And even when you have the same words they still need to be filled in the correct order. So I guess that makes it even a much larger number of possibilities.
When choosing the 2nd number if you assume it will not be a chosen word already then the seconds combination will be 2048-1=2047 and so on so it won’t be 2048^2 it will be 2048*2047
Last word is a checksum, it's not random between the 2048 words but a specific one between them, so is even more difficult because if don't generate the correct last word the address is even not valid.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Great video John but I wanted to add something else. Can you have two matching words? Does anyone know if this has happened? Not that it matters much but technically, there would be less combinations because you woud have to use the formula, 2048 X 2047 X 2046 X 2045 ............. . This is still a number larger than the number of particles in the universe which is 10 to the 80th power. I should also add that even if you do guess all the correct words, you then have to put them in the correct order. That would be multiplying it by 24!. (That's 24 factorial, 24 X 23 X 22 X 21 ......) You got 2.96 times 10 to the 31st power for the 24 words, but you didn't multiply by 24 factorial.
My problem: Yes Phrase but wrong place (right position of phrase), I tried running 24^24 it's quite fast, but it gives too many success results, how do I check Balance
there are 2028^24 combinations or 10^77 (decimal,)which is slightly bigger that SHA256 (2^256), that is 2^264 (binary) to be exact, because a mnemonic phrase also has a checksum. Meaning that the possibility of someone guessing 24 out of 2048 words in the correct order is 1:10 followed by 77 zeros. For illustration 10^77 is more than there are a number of atoms in the observable universe. You are safe...as long as you do not choose the words yourself, as you will not do it randomly enough. Never ever choose your own mnemonic phrase always trust a specialized third party like Ledger or Trezor to do if for you.
What happens in 5, 10 years time or even sooner when computing power strengthens and codes can potentially run billions, if not more seed phrase combinations in seconds to get into someones account?
Is it possible that there could be duplicate Seed Word(s) in the mix at any giving 24-Recovery Phase when generated on an individual wallet? (For example, the Phase Word wink could be #6 and wink also be #23.)
Cheers for sharing! I need advice: My wallet on OKX contains some USDT TRX20, and I possess the backup phrase: -clean- -party- -soccer- -advance- -audit- -clean- -evil- -finish -tonight- -involve- -whip- -action-. Could you suggest how can I handle moving them to Bybit?
What about having a computer choose a million combinations and then check the block chain to see if there is any money in there? How fast could it do this?
Nice video, I like the explaination with the papers. But you would need to discard the invalid mnemonics, not all combinations are valid as it needs to test the checksum. You calculated an upper bound of the combinations. It would be nice to see an updated video with the exact real number of combinations (which would still be extremely large).
This video is very misleading and not well researched at all. At 1:08, He said the seed phrase will mathematically derive your private key but it is the opposite
@@soulreaper9453 I agree it's approximative :/ To understand: a word is reusable. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. Totals are: _12 words combinations = (2048^11)*128 = 2^128. _24 words combinations = (2048^23)*8 = 2^256. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
I would like to understand the mathematics behind how a single 24 word seed gives rise to everything else. For example, how do we derive the public and private keypair for a wallet, and how do we derive an address? Can a single address be controlled by different private keys owned by different people? Specifically, different bits of coin associated with that address are encrypted by two different owners. And we're not limited to a single address either... how are we able to derive the entire sequence of addresses and how many are in the sequence? Do they all have the same private key or does each get a unique private key? How is the calculation different across the different coin and token types?
It all starts with random numbers generated by a user or wallet software. From the randomness, you first get a private key which will generate a public key (It's a one way process because A public key cannot generate a private key). The mnemonic phrase is only a human understandable representation of the private key the same way a Web address is a human understandable representation of a domain IP address
@@rrobb47 Not more not less, circa 10^77 for total 24-words combinations (=2^256) vs circa 10^80 atoms in the universe, depending on how atoms are counted.
Its like shooting an arrow into the universe that hits an atom then having someone else try to hit the same atom with their arrow without even knowing where they are suppose to be shooting the second arrow.
