Two person having the same seed phrase

[Y3shot]

Seed phrase is made up of different words. If about two thousand people create a wallet the same day what they have is different Seed phrase and if these process continues everyday it comes out with the same result.  My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?
The word will continue to have new words that can be used for seed phrase. My question  may looks funny but I always think about it.

[1713265146]

1713265146

[ABCbits]

My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

It's possible, but it's not probable. But within next 100 years, it's likely we'll see new version of seed phrase which designed to be more secure (as in harder to brute force).

[LoyceMobile]

A seed phrase is basically a 128 bit number. Nobody is going to get someone else's seed if they use proper random numbers.

[o_e_l_e_o]

If about two thousand people create a wallet the same day what they have is different Seed phrase and if these process continues everyday it comes out with the same result.  My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

Let's bump those numbers up! Instead of two thousand people, let's use every one of the ~8 billion people on the planet. And instead of creating a wallet a day, why don't they each create a wallet every second. And instead of doing that for 100 years, why not let them do it for a million years? After all that time, they will have used 0.00000000000007% of all possible 12 word seed phrases.

So yeah. Never going to happen.

I suggest you watch the following video, which explains in very layman's terms the possibility of two people generating the same seed.

I mean, the video does give an explanation why there will never be a seed collision, but it is filled with inaccuracies.

The number isn't 2048²⁴; it is 2²⁵⁶. He seems unaware of the checksum.
When he holds up the piece of paper with the number 2048²⁴ expanded out, he has 7 too many zeroes and actually shows the number 2.96*10⁸⁶. This seems to step from his misunderstanding that "e+79" means "add 79 more zeroes", which is not what it means at all.
There is an English word for it: https://en.wikipedia.org/wiki/Names_of_large_numbers
The number of atoms in the universe is estimated at 10⁸⁰. So even his incorrectly large number is still smaller than this. The real number is smaller than this by 3 orders of magnitude.

[dkbit98]

My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

This is almost impossible to happen especially if you are using 24 seed words with added passphrases.
Last Bitcoin should be mined around year 2140, and it is more likely that bitcoin won't even exist in 100 years, than someone else generating the same seed words as you.
There is also a chance that Bitcoin algorithm will change with some hard fork in distant future to make it more secure against new attacks.
One realistic way of someone else using the same words as you is if they find your seed words or if you give them to him.

[m2017]

If about two thousand people create a wallet the same day what they have is different Seed phrase and if these process continues everyday it comes out with the same result.  My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

Let's bump those numbers up! Instead of two thousand people, let's use every one of the ~8 billion people on the planet. And instead of creating a wallet a day, why don't they each create a wallet every second. And instead of doing that for 100 years, why not let them do it for a million years? After all that time, they will have used 0.00000000000007% of all possible 12 word seed phrases.

So yeah. Never going to happen.

I suggest you watch the following video, which explains in very layman's terms the possibility of two people generating the same seed.

I mean, the video does give an explanation why there will never be a seed collision, but it is filled with inaccuracies.

The number isn't 2048²⁴; it is 2²⁵⁶. He seems unaware of the checksum.
When he holds up the piece of paper with the number 2048²⁴ expanded out, he has 7 too many zeroes and actually shows the number 2.96*10⁸⁶. This seems to step from his misunderstanding that "e+79" means "add 79 more zeroes", which is not what it means at all.
There is an English word for it: https://en.wikipedia.org/wiki/Names_of_large_numbers
The number of atoms in the universe is estimated at 10⁸⁰. So even his incorrectly large number is still smaller than this. The real number is smaller than this by 3 orders of magnitude.

This myth must be sitting deep in the subconscious of every bitcoiner and makes worry about the safety of their cryptocurrency. Thanks to your calculations and detailed explanation, I hope Y3shot (and others who are interested in this) will stop worrying about the same seed phrases.

[Stalker22]

This myth must be sitting deep in the subconscious of every bitcoiner and makes worry about the safety of their cryptocurrency. Thanks to your calculations and detailed explanation, I hope Y3shot (and others who are interested in this) will stop worrying about the same seed phrases.

Yes. Many beginners ask this question, especially when they are just starting out. I have to admit, I also thought about it at some point. Only when you see numbers presented in such a plastic way, as o_e_l_e_o just did, can give you a true sense of what the magnitude of these numbers is.

[Fivestar4everMVP]

@OP, It is clearly impossible for two persons to end up with same seed, i mean from the technical point of it, and your question is not funny or stupid , it a question I've once asked myself too, I could remember there was a time I devoted over two weeks importing random wallets to my trust wallet using random seeds and private keys, hoping that I might luckily hit a wallet with funds in it  , I imported more than 40 wallets everyday for more than two weeks, I didn't hit any wallet with funds, infact, all the wallets I end up with on each trial were all new wallets, none has any transaction history of any kind.
This was my own little experiment and from it, i learnt that it is very very close to impossible for two people to ever end up with the same wallet seed or private key.

