MultiversX Tracker is Live!

How bad can you fuck up when writing down your seed?

All Cryptocurrencies

by COINS NEWS 183 Views

From time to time people have problems recovering their wallets because their seed isn't working; The usual responses here are "F", and "Thanks for your donation to everyone". While this may be funny, it is far from reality. If you wrote down a seed and it doesn't work - you probably made a mistake. But you still have a piece of paper holding information, and in most cases this information is more than enough to recover your wallet.

Entropy of a seed

We all know it is impossible to just guess a seed. But how hard is it really? The standard BIP39 word list contains 2048 words and most wallets respect these. A seed can contain duplicates, so the search space is simply 2048^N for N seed words. One should note that the last word is always a checksum word. For a 12-word seed 16 words can be valid checksums, for a 24-word seed there are only 8. However the checksum is calculated by a SHA-256 hash, so still every possible permutation need to be checked with an arithmetic operation at least once - so you will not save as much time thanks to this.

So a 12 word seed has a total search space of 2048^12 = 5.4*10^39 with only 16*2048^11 = 4,3*10^37 valid keys. For a 24 word seed the total search space is 3.0*10^79 with 1.2*10^77 valid keys.

Recovering a seed with btcrecover

In a realistic seed recovery scenario you will find yourself trying to open a seed on your wallet, but it will not work for unknown reasons. But if you are not sitting in front of a shopping list instead there is still a good chance you can recover your seed. The open source tool btcrecover is able to try a million (10^6) seeds in a few seconds. This makes recovery scenarios with a search space in the ordner of magnitude of a billion (10^9) very feasible on a normal consumer PC.

First you should always check if you are using the right wallet and algorithm. Electrum seeds look like BIP-39 seeds, but they are not compatible with each other. Check what kind of wallet you used earlier, what kind of seeds it used and what the derivation paths are. Most of the time this will already fix the problem.

However if you still cannot get it working you have to consider a mistake when writing down your seed words. I will now show a few common scenarios and if these can be solved.

Important note: In the easiest case you know an address of the wallet you want to recover (or a private key, public key, public master key etc.) If you don't have anything, the recovery is still possible, but requires a full data base of all addresses on the blockchain. This will need a lot of disk space and also cause a slight decrease in performance.

Case 1 - Missing Word

The most common mistake is a missing word - this problem has the immense advantage that you will immediately recognize it by counting your words. For this we will look at a 24 word seed in this example, there is not much of a difference for 12 word seeds.

If a word is missing you don’t know where the words was. Essentially you need to try out all 2048 words in all possible gaps. For a 24 word seed your search space will be 24*2048 = 49,152. This can be solved in a matter of seconds.

Let’s continue this quest and you have a seed with 2 missing words. Your seed is only 22 words long. So you have 23 possible positions for the first word and 24 positions for the second word. Also you have to try all possible combinations of the two missing words and your search space becomes 23*24*2048^2 = 2.3*10^9 so about 2 billion. This is doable but might take an hour or two.

A third word however will bring you to 22*23*24*2048^3 possible seeds to check which is 1.0*10^14. A task which will take about 5.000 times longer than 2 words. For comparison a 12-word seed with 3 missing words leads to a search space of 1.1*10^13 - a little lower because there are less positions to check. While this is possible you will need some serious computation power to crack it in both cases.

4 Missing words will result in a search space of 4.5 * 10^18 which can basically not be solved anymore.

Case 2 - Wrong order & Unscrambling a seed

Let’s look at a different mistake - you have 24 words on your list. Maybe you swapped two words when writing them down. Let’s further assume you switched 2 neighboring words. This is a very easy task as it will basically only result in 23 permutations to check - this can be done by hand. Actually this is one of the first scenarios you should check if your amount of seed words is full. With the computation power of a typical user one could check about 7 such mistakes (about 23^7 = 3.4*10^9), but having made multiple such mistakes appears highly unlikely.

Always worth mentioning: There are different pre made notes to use when writing down your seed. In some you write them down line per line, in some column by column, and some may even completely differ from this. So look at how your paper looks and try to think what could have gone wrong? Maybe you need to try an order like ( 1, 12, 2, 13, 3, 14, … ). However this is also best done by hand and will probably be checked by advanced recovery tools anyways.

Now comes the more interesting question: What if the order of your seed words is fully randomized. Can this be brute forced?

Let’s look at a 12 word seed first: You have 12 possibilities for your first word, but only 11 for your second word afterwards, so it is 12*11*10*9*… . This is called the faculty and written 12! = 479,001,600. Only about half a billion seeds and this can be indeed solved with a regular PC!

Will this also work for a 24 word seed? Unfortunately the faculty function is rising pretty strong for high numbers and 24! results in a whooping 6.2*10^23 possibilities - A typical computer would need several billion years for this task. Sorry, you are out of luck.

Case 3 - Wrong words

In many cases a user might have simply written down a wrong word - this is very similar to Case 1 and will bring similar search spaces. So everyone can brute force 2 wrong words, 3 require a heavy computer center already.

However smart tools like btcrecover allow to check for common mistakes one could do while writing down a word. Things like similar sounding words or missing a letter. An example are seed-words like "end" and "lend". So in reality btcrecover can actually check for up to 4 wrong words on normal hardware, of which 2 might be fully random and 2 might be common mistakes.

Summary

As long as this got, it's probably still a very simplified post but I think it should give you an idea about how seed recovery works and what types of mistakes can be solved and which can not. In most cases of a broken seed you are probably using the wrong wallet or derivation path. And if there is indeed a mistake in the seed list it will rarely be more than one. However even some catastrophic cases like a fully scrambled 12-word seed or 2 missing/wrong words can easily be solved with a consumer PC.

tl;dr: If your seed phrase is not working - your funds are probably not lost. In many cases recovery is still possible.

submitted by /u/Maxx3141
[link] [comments]
Get BONUS $200 for FREE!

You can get bonuses upto $100 FREE BONUS when you:
💰 Install these recommended apps:
💲 SocialGood - 100% Crypto Back on Everyday Shopping
💲 xPortal - The DeFi For The Next Billion
💲 CryptoTab Browser - Lightweight, fast, and ready to mine!
💰 Register on these recommended exchanges:
🟡 Binance🟡 Bitfinex🟡 Bitmart🟡 Bittrex🟡 Bitget
🟡 CoinEx🟡 Crypto.com🟡 Gate.io🟡 Huobi🟡 Kucoin.



Comments