Not to be a stickler but the number would not have 79 more zeros. The decimal would move right 79 more times. So not as big as that number on the page but still Really Really big.
Thank you you help me with that question I has in my mind I see that 12 words is super secure and the fact that they are not in alphabetical order that are completely random it is just crazy. But guess what? When I created a new waller on the smart chain of Binance the system gime one that had some tokens like it was abandon so I make a new one, cannot tell what happened there.
Great explanation. My only disagreement is "there are more possibilities than atoms in the universe". I would argue that we do not know the number of atoms in the universe.
I wonder what the odds of guessing any private key that when hashed into a public address has some non-zero amount of Bitcoin? This also probably has low odds or somebody would have already done it)
You've explained the probability of guessing a single, specific 24-word BIP39 seed phrase. However, wouldn't the chances be higher if we're trying to find any one seed phrase within a set of a million distinct seed phrases? Presumably, we could calculate this by dividing the previously given probability by the number of unique seed phrases in this set. Moreover, if there were 1 billion individuals each attempting to guess a correct seed phrase 100 times, wouldn't we further divide the probability by the total number of attempts, which in this case is 100 billion? Is my understanding correct?
You are correct. If you are looking for any one of a million specific seed phrases, and not just one particular seed phrase, then you would indeed divide the probability I gave by one million. And yes, if a billion people each tried a hundred different seed phrases, you'd have 100 billion total attempts, so you would divide the probability by 100 billion. However, keep in mind that the probabilities we're dealing with here are still extraordinarily small. For example, if we consider the case where we're looking for any one of a million specific seed phrases out of all possible ones, the odds become roughly 1 in 10^73, assuming 2^264 total possible seed phrases. Even if a billion people (10^9) each tried a hundred (10^2) seed phrases, that's 10^11 total attempts. This brings the odds to roughly 1 in 10^62. These are still astronomically small probabilities. Even with a billion people making a hundred attempts each, the chances of correctly guessing a specific seed phrase (or one of a specific set of seed phrases) are infinitesimally small. To put it in perspective, you're still more likely to win the Powerball lottery multiple times in a row than to correctly guess a specific seed phrase or one of a set of specific seed phrases in this scenario.
When the cosmic egg at the beginning of the universe popped. It increased in size 10 to the 50th power into the size of a grapefruit! If you were 10 to the 50th power larger than you are, you would be larger than the entire universe as it is today.
if you have 2 options for 2 positions you get aa ab ba bb all 4 are unique ... so this gives you automatically the formula (Total Positions) ^ total options... = 2 ^2 =4
@@confidential303 A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Ok this is great but what about recovering a 24 seed phrase? Is it possible to try to recover someone’s wallet just by running a computer program that will run 24h/day random seed phrases? This looks to me like it could be doable…
The probability of brute forcing a live wallet is the same as winning the lottery NINE TIMES in a row. The probability of that wallet having a balance is like winning the lottery 11 times in a row. So... good luck with that.
@@Jacob-2796 it looks like you forgot to give the specifics of your calculations. What kind of computing have you considered in the calculations and over what time scale were the machines searching for any live wallet existing on this planet?
Thanks for the video. The words will not repeat right? So the option to choose the second word is 2047, third word is 2046. So in this case it’s not all 2048x2048x…all the way for 24 words.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
You can choose the words, except the last one, because it is a checksum. But, as human beings are really bad to choose real random words, if you want, you can write the 2048 words in pieces of paper and pick the first 23. For the last one, you'll need a checksum calculator and find the final word. But don't do this online.
I think that the correct number is calculated with this formule: 2048 x 2047 x 2046 x 2045 x .... x 2025 The number is obviously so high anyway. Great vid. I appreciate. Got 1 SUB!
