BTC Paraniod

[Jason Brendon]

Hi there,

so every day when i am on my way to work, i mind things about btc.

for example:
1. is it possible that a 24-word seed + passphrase ends up generating the same xprv(root private key) as another 24-word seed or 12-word seed does(even without a passphrase)?
2. likewise, is it possible that a single-sig wallet has the same xprv(root private key) as a multi-sig wallet does?

Hope you veterans know what i mean.

Thanks guys.

[o_e_l_e_o]

1. is it possible that a 24-word seed + passphrase ends up generating the same xprv(root private key) as another 24-word seed or 12-word seed does(even without a passphrase)?

Theoretically; yes, it is possible. Practically; no, it will never happen. If every single one of the 8 billion people on the planet created a brand new wallet every second without interruption for the next one million years, they would only have generated 0.00000000000007% of all possible 12 word seed phrases.

The number of possible seed phrases or master private keys is orders of magnitude higher than other things we all take for granted, such as the number of possible credit card numbers.

2. likewise, is it possible that a single-sig wallet has the same xprv(root private key) as a multi-sig wallet does?

This is more nuanced and is dependent on how the multi-sig wallet is set up, but to get the crux of your question, the answer is essentially the same as above. It is theoretically possible that someone could find a single private key which hashes to the right output or a simple script which hashes to the right output to let them spend the funds in a multi-sig address, but the chance of that happening is so infinitesimally small as to be completely negligible.

[franky1]

there are many ways to think about it. but here is one
the 12 word seed is each word=11bits (~1.37bytes)
the first 11 words are random and the 12 word is part random part checksum

basically out of 132bits seedword its 128bits of random=16bytes)

now if you were to try to save all possible variations (not saving the checksum extra bits for efficiency)
1,000keys=16kb
1000,000 keys=16mb
1,000,000,000keys=16gb
1,000,000,000,000keys=16tb

so most hard drives are less than 16TB
thus only 1 trillion keys is more then a users computer can handle (most hard drives are only 4TB)

guess how many possible keys there are
85,070,591,730,234,600,000,000,000,000,000,000,000
                                                     tb   gb  mb  kb

now imagine everyone on the planet(8b pop) did have a 16TB hard drive and everone on the planet filled their hard drive with key variations using a very good random generator

do you know how many planets of equal to earth population there are before 2 people would have the same keys logged

trillions of planets
ill make it simple
85,070,591,730,234,600,000,000,000,000,000,000,000
how much 1 person can store
how much all people of planet can store
how many planets of people are needed        
..
that said
if people personally choose their key. EG used phrases of popular words. then the odds are that someone else might have randomly decided their favourite phrase/quote is the same as someone else.. because phrases are trendy and many good phrases stick in peoples heads and so more chance of collisions

so dont use brain wallets asking you to type in a phrase of bunch of words you can easily remember.. rely on good random generators

yes 12 word seeds are only ultimately 128bit security of obscene amount of variations.. but yes obscene amount of variations of 128bit are more then enough

[Hispo]

Even though your questions seem to be already answered OP, I would also like to add something in regards to your paranoia.
When I was new to bitcoin I was quite paranoid as well, because from the little understanding I had about Bitcoin I understood that I was the only responsible one of the care of my Satoshis and in the case someone managed to steal my money then it would have been my fault and there would be nothing I could do.

But as I started learning with the time I realized how strong Bitcoin while maintaining its decentralization, it is all about incredibly small chances and mathematics, numbers do not lie, people do and that is why when being a Bitcoin holder you must not fear mathematics. Fear people because even though not all people are scammers,  all scammers are people.

Lastly, if you have over 200$ worth in crypto currency or more it would be great if you got a reputable hardware wallet, learn how to use it and keep your cold seed phrase  off the internet and away from prying eyes I am sure it would help you to feel less paranoid and focus on your job when you have to.

Have a good day.

[Jason Brendon]

so dont use brain wallets asking you to type in a phrase of bunch of words you can easily remember.. rely on good random generators
yes 12 word seeds are only ultimately 128bit security of obscene amount of variations.. but yes obscene amount of variations of 128bit are more then enough

man, didn't expect a reply like this long. thank you all.
You mentioned good randomness is the key. I can't agree more. There are tons of entropy generators out there, eg coin flips, dice rolls, etc.. Are there some more ways of generating good entropies? for instance with the help of an offline machine, a pi zero, or stuff like that.
I do need real randomness. Don't recommend Ian BIP39, please. Don't get me wrong. It is damn good in terms of giving you a full picture of the key derevation. But I think, it is not a good entropy generator.

Again, I can't thank enough all of you here.

[2stout]

IMHO, no need to really be paranoid about this but I get it though.  If you need your paranoia redirected, then perhaps quantum computing is of more concern, even though it isn't quite here yet.  However, I believe Bitcoin development for quantum resistance is underway/in progress.

[nullama]

~snip~
man, didn't expect a reply like this long. thank you all.
You mentioned good randomness is the key. I can't agree more. There are tons of entropy generators out there, eg coin flips, dice rolls, etc.. Are there some more ways of generating good entropies? for instance with the help of an offline machine, a pi zero, or stuff like that.
I do need real randomness. Don't recommend Ian BIP39, please. Don't get me wrong. It is damn good in terms of giving you a full picture of the key derevation. But I think, it is not a good entropy generator.

Again, I can't thank enough all of you here.

Here is a practical guide where you can learn more about this: https://armantheparman.com/dicev2

Basically you can create a private key using a real world object like a dice or the flip of a coin, etc.

Here's a guide on how to create a private key on a pi zero: https://armantheparman.com/how-to-set-up-a-raspberry-pi-zero-air-gapped-with-electrum-desktop-wallet/

[o_e_l_e_o]

Are there some more ways of generating good entropies?

Using a permanently airgapped computer, formatted, with a clean install of a reputable open source Linux distro as the OS, with a verified copy of Bitcoin Core installed, and using Core to generate entropy.
Using a reputable open source hardware wallet with a good source of entropy.
Using something like this to convert fair coin flips in to a seed phrase, again on a permanently airgapped computer with a clean Linux OS.