And even when you have the same words they still need to be filled in the correct order. So I guess that makes it even a much larger number of possibilities.
When choosing the 2nd number if you assume it will not be a chosen word already then the seconds combination will be 2048-1=2047 and so on so it won’t be 2048^2 it will be 2048*2047
Last word is a checksum, it's not random between the 2048 words but a specific one between them, so is even more difficult because if don't generate the correct last word the address is even not valid.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Nice video, I like the explaination with the papers. But you would need to discard the invalid mnemonics, not all combinations are valid as it needs to test the checksum. You calculated an upper bound of the combinations. It would be nice to see an updated video with the exact real number of combinations (which would still be extremely large).
This video is very misleading and not well researched at all. At 1:08, He said the seed phrase will mathematically derive your private key but it is the opposite
@@soulreaper9453 I agree it's approximative :/ To understand: a word is reusable. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. Totals are: _12 words combinations = (2048^11)*128 = 2^128. _24 words combinations = (2048^23)*8 = 2^256. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
I would like to understand the mathematics behind how a single 24 word seed gives rise to everything else. For example, how do we derive the public and private keypair for a wallet, and how do we derive an address? Can a single address be controlled by different private keys owned by different people? Specifically, different bits of coin associated with that address are encrypted by two different owners. And we're not limited to a single address either... how are we able to derive the entire sequence of addresses and how many are in the sequence? Do they all have the same private key or does each get a unique private key? How is the calculation different across the different coin and token types?
It all starts with random numbers generated by a user or wallet software. From the randomness, you first get a private key which will generate a public key (It's a one way process because A public key cannot generate a private key). The mnemonic phrase is only a human understandable representation of the private key the same way a Web address is a human understandable representation of a domain IP address
Anyone who thinks or doubts that two persons might randomly get the same 24 words combination, may add the 25th word (AKA passphrase), so that you and only you know what that 25th word is. Even if another person gets the same 24 words, he / she wont be able to access your funds (assuming you held all your crypto on the accounts that was generated using the 25 words)
@@King-hd5xo Ledger, Trezor, UnstoppableWallet, and BlueWallet support passphrases. With a passphrase of only 4 characters, the total combinations are more than atoms in the universe.
When the cosmic egg at the beginning of the universe popped. It increased in size 10 to the 50th power into the size of a grapefruit! If you were 10 to the 50th power larger than you are, you would be larger than the entire universe as it is today.
there are 2028^24 combinations or 10^77 (decimal,)which is slightly bigger that SHA256 (2^256), that is 2^264 (binary) to be exact, because a mnemonic phrase also has a checksum. Meaning that the possibility of someone guessing 24 out of 2048 words in the correct order is 1:10 followed by 77 zeros. For illustration 10^77 is more than there are a number of atoms in the observable universe. You are safe...as long as you do not choose the words yourself, as you will not do it randomly enough. Never ever choose your own mnemonic phrase always trust a specialized third party like Ledger or Trezor to do if for you.
Not to be a stickler but the number would not have 79 more zeros. The decimal would move right 79 more times. So not as big as that number on the page but still Really Really big.
Great explanation. My only disagreement is "there are more possibilities than atoms in the universe". I would argue that we do not know the number of atoms in the universe.
My problem: Yes Phrase but wrong place (right position of phrase), I tried running 24^24 it's quite fast, but it gives too many success results, how do I check Balance
Its like shooting an arrow into the universe that hits an atom then having someone else try to hit the same atom with their arrow without even knowing where they are suppose to be shooting the second arrow.
I wonder what the odds of guessing any private key that when hashed into a public address has some non-zero amount of Bitcoin? This also probably has low odds or somebody would have already done it)
You've explained the probability of guessing a single, specific 24-word BIP39 seed phrase. However, wouldn't the chances be higher if we're trying to find any one seed phrase within a set of a million distinct seed phrases? Presumably, we could calculate this by dividing the previously given probability by the number of unique seed phrases in this set. Moreover, if there were 1 billion individuals each attempting to guess a correct seed phrase 100 times, wouldn't we further divide the probability by the total number of attempts, which in this case is 100 billion? Is my understanding correct?