@@FedericoFumagalli No, a factorial is used to work out the number of combination on moving an objection to a know set of possible locations, like a Rubik's Cube. Here, there are no moving things and no location. There are just 2048 words. If you have to chose one, you have 2048 choices. If you have to two, you have 2048x2480 choices. If you have to chose three, you have 2048x2048x2480 choices. If you have to chose 24, you have 2048 to 24th power choices.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Is choosing two words 2048^2 permutations, or 2048P2 ? Ive never been sure if replacement was allowed. And yes, I know the number of permutations is astronomical... but consider the fact that most wallet owners have multiple different wallets, many old and disposed of or forgotten about. Consider that there are thousands upon thousands of crypto owners across the globe and the number is growing. Consider that there are supercomputers that could run through these permutations at lightning speed for the sole purpose of stealing crypto. Much worse and much more nefarious scenario than two people just "accidentally" generating the same wallet. Talking about the number of permutations alone isnt a fair treatment of the probabilities involved, nor is it a fair discussion on the brute force tactics that might be employed. I trust it is by far easier to steal wallets by regenerating them from a word list, than it is to target a single wallet on the blockchain and hack its encryption.
Yes, repeats are allowed. I'm afraid you don't quite understand the numbers involved here. It doesn't matter in the slightest about the number of wallets "across the globe" and its growing number, or disposed of wallets forgotten about. They are insignificant, and forever will be. To put things in perspective, you could have a trillion trillion people (10^24, more humans than there ever will be) generating wallet seeds and it still wouldn't matter. Brute forcing a seed at "lightning speed"? Even the NSA assuming 1 trillion guesses per second would take millions of years to get through just half the possibilities. Not worth it.
@@matthewmoon2463 Are we sure though that two seed phrases wont ever produce the keys to the same wallet, ever? The space of possible addresses has got to be infinitely larger than the space of possible seed phrases that produce them.
@@leesweets4110 Hi, Lee. The space of possible seed phrases is approx 10^67. So, we're not dealing with infinite spaces. They are huge, but not infinite. Infinity is a concept, but not a number that makes much sense. Any finite number (like 10^67, or even 10^67000), no matter how large, is infinitely smaller than infinity (an interesting concept to think about). John talks about a mental model of atoms in the visible universe being the size of the seed phrase space (a close approximation). If you were to somehow pick a random atom from the universe, what's the probability that I would zone into the exact one you did, assuming my pick was random? Is it possible? Yes, the model is open to the possibility. But the probability is so close to zero, that it's practically zero. Even with trillions of people all making keys. For example, a trillion people who've all made keys is 10^12 people out of 10^67 possible wallets. But that's equal to a single person matching a wallet from 10^55 possible wallets. We haven't moved the needle here. Not even a dent. In order to get slightly worried about wallets matching, we'd need to start getting close to a trillion trillion trillion trillion (10^48) people generating wallets. THEN the numbers get worrisome. I can guarantee you there will never be that many wallets generated, ever.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
This is amazing! Imagine that all living people (8 billion) somehow have been creating 1 thousand bitcoin wallets per second since the beginning of the universe (13,8 billion years ago). We would "only" have 3.5*10^30 wallets. And the chance to find any would be 1 in 10^49.
Anyone who thinks or doubts that two persons might randomly get the same 24 words combination, may add the 25th word (AKA passphrase), so that you and only you know what that 25th word is. Even if another person gets the same 24 words, he / she wont be able to access your funds (assuming you held all your crypto on the accounts that was generated using the 25 words)
@@King-hd5xo Ledger, Trezor, UnstoppableWallet, and BlueWallet support passphrases. With a passphrase of only 4 characters, the total combinations are more than atoms in the universe.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Very small odds, does no mean not possible? Actually it seems to me it is very possible, just not very probable. But not probable things happen actually a lot in the universe.
@@messiiileo1456 Well ripple only needs 6 recovery words. If I had to guess one of the 12 recovery words was inputed wrong but still backed you up with a valued mnemonic phrase. To be absolutely sure go to a coin you sure you own and see if there is any log history with it. There should be many ways you can search your public key online to see if there is a transaction history. If I try to tell you how in a YT comment the YT AI will just auto delete my comment. But yeah it sounds like one of your BIP39 words was replaced with a different word during backup.
