Where does verifying the signature help?

[pooya87]

Can one of you give me a topic so I can understand how seed works and why it can't be brute forced?

it can't because seed or better said mnemonic is representation of an entropy so it is only as strong as your entropy generator which happens to be the same as when wallets used to generate a single key. so when you see 12 words you are actually seeing the human readable form of a 128-bit entropy which has the same strength as a bitcoin private key.
i don't know if there is any topic but you can look at https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki

[BlackHatCoiner]

Can one of you give me a topic so I can understand how seed works and why it can't be brute forced?

it can't because seed or better said mnemonic is representation of an entropy so it is only as strong as your entropy generator which happens to be the same as when wallets used to generate a single key. so when you see 12 words you are actually seeing the human readable form of a 128-bit entropy which has the same strength as a bitcoin private key.
i don't know if there is any topic but you can look at https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki

I'm thinking it logically.

If we take 10 million words from a dictionary then it's 10.000.000^12, oh ok.. that's strong.

[pooya87]

If we take 10 million words from a dictionary then it's 10.000.000^12, oh ok.. that's strong.

we are not selecting words from a dictionary or even the 2048 word long list to create the seed phrase. in fact there is absolutely no word selection anywhere in seed generation process.
as i said it is an entropy generated by an RNG and then encoded using a special encoding that returns words instead of characters. (pad with checksum to be divisible by 11 and then split the whole thing into 11 bit chunks each of which representing a word in that 2048 word long list.)

[o_e_l_e_o]

Can one of you give me a topic so I can understand how seed works and why it can't be brute forced?

A 12 word seed phrase encodes 2^128 bits of entropy.
A 24 word seed phrase encodes 2^256 bits of entropy.
A well-generated private key has 2^256 bits of entropy.

To brute force a private key, you need to guess the correct 256 bits of entropy, perform elliptical curve multiplication to get the public key, then perform two hash functions to get the address to check for funds.

To brute force a 24 word seed phrase, you need to guess the correct 256 bits of entropy, hash it 2048 times to get the seed number, perform several elliptical curve multiplications and hashes depending on the derivation path, then perform another elliptical curve multiplication to get the public key and two more hash functions to get the address.

So although a 24 word seed phrase and a random private key both have 256 bits of entropy, it is more resource intensive to brute force the seed phrase than it is a private key.

[BlackHatCoiner]

If I generate a seed on electrum, will it work only on electrum or all wallets have the same code?

[o_e_l_e_o]

If I generate a seed on electrum, will it work only on electrum or all wallets have the same code?

Electrum uses its own method for generating seed phrases which can therefore only be recovered on Electrum and a handful of other wallets which support Electrum seed phrases.

The "generic" seed phrase is called a BIP39 seed phrase and is importable to almost all wallets, Electrum included.

[BlackHatCoiner]

Do those big companies like huobi use the seed way for storing their addresses safe?

[elda34b]

Do those big companies like huobi use the seed way for storing their addresses safe?

What do you mean the seed way of storing addresses?

Big exchanges usually use multi-sig cold wallet and another hot wallet to store their funds. Pretty sure they use HW wallet to increase the security (only a few people hold them) too. Not sure if this is related to this topic though.

[sheenshane]

If I generate a seed on electrum, will it work only on electrum or all wallets have the same code?

The post above was right, Electrum wallet can't be able to restore in any wallet. Because it is incompatible with other BIP39 wallets.
So, both or each wallet has unique in generating seed phrases and this Electrum wallet uses HMAC for the authentication.

Do those big companies like huobi use the seed way for storing their addresses safe?

Yes, of course! any form of wallet should have this seed way. They used both hot wallet and cold wallet. Hot wallet for the frequently using and the cold wallet for storing offline, which impossible to hack. Unlike if the hacker will be able to steal the physical wallet which is most likely will not happen.

[pooya87]

Do those big companies like huobi use the seed way for storing their addresses safe?

your question make no sense because safety is not achieved by using or not using a "seed". safety is gained by the security measures they take such as using cold storage to store the bulk of their balance, how easy it is to hack their database, how stupid are their employees to leak stuff,...

The post above was right, Electrum wallet can't be able to restore in any wallet. Because it is incompatible with other BIP39 wallets.

there are some wallets that accept Electrum mnemonics too.

So, both or each wallet has unique in generating seed phrases and this Electrum wallet uses HMAC for the authentication.

this statement makes no sense. HMAC is not used for authentication! it is used instead of the checksum and later as a key derivation function.

[bob123]

They used both hot wallet and cold wallet. Hot wallet for the frequently using and the cold wallet for storing offline, which impossible to hack. Unlike if the hacker will be able to steal the physical wallet which is most likely will not happen.

Gaining physical access is not always necessary.
It depends on their system and network topology. If their (online accessible) server is doing the requests to top up the hot wallet, it might be possible to compromise the cold wallet by compromising their server.
Obviously, this would be negligent and definitely not a real cold wallet. But the possibility exists, especially if no it security specialists have been hired.

So, both or each wallet has unique in generating seed phrases and this Electrum wallet uses HMAC for the authentication.

this statement makes no sense. HMAC is not used for authentication! it is used instead of the checksum and later as a key derivation function.

Well, the HMAC is a hashed message authentication code. It is usually used to protect the integrity of messages.
But @sheenshane probably just read the wikipedia article and thought he knows what it is used for in the key derivation of electrum.. Therefore his statement made little to no sense.