[Saint-loup]

This myth must be sitting deep in the subconscious of every bitcoiner and makes worry about the safety of their cryptocurrency. Thanks to your calculations and detailed explanation, I hope Y3shot (and others who are interested in this) will stop worrying about the same seed phrases.

This is not a myth, it has already happened in some wallets because of bugs in the PRNG process.
https://www.businessinsider.com/bitcoin-app-blockchain-issues-critical-update-random-number-bug-security-breakdown-android-2015-6

And since PRNG means Pseudo Random Number Generator, it will certainly happen in future again. As John von Neumann said "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin."
That's why it's better to use physical randomness, but even with it there is no absolute guarantee nobody will get the same result as you and then the same seed as you one day.

[PowerGlove]

And since PRNG means Pseudo Random Number Generator, it will certainly happen in future again.

That's not true. There's nothing wrong with "pseudo" random number generators. If they're meant for cryptographic use (see CSPRNG^[1]) and they're properly "seeded" (i.e. with full entropy), then they're just as good as "true" random number generators.

As John von Neumann said "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin."

That's a great von Neumann quote, and he's right, of course, but he was thinking of simple techniques like his middle-square^[2] method. CSPRNGs are a different beast altogether.

[1] https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator

[2] https://en.wikipedia.org/wiki/Middle-square_method

[Saint-loup]

That's not true. There's nothing wrong with "pseudo" random number generators. If they're meant for cryptographic use (see CSPRNG^[1]) and they're properly "seeded" (i.e. with full entropy), then they're just as good as "true" random number generators.

As John von Neumann said "Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin."

That's a great von Neumann quote, and he's right, of course, but he was thinking of simple techniques like his middle-square^[2] method. CSPRNGs are a different beast altogether.

[1] https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator

[2] https://en.wikipedia.org/wiki/Middle-square_method

But what do you mean precisely by "if they're properly "seeded" (i.e. with full entropy)"? You mean if they are using a physical source of entropy(randomness)?   (from the hardware of the computer for example).  At the end it doesn't really differ from using a physical source of randomness directly.
Anyway my point was not to mathematically compare the entropy of those two methods between them but to remind that bugs/flaws can occur in any programs.  

[PrimeNumber7]

My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

It's possible, but it's not probable. But within next 100 years, it's likely we'll see new version of seed phrase which designed to be more secure (as in harder to brute force).

All that is needed to make something more difficult to brute force is a larger scope of possible inputs. The number of potential seed phrases is large enough that it is very unlikely that someone will ever be able to brute force an existing seed. In order for a seed to be "more secure", it will need to be more difficult to find the seed via some means other than brute force.

A seed phrase is basically a 128 bit number. Nobody is going to get someone else's seed if they use proper random numbers.

The problem is that it is very difficult to know if the process of generating a number (seed) is in fact random. In other words, it is difficult to test that a procedure generates a random number.

[Saint-loup]

My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

It's possible, but it's not probable. But within next 100 years, it's likely we'll see new version of seed phrase which designed to be more secure (as in harder to brute force).

All that is needed to make something more difficult to brute force is a larger scope of possible inputs. The number of potential seed phrases is large enough that it is very unlikely that someone will ever be able to brute force an existing seed. In order for a seed to be "more secure", it will need to be more difficult to find the seed via some means other than brute force.

A seed phrase is basically a 128 bit number. Nobody is going to get someone else's seed if they use proper random numbers.

The problem is that it is very difficult to know if the process of generating a number (seed) is in fact random. In other words, it is difficult to test that a procedure generates a random number.

Yes you're right, but for example you can already increase your entropy by using more than 128 bits (which is 12 words) for your seeds. There are 2²⁵⁶ private keys and 2¹⁶⁰ bitcoin addresses. It means you wont be able to generate all addresses and/or private keys with a 12 word seed, and the entropy of your keys and adresses will be reduced from the full capacity of Bitcoin. If you are looking for more entropy and security, it's certainly a good idea to use seeds with at least 160 bits (ie 15 words).

[PowerGlove]

But what do you mean precisely by "if they're properly "seeded" (i.e. with full entropy)"? You mean if they are using a physical source of entropy(randomness)?   (from the hardware of the computer for example).  At the end it doesn't really differ from using a physical source of randomness directly.
Anyway my point was not to mathematically compare the entropy of those two methods between them but to remind that bugs/flaws can occur in any programs.

You're making a different point now. That you should seed a CSPRNG with "good" entropy has nothing to do with the post that I took issue with.

The point I'm taking issue with is you implying that Pseudo = Bad and using this quote to justify it: “Anyone who considers arithmetical methods of producing random digits is, of course, in a state of sin.” ― John von Neumann

What do you think the D in "HD Wallet" stands for?