If you knew my luck and the sh*t ive been through, you would have zero doubt right now that I would be the one that would get the exact same seed phrase as the world's most vicious crypto criminal. Bet
You forget the fact that among 24 randomly selected words there may be invalid, so by using a script to determine which 24 selected words are valid or not, you have to test one by one. and this shows the amount is not as big as you describe even though it won't be easy...
So you're telling me there's a chance - Lloyd Christmas
Hahahahha 😂
Can be nakamoto account 🐳🐳
Top comment
😂😂😂😂😂
🤣🤣🤣
So with only 3 words you can almost give everyone on earth a unique combination.
And even when you have the same words they still need to be filled in the correct order. So I guess that makes it even a much larger number of possibilities.
@@PressTubethere’s always a chance…😂
When choosing the 2nd number if you assume it will not be a chosen word already then the seconds combination will be 2048-1=2047 and so on so it won’t be 2048^2 it will be 2048*2047
that's an assumption tho. Words can be repeated.
Words can be repeated in the seedphrase. The other thing we have to remember is that the order of the words matters.
@@manny_f its its even more unlikely. lol
Dude, I like how you explain this. You earn +1 sub here!.
your comment need a ❤️”
wholey smoley#!@ GREAT video, excellent clarification. You're a great teacher John! Much appreciated. This made me a new subscriber.
Last word is a checksum, it's not random between the 2048 words but a specific one between them, so is even more difficult because if don't generate the correct last word the address is even not valid.
What do you mean by specific one between them?
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Thank you because I have always wondered this but was afraid to ask.
Great explanation, very easy to understand. Thank you!
Great video John but I wanted to add something else.
Can you have two matching words? Does anyone know if this has happened? Not that it matters much but technically, there would be less combinations because you woud have to use the formula, 2048 X 2047 X 2046 X 2045 ............. .
This is still a number larger than the number of particles in the universe which is 10 to the 80th power.
I should also add that even if you do guess all the correct words, you then have to put them in the correct order. That would be multiplying it by 24!. (That's 24 factorial, 24 X 23 X 22 X 21 ......)
You got 2.96 times 10 to the 31st power for the 24 words, but you didn't multiply by 24 factorial.
Just what I wanted to know. Thanks!
Can you repeat the same word in a seed phrase or does each word need to be a unique instance? The formula will change if you can't reuse a word.
My problem: Yes Phrase but wrong place (right position of phrase), I tried running 24^24 it's quite fast, but it gives too many success results, how do I check Balance
5:03 it's the US national debt.
For real
ok 24 seed words are pretty safe, but what's about 12 seed words, wich for example electrum uses?
Don't worry about 12-word seeds. They are extremely safe from accidental matches. 24 word seeds are so incredibly overkill.
there are 2028^24 combinations or 10^77 (decimal,)which is slightly bigger that SHA256 (2^256), that is 2^264 (binary) to be exact, because a mnemonic phrase also has a checksum. Meaning that the possibility of someone guessing 24 out of 2048 words in the correct order is 1:10 followed by 77 zeros.
For illustration 10^77 is more than there are a number of atoms in the observable universe.
You are safe...as long as you do not choose the words yourself, as you will not do it randomly enough. Never ever choose your own mnemonic phrase always trust a specialized third party like Ledger or Trezor to do if for you.
If you enter a random seedphrase words to metamask and you can get acces. Is that then a wallet of someone else
What happens in 5, 10 years time or even sooner when computing power strengthens and codes can potentially run billions, if not more seed phrase combinations in seconds to get into someones account?
That is the best explanation that i ever saw and hear! Great job!
Is it possible that there could be duplicate Seed Word(s) in the mix at any giving 24-Recovery Phase when generated on an individual wallet? (For example, the Phase Word wink could be #6 and wink also be #23.)
Cheers for sharing! I need advice: My wallet on OKX contains some USDT TRX20, and I possess the backup phrase: -clean- -party- -soccer- -advance- -audit- -clean- -evil- -finish -tonight- -involve- -whip- -action-. Could you suggest how can I handle moving them to Bybit?
