Electrum seed words safety dumb question

I am starting with bitcoin and even though I understand pretty well how the blockchain works, the seed words used by some wallets (MultiBit and Electrum) give me creeps and doubts. The main question is: Why they are safe? The base for the question: Humans are not good source from random data so we use seed words from a random-pc-time-based source. This seed words are a representation of a binary number and the phrase with 12 words makes a 128bit hash. Those words are drawn from a 4096 words dictionary. The dictionary from Electrum is saved in a python script, for example. So, we can say we know those 4096 words. I have a seed phrase (12 words) from my wallet. What protects all the network of someone who changes the last word of his own phrase 4096 times, to open 4096 bitcoin wallets? I know with Electrum, again for example, that 128 of those 4096 generate valid addresses. What protect the network then of someone opening the bitcoin wallets of 128 mates and stealing all the money? The last part is more simple, the validation is made online, how an wallet check of the words open the private key if they can work offline?

Sasuke Pikaloko

Posted 2017-08-10T15:18:03.970

Reputation: 1

Answers

For the vast majority of possible 12-word combinations, the corresponding wallets were empty and never generated. The total number of the combinations is pretty huge so trying to brute-force them will not work out. In fact, words are just another (mnemonic) way to encode the entropy contained in the private key.

Sergei Tikhomirov

Posted 2017-08-10T15:18:03.970

Reputation: 1 189

I know that the words are just a representation of the various 2^12 bits sets. But, then the answer is YES. It would "decode" the wallets. I understand that the vast majority will be virgem or empty. But, those 128 valid words for the replacement of the last word in a valid phrase are quite easily to test. How much time it would cost to do that? – Sasuke Pikaloko – 2017-08-10T16:27:16.157

@SasukePikaloko I don't quite understand where the number 128 comes from... And what is the reasoning behind trying to replace the last word? – Sergei Tikhomirov – 2017-08-10T17:19:03.910

The 128 is from the CRC. Only 128 words gave valid addresses. The reason is simple: If I start trying to change one word I will get access to the wallet eventually and will see someone money. I was trying to understand the timing for that. Around 1,5x10^24 years if trying one phrase per second. Is it right? – Sasuke Pikaloko – 2017-08-11T12:48:33.280

It is secure in the same way that private keys themselves are secure; the search space is just so massive that the probability of someone generating a private key or seed which someone else is using is extremely small so as to be basically impossible.

Nothing protects someone from generating hundreds of thousands of keys and hundreds of thousands of seed phrases and seeing if any of them have Bitcoin associated with them. But since the search space is so massive, that person would have an almost 0 probability of finding a key that someone has used. Even if they generated a million keys per second (either randomly or through seed phrases), that person would have a basically 0 probability of finding someone else's private key even if they searched until the heat death of the universe.

The last part is more simple, the validation is made online, how an wallet check of the words open the private key if they can work offline?

That's not how Bitcoin works. There isn't any validation of any sort with private keys. There is no need to "validate" private keys or register them anywhere or the like.

Andrew Chow

Posted 2017-08-10T15:18:03.970

Reputation: 40 910

I was asking about the process where I type the words in the wallet to import and then my wallet app retrieve my bitcoin. The wallet cannot do that offline. But doing it only, who fast is this process? The process is type a phrase -> show bitcoin. If this process is SO FAST it can be done in micro-seconds then someone can test around a thousand combination per second. How possible is this? – Sasuke Pikaloko – 2017-08-11T12:46:40.207

Key derivation is fast for humans. But, as I said, the number of possible private keys (which is what matters here; the phrases are essentially the same as private keys) is so massive that even if you generated thousands per second, the probability of you finding a key by the time of the heat death of the universe that someone has or is using is basically 0. Looking up whether a key has been used can also be done quickly, but it is much slower than key generation as it requires database lookups. – Andrew Chow – 2017-08-11T18:24:06.440

-1

Please note that the order of these words must also be right so this 35 decimal digits of possibilities will increase to 44 decimal digits. Even if you could check 1000.000.000 possibilities per second the time of the universe will not be enough.

Sigurdur

Posted 2017-08-10T15:18:03.970

Reputation: 1