[sheenshane]

The chances are very slim as stated above by o_e_l_e_o, it's well said.

In addition, just watch this Youtube Video from a Youtuber that I found last year, it explained very well how crypto hash functions and how its seed phrase is created.

So don't think too much about it because if you hard to hit the lottery jackpot prize it seems more harder than that the chances seed phrase will be the same in a different person.

[PrimeNumber7]

My question is what if cryptocurrency continues to exist in the next 100 years is it possible for anyone who create a wallet to continue have a different Seed phrase?

It's possible, but it's not probable. But within next 100 years, it's likely we'll see new version of seed phrase which designed to be more secure (as in harder to brute force).

All that is needed to make something more difficult to brute force is a larger scope of possible inputs. The number of potential seed phrases is large enough that it is very unlikely that someone will ever be able to brute force an existing seed. In order for a seed to be "more secure", it will need to be more difficult to find the seed via some means other than brute force.

A seed phrase is basically a 128 bit number. Nobody is going to get someone else's seed if they use proper random numbers.

The problem is that it is very difficult to know if the process of generating a number (seed) is in fact random. In other words, it is difficult to test that a procedure generates a random number.

Yes you're right, but for example you can already increase your entropy by using more than 128 bits (which is 12 words) for your seeds. There are 2²⁵⁶ private keys and 2¹⁶⁰ bitcoin addresses. It means you wont be able to generate all addresses and/or private keys with a 12 word seed, and the entropy of your keys and adresses will be reduced from the full capacity of Bitcoin. If you are looking for more entropy and security, it's certainly a good idea to use seeds with at least 160 bits (ie 15 words).

I don't think adding additional entropy is going to meaningfully change the security of a seed phrase. For all intents and purposes, the chances of brute forcing a 128 bit seed is zero, so adding an addition bit of entrpy will make the chances stay at what is essentially zero.

The only real way to add meaningful security would be to reduce the chances that someone can calculate a particular seed in less than linear time (eg, faster than brute force).

[cryptoaddictchie]

So don't think too much about it because if you hard to hit the lottery jackpot prize it seems more harder than that the chances seed phrase will be the same in a different person.

Its quite hard to get actually so those hackers that were able to figure out a user private key is probably due to malwares or phishing links.

Im not sure if there are recorded case already of someone guess a private key and gets a wallet with crypto yet. Probably if there are its very few or close to zero cause the probability to get its close to 0.

[tranthidung]

Visualize this impossible mission to brute force it. If you create your wallet properly, follow security basics and are not curious to try new cool wallet software, your wallet is safe as well as your Bitcoin.

Like this "Bitcoin - your money is secured by the laws of the universe"

[witcher_sense]

If two persons have the same seed phrase: they must be relatives or close friends who share secrets, or there must have been a theft committed where one person stole seed words from the other by copying information. In both cases, whether it is a voluntary exchange or involuntary exchange, there needs to be some kind of interaction between those two persons in order for them to obtain knowledge about secrets generated randomly using reliable sources of entropy (unpredictable disorderness). If there is no interaction at all, meaning that one person generates the same randomness as the other person completely independently while still utilizing cryptographically secure or true random generators, that means the method itself is not secure anymore and cannot guarantee that you can claim ownership over random numbers if you strictly followed the procedure of generation. In other words, existing bitcoin wallets will be deemed highly insecure once the collision is found.

[o_e_l_e_o]

It means you wont be able to generate all addresses and/or private keys with a 12 word seed

Yes, you can. It is almost certain that any seed phrase could be used to generate every private key which could possibly exist. Allow me to explain.

BIP32 allows 1 byte for extended keys to specify their depth. This means 256 possible values. 0x00 is for the master key, leaving 255 levels for child keys. This means that a derivation path can have at most 255 levels beyond m/. It also allows 2³² possible indices per level; 2³¹ hardened and 2³¹ unhardened. This means that any seed phrase can generate (2³²)²⁵⁵ possible child private keys. This number works out to 2.5*10²⁴⁵⁶. This number is obviously many many orders of magnitude larger than the set of all possible private keys, so while it is impossible to prove, it is almost certain that any seed phrase can be used to generate any private key, if you can just find the right derivation path (which is, of course, impossible).

and the entropy of your keys and adresses will be reduced from the full capacity of Bitcoin.

It won't. Although bitcoin private keys are 256 bits in length, they provide 128 bits of security, since the most effective attack against them is not random brute force but to reverse the ECDLP, which would require (on average) 2¹²⁸ operations. This standard is intrinsic to the secp256k1 curve which bitcoin uses, so no matter how many bits of entropy in your seed phrase, your private keys will never provide more than 128 bits of security.

You can see this in Standards for Efficient Cryptography. SEC 2: Recommended Elliptic Curve Domain Parameters. (Table at the bottom of page 4.)