Hi, does the generators of seed phrases know of the existing seed phrases already created? so as not to generate the same one?
I have the same question
If the generator knew you would just iterate over already created seed phrases to check the balance. Nope, it's random.
@@XKKXKKX so you technically can be given an account with bitcoin
What about having a computer choose a million combinations and then check the block chain to see if there is any money in there? How fast could it do this?
hi, great video, but i still don't understand how my ledger recognize my 24 words, how does it verify that those words i entered are correct..
Nice video, I like the explaination with the papers.
But you would need to discard the invalid mnemonics, not all combinations are valid as it needs to test the checksum. You calculated an upper bound of the combinations.
It would be nice to see an updated video with the exact real number of combinations (which would still be extremely large).
This video is very misleading and not well researched at all. At 1:08, He said the seed phrase will mathematically derive your private key but it is the opposite
@@soulreaper9453 I agree it's approximative :/
To understand: a word is reusable. In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options. Totals are:
_12 words combinations = (2048^11)*128 = 2^128.
_24 words combinations = (2048^23)*8 = 2^256.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Just found out about your channel, Thanks for the explanation :), What about the 12-word seed phase?
Great video! Answered my random 3AM thought. You are awesome!
I would like to understand the mathematics behind how a single 24 word seed gives rise to everything else. For example, how do we derive the public and private keypair for a wallet, and how do we derive an address? Can a single address be controlled by different private keys owned by different people? Specifically, different bits of coin associated with that address are encrypted by two different owners. And we're not limited to a single address either... how are we able to derive the entire sequence of addresses and how many are in the sequence? Do they all have the same private key or does each get a unique private key? How is the calculation different across the different coin and token types?
It all starts with random numbers generated by a user or wallet software. From the randomness, you first get a private key which will generate a public key (It's a one way process because A public key cannot generate a private key). The mnemonic phrase is only a human understandable representation of the private key the same way a Web address is a human understandable representation of a domain IP address
How about mass adoption for crypto and 7 billions people have crypto wallet.? I think there a odds people will random get other people seed phrase
Nope. Not even close. 256bit entropy yields more possible seeds than the total # of atoms in the universe....
2048^3 already exceeds the global population.
Nope. Almost zero. You could have many, many trillions of people who've created wallets and it barely moves the needle.
@@rrobb47 Not more not less, circa 10^77 for total 24-words combinations (=2^256) vs circa 10^80 atoms in the universe, depending on how atoms are counted.
Best videos on RUclips. Love it.
Its like shooting an arrow into the universe that hits an atom then having someone else try to hit the same atom with their arrow without even knowing where they are suppose to be shooting the second arrow.
That was great. I dint think anyone has even thought about it in this way
Thank you for explaining it. I understand now.
3:47 number is wrong.. many zeros
what is the possibility that a cold wallet producer has hardcoded a number of seeds for each device they ship out..
Not to be a stickler but the number would not have 79 more zeros. The decimal would move right 79 more times. So not as big as that number on the page but still Really Really big.
is it bigger than a google plex?
but what if some hacker uses super computer to keep guessing seed words. how possible it is to be robbed
Thank you you help me with that question I has in my mind I see that 12 words is super secure and the fact that they are not in alphabetical order that are completely random it is just crazy. But guess what? When I created a new waller on the smart chain of Binance the system gime one that had some tokens like it was abandon so I make a new one, cannot tell what happened there.
Great explanation. My only disagreement is "there are more possibilities than atoms in the universe". I would argue that we do not know the number of atoms in the universe.
Scientists estimate that there is within the range of 10^78 to 10^82 atoms in the universe.
What about same 24word seed and same passphrase
I am very conservative so I rather pick 24 words, better safe than sorry!
The question is, if I DO pick a number already used and there's crypto there, who owns it? Does anyone?
I wonder what the odds of guessing any private key that when hashed into a public address has some non-zero amount of Bitcoin? This also probably has low odds or somebody would have already done it)
your so geeky and its nice to see you being passionate about numbers , good on you John ,keep well greetings from Oz....
