same result took about 13 to 14 days

you time will decrease depende on your cpu/ram/ssd..etc

[o_e_l_e_o]

i thought filtering and focusing for specific address will reduce my times and my chances will increase  

The rate limiting step is generating the addresses in the first place. For each address, you have to first generate a private key, then perform elliptical curve multiplication to get the public key, then hash that to get an address. Once you have the address, you've already done the hard part, and it is trivial then to reject addresses which don't begin with "1D".

-my big problem i can't check every address that i generate for balance or tx (0 experience with api)

I don't understand what you are trying to achieve here? Why are you generating so many addresses and looking for a balance? Are you trying to brute force access to someone else's coins? Not only is that pretty immoral, we will reach the heat death of the universe before you come close to a collision.

by the time with vanitysearch 8 char you can find 1 match every 2day

Depends on the characters you choose, and whether or not you choose case sensitive or insensitive. Some strings will be much easier to find than others.

[crofrihosl]

Are you trying to brute force access to someone else's coins?.

no, if i want to do that isn't easy just targeting dummy people with low diff passphrase, easy guessing password and other things...
 
thanks for shearing your opinions 

[Welsh]

no, if i want to do that isn't easy just targeting dummy people with low diff passphrase, easy guessing password and other things...
 
thanks for shearing your opinions  

Only if you've got physical access to their wallet file or if they're using a online wallet which  if the latter is the case you would be likely getting the account locked from trying to bruteforce it. I'll admit, it seems oddly specific to generate a vanity address, and check for a balance at the same time. What would be the reason for this?

[bob123]

Since i didn't see the IMO best solution to generate a brain wallet offline yet in this thread:

1. Take your 'password' and hash it using sha256. This is your private key now.
2. Convert this private key into the WIF (Wallet import format) following all steps from https://en.bitcoin.it/wiki/Wallet_import_format
3. Generate the public key and address out of this private key.


All can be done completely offline and you don't need to download a 3rd party website. Neither do you have to trust any javascript library etc.

But, please note. Brainwallets are insecure. Always. You will never be able to create a passphrase which is even close to being as random as one created by a computer.

[koch44]

i get it = don't waste your time

i think you right guy to fulfill my curiosity 

for bitcoin addresses that start with 1D

Code:

1DbvVigRB6M5Nw5Ak6hGKDnzDPeCWbudqo

what are the chances of getting this address if keep you generating only addresses starting with 1D , and how many years you need

Theoretically it will never happen. You can try a tool called vanitygen and use the prefix 1D or whatever you want, it will take quite some time.

[mocacinno]

Theoretically it will never happen. You can try a tool called vanitygen and use the prefix 1D or whatever you want, it will take quite some time.

"Quite some time" is an understatement.

There's a lack of benchmark results for oclvanitygen (the optimized, GPU version of vanitygen)... But one of the results i found was this one: https://www.reddit.com/r/Bitcoin/comments/1sntt7/48_hours_of_gpu_vanitygen_and_4_trillion/

This user claims to have generated 4 000 000 000 000 addresses in 24 hours using "a" GPU. That's about 23.148.148 keys per second. That's feasible, given that i've found "other" vanitygen (not oclvanitygen) benchmarks in the 5 Mk/s range, so throwing a gpu in the mix could result in a 23 Mk/s result.

Let's, for the sake of argument say that this user's setup was using an old GPU and inefficient coding, and a top-shelve GPU with decent address mining software could churn out a tenfold (230.000.000 keys per second).
Let's say you have a theoretical farm of 100 of these GPU's, churning out 23.000.000.000 keys per second...

They'll need to test 2^256 keys... This means your farm will need 2^256  /23.000.000.000 seconds to scan the complete keyspace.

If execute this calculation and convert the results from seconds to years, you'll end up with a total scantime of 159641002742643597687626818499610000000000000000000000000000 years to scan the complete keyspace.
If you want to scan 0.01% of the total keyspace (thus have 0.01% chance of finding the exact private key whose public key hash was funded), you'll need 15964100274264359768762681849961000000000000000000000000 years...
For people that are not used to read such large numbers, i've looked up the proper naming convention... This allows me to say:

If you have 100 High performing, latest gen GPU's and good drivers and software, you'll need to run your farm for 16 Septen-decillion years in order to have a 0.01% (that's percent, that's 0.01 chance in 100) to find a private key that belongs to one specific address..

[bartekjagoda]

Theoretically it will never happen. You can try a tool called vanitygen and use the prefix 1D or whatever you want, it will take quite some time.

"Quite some time" is an understatement.

There's a lack of benchmark results for oclvanitygen (the optimized, GPU version of vanitygen)... But one of the results i found was this one: https://www.reddit.com/r/Bitcoin/comments/1sntt7/48_hours_of_gpu_vanitygen_and_4_trillion/

This user claims to have generated 4 000 000 000 000 addresses in 24 hours using "a" GPU. That's about 23.148.148 keys per second. That's feasible, given that i've found "other" vanitygen (not oclvanitygen) benchmarks in the 5 Mk/s range, so throwing a gpu in the mix could result in a 23 Mk/s result.

Let's, for the sake of argument say that this user's setup was using an old GPU and inefficient coding, and a top-shelve GPU with decent address mining software could churn out a tenfold (230.000.000 keys per second).
Let's say you have a theoretical farm of 100 of these GPU's, churning out 23.000.000.000 keys per second...

They'll need to test 2^256 keys... This means your farm will need 2^256  /23.000.000.000 seconds to scan the complete keyspace.

Its quite strange to have a talk about something you have no idea about. Vanitygen goes up to 250 million keys per second with an old gpu card, so I dont understand why you spend such a long post explaining something that is not accurate and misleading, then get cudos from "friends" who cheer your errors.