Thank you John.
Is remembering the 24 words enough to recover all your funds? does the 24 word also remeber your adress?
Yes, but you also need to remember the exact position of each word.
Incredible!!! 😳
You've explained the probability of guessing a single, specific 24-word BIP39 seed phrase. However, wouldn't the chances be higher if we're trying to find any one seed phrase within a set of a million distinct seed phrases? Presumably, we could calculate this by dividing the previously given probability by the number of unique seed phrases in this set. Moreover, if there were 1 billion individuals each attempting to guess a correct seed phrase 100 times, wouldn't we further divide the probability by the total number of attempts, which in this case is 100 billion? Is my understanding correct?
You are correct. If you are looking for any one of a million specific seed phrases, and not just one particular seed phrase, then you would indeed divide the probability I gave by one million.
And yes, if a billion people each tried a hundred different seed phrases, you'd have 100 billion total attempts, so you would divide the probability by 100 billion.
However, keep in mind that the probabilities we're dealing with here are still extraordinarily small. For example, if we consider the case where we're looking for any one of a million specific seed phrases out of all possible ones, the odds become roughly 1 in 10^73, assuming 2^264 total possible seed phrases.
Even if a billion people (10^9) each tried a hundred (10^2) seed phrases, that's 10^11 total attempts. This brings the odds to roughly 1 in 10^62.
These are still astronomically small probabilities. Even with a billion people making a hundred attempts each, the chances of correctly guessing a specific seed phrase (or one of a specific set of seed phrases) are infinitesimally small.
To put it in perspective, you're still more likely to win the Powerball lottery multiple times in a row than to correctly guess a specific seed phrase or one of a set of specific seed phrases in this scenario.
What if a computer tries all possibilities? Meaning it creates all of those wallets, if there is money it takes it.
When the cosmic egg at the beginning of the universe popped. It increased in size 10 to the 50th power into the size of a grapefruit! If you were 10 to the 50th power larger than you are, you would be larger than the entire universe as it is today.
@@Whale15 Well no. God and the Elves created the cosmic egg.
Even if you restrict each word to one-time appearance in a 24 word list, the number of combinations is still very close to 2048 ** 24.
Great visual explanation. Thanks!
Great video dude!
If it ever happens there will be exactly one winner and exactly one loser.
Thanks man❤❤
But how do you take the exact sequence of the words into account?
Not sure what you mean.
if you have 2 options for 2 positions you get
aa
ab
ba
bb
all 4 are unique ... so this gives you automatically the formula (Total Positions) ^ total options... = 2 ^2 =4
@@confidential303 A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Ok this is great but what about recovering a 24 seed phrase? Is it possible to try to recover someone’s wallet just by running a computer program that will run 24h/day random seed phrases? This looks to me like it could be doable…
Using the fastest computer, running 24/7, it will take 1 quadrillion years. Enjoy the wait.
The probability of brute forcing a live wallet is the same as winning the lottery NINE TIMES in a row. The probability of that wallet having a balance is like winning the lottery 11 times in a row. So... good luck with that.
@@Jacob-2796 it looks like you forgot to give the specifics of your calculations. What kind of computing have you considered in the calculations and over what time scale were the machines searching for any live wallet existing on this planet?
Great work!
Great explanation! Rarely do I find exactly the answer I’m looking for, spelled out so clearly. Thanks.
Thanks for showing us all! Great video!
Thanks for the video. The words will not repeat right? So the option to choose the second word is 2047, third word is 2046. So in this case it’s not all 2048x2048x…all the way for 24 words.
Repeats are allowed in seeds.
@@matthewmoon2463 I see. Thanks for clarify.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Hi, question, was there a website that gave you that nice print out?
kryptodots.com/wp-content/downloads/bip-0039-English-wordlist-2pag-v2.5.pdf
@@MotoTTZ Thank you !!!
John is a legend of the internet
Thanks for this awesome video 🤗
It was Satoshi’s idea?
No, the BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Who is know all 241 words , used in valid repeated word seed phrases ( like word "twelve", repeated 12 times)?
But we don’t get to chose the words, the wallet does not the person,
When you restore a hardware wallet you get to choose any seed phrase you want.
@@NotMe-wh5vb what? My hardware wallet I started fresh again. The hardware wallet picked the new seed phrase NOT ME.
You can choose the words, except the last one, because it is a checksum. But, as human beings are really bad to choose real random words, if you want, you can write the 2048 words in pieces of paper and pick the first 23. For the last one, you'll need a checksum calculator and find the final word. But don't do this online.
So you're telling me that me randomly putting 12 phrases and them having 400$ in it was something that was never meent to happen lol
you know your cars man!
That was very interesting. Thank you for this video!
Yeah...but what if?
Thanks, John !
Can you use the same word twice? If not, then it will be: 2048x2047x2046..... No?
I think that the correct number is calculated with this formule: 2048 x 2047 x 2046 x 2045 x .... x 2025
The number is obviously so high anyway. Great vid. I appreciate. Got 1 SUB!
No, you don't use a factorial to work out the combination. It's just 2048 to the 24th power.
@@MotoTTZ but if i choose 1 of the 2048 words for the first, I have to choose 1 of the 2047 of the remaining words 🤔 etc...
@@FedericoFumagalli No, a factorial is used to work out the number of combination on moving an objection to a know set of possible locations, like a Rubik's Cube. Here, there are no moving things and no location. There are just 2048 words. If you have to chose one, you have 2048 choices. If you have to two, you have 2048x2480 choices. If you have to chose three, you have 2048x2048x2480 choices. If you have to chose 24, you have 2048 to 24th power choices.
@@FedericoFumagalli The words can be used repeatedly
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
can you use the same word twice ? otherwise it would be 2048 X 2047 X 2046......
Repeated words are allowed.
Is choosing two words 2048^2 permutations, or 2048P2 ? Ive never been sure if replacement was allowed. And yes, I know the number of permutations is astronomical... but consider the fact that most wallet owners have multiple different wallets, many old and disposed of or forgotten about. Consider that there are thousands upon thousands of crypto owners across the globe and the number is growing. Consider that there are supercomputers that could run through these permutations at lightning speed for the sole purpose of stealing crypto. Much worse and much more nefarious scenario than two people just "accidentally" generating the same wallet. Talking about the number of permutations alone isnt a fair treatment of the probabilities involved, nor is it a fair discussion on the brute force tactics that might be employed. I trust it is by far easier to steal wallets by regenerating them from a word list, than it is to target a single wallet on the blockchain and hack its encryption.
Yes, repeats are allowed. I'm afraid you don't quite understand the numbers involved here. It doesn't matter in the slightest about the number of wallets "across the globe" and its growing number, or disposed of wallets forgotten about. They are insignificant, and forever will be. To put things in perspective, you could have a trillion trillion people (10^24, more humans than there ever will be) generating wallet seeds and it still wouldn't matter. Brute forcing a seed at "lightning speed"? Even the NSA assuming 1 trillion guesses per second would take millions of years to get through just half the possibilities. Not worth it.
@@matthewmoon2463 Are we sure though that two seed phrases wont ever produce the keys to the same wallet, ever? The space of possible addresses has got to be infinitely larger than the space of possible seed phrases that produce them.
@@leesweets4110 Hi, Lee. The space of possible seed phrases is approx 10^67. So, we're not dealing with infinite spaces. They are huge, but not infinite. Infinity is a concept, but not a number that makes much sense. Any finite number (like 10^67, or even 10^67000), no matter how large, is infinitely smaller than infinity (an interesting concept to think about). John talks about a mental model of atoms in the visible universe being the size of the seed phrase space (a close approximation). If you were to somehow pick a random atom from the universe, what's the probability that I would zone into the exact one you did, assuming my pick was random? Is it possible? Yes, the model is open to the possibility. But the probability is so close to zero, that it's practically zero. Even with trillions of people all making keys. For example, a trillion people who've all made keys is 10^12 people out of 10^67 possible wallets. But that's equal to a single person matching a wallet from 10^55 possible wallets. We haven't moved the needle here. Not even a dent. In order to get slightly worried about wallets matching, we'd need to start getting close to a trillion trillion trillion trillion (10^48) people generating wallets. THEN the numbers get worrisome. I can guarantee you there will never be that many wallets generated, ever.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
This is amazing! Imagine that all living people (8 billion) somehow have been creating 1 thousand bitcoin wallets per second since the beginning of the universe (13,8 billion years ago). We would "only" have 3.5*10^30 wallets. And the chance to find any would be 1 in 10^49.
Anyone who thinks or doubts that two persons might randomly get the same 24 words combination, may add the 25th word (AKA passphrase), so that you and only you know what that 25th word is. Even if another person gets the same 24 words, he / she wont be able to access your funds (assuming you held all your crypto on the accounts that was generated using the 25 words)
Most of the wallets dosn't have passphrase option
@@King-hd5xo Ledger, Trezor, UnstoppableWallet, and BlueWallet support passphrases. With a passphrase of only 4 characters, the total combinations are more than atoms in the universe.
By the way, the passphrase may be as long as 100 characters in some wallets. You could easily choose 15 more words.
thank you
THANKS DUDE
What about a 12 word, that's very commonly used in wallets.
Superb .,... Keep it up...
it's actually less i believe. You can't have the same word twice in a seed, so it's 2048x2047x2046x....2025 so it's 2.59x10^79
Repeats are allowed in seeds. I've had two repeated words in a single seed. It's not that uncommon.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
So you're saying there's a chance I can jackpot satoshis wallet
You can also get stuck by lightning 10 ten times in a row and then have a comet smack you on the head too!
very good explaind
How about 12 ? Its easy right
With kali linux
Satoshi's wallet would be a nice jackpot.
Very small odds, does no mean not possible?
Actually it seems to me it is very possible, just not very probable.
But not probable things happen actually a lot in the universe.
trust in numbers
Its a lot more probable for someone to hack your bank account so I prefer this storage.
Universe is a big place, how about just here in Earth?
"Very" possible? Hardly. As John says, it's almost zero.
@@matthewmoon2463 what about generators how do we know it wont accidently put in the same 24 words . I know there audited etc but still lol
so basically i might as well make a 12-word phase and save me some effort and time? a 12 word phrase is also easier to remember in ur head
very good...thank you
awesome! it feels more possible than it really is lol, good to know
Thx
TY!
👑
With my luck, someone will choose my phrase and poof, my wallet.
They have much better chance of stealing it than guessing it.
I need help. I had a recovery with my 12words and I can only see my xrp coins and money my other coins is still 0$ help pls
Are you using the same software wallet or a hardware wallet? Are the public addresses different with the other coins?
@@Leeyouno im useing ellipal wallet just bought a new one
@@messiiileo1456 Well ripple only needs 6 recovery words. If I had to guess one of the 12 recovery words was inputed wrong but still backed you up with a valued mnemonic phrase. To be absolutely sure go to a coin you sure you own and see if there is any log history with it. There should be many ways you can search your public key online to see if there is a transaction history. If I try to tell you how in a YT comment the YT AI will just auto delete my comment. But yeah it sounds like one of your BIP39 words was replaced with a different word during backup.
@@Leeyouno hmm im sure I wrote the right words. Thx
awesome
If you knew my luck and the sh*t ive been through, you would have zero doubt right now that I would be the one that would get the exact same seed phrase as the world's most vicious crypto criminal. Bet
arent there 7 billion people on earth? divide that number by 7 billion please
sooo... you'Re saying... that there is a chance.... :P
You forget the fact that among 24 randomly selected words there may be invalid, so by using a script to determine which 24 selected words are valid or not, you have to test one by one. and this shows the amount is not as big as you describe even though it won't be easy...
You clearly don't know about the limitations of compute power, even w quantum processors