You are correct. If you are looking for any one of a million specific seed phrases, and not just one particular seed phrase, then you would indeed divide the probability I gave by one million. And yes, if a billion people each tried a hundred different seed phrases, you'd have 100 billion total attempts, so you would divide the probability by 100 billion. However, keep in mind that the probabilities we're dealing with here are still extraordinarily small. For example, if we consider the case where we're looking for any one of a million specific seed phrases out of all possible ones, the odds become roughly 1 in 10^73, assuming 2^264 total possible seed phrases. Even if a billion people (10^9) each tried a hundred (10^2) seed phrases, that's 10^11 total attempts. This brings the odds to roughly 1 in 10^62. These are still astronomically small probabilities. Even with a billion people making a hundred attempts each, the chances of correctly guessing a specific seed phrase (or one of a specific set of seed phrases) are infinitesimally small. To put it in perspective, you're still more likely to win the Powerball lottery multiple times in a row than to correctly guess a specific seed phrase or one of a set of specific seed phrases in this scenario.
@@rrobb47 Not more not less, circa 10^77 for total 24-words combinations (=2^256) vs circa 10^80 atoms in the universe, depending on how atoms are counted.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Ok this is great but what about recovering a 24 seed phrase? Is it possible to try to recover someone’s wallet just by running a computer program that will run 24h/day random seed phrases? This looks to me like it could be doable…
The probability of brute forcing a live wallet is the same as winning the lottery NINE TIMES in a row. The probability of that wallet having a balance is like winning the lottery 11 times in a row. So... good luck with that.
@@Jacob-2796 it looks like you forgot to give the specifics of your calculations. What kind of computing have you considered in the calculations and over what time scale were the machines searching for any live wallet existing on this planet?
Thank you you help me with that question I has in my mind I see that 12 words is super secure and the fact that they are not in alphabetical order that are completely random it is just crazy. But guess what? When I created a new waller on the smart chain of Binance the system gime one that had some tokens like it was abandon so I make a new one, cannot tell what happened there.
I think that the correct number is calculated with this formule: 2048 x 2047 x 2046 x 2045 x .... x 2025 The number is obviously so high anyway. Great vid. I appreciate. Got 1 SUB!
@@FedericoFumagalli No, a factorial is used to work out the number of combination on moving an objection to a know set of possible locations, like a Rubik's Cube. Here, there are no moving things and no location. There are just 2048 words. If you have to chose one, you have 2048 choices. If you have to two, you have 2048x2480 choices. If you have to chose three, you have 2048x2048x2480 choices. If you have to chose 24, you have 2048 to 24th power choices.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Thanks for the video. The words will not repeat right? So the option to choose the second word is 2047, third word is 2046. So in this case it’s not all 2048x2048x…all the way for 24 words.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Is choosing two words 2048^2 permutations, or 2048P2 ? Ive never been sure if replacement was allowed. And yes, I know the number of permutations is astronomical... but consider the fact that most wallet owners have multiple different wallets, many old and disposed of or forgotten about. Consider that there are thousands upon thousands of crypto owners across the globe and the number is growing. Consider that there are supercomputers that could run through these permutations at lightning speed for the sole purpose of stealing crypto. Much worse and much more nefarious scenario than two people just "accidentally" generating the same wallet. Talking about the number of permutations alone isnt a fair treatment of the probabilities involved, nor is it a fair discussion on the brute force tactics that might be employed. I trust it is by far easier to steal wallets by regenerating them from a word list, than it is to target a single wallet on the blockchain and hack its encryption.
Yes, repeats are allowed. I'm afraid you don't quite understand the numbers involved here. It doesn't matter in the slightest about the number of wallets "across the globe" and its growing number, or disposed of wallets forgotten about. They are insignificant, and forever will be. To put things in perspective, you could have a trillion trillion people (10^24, more humans than there ever will be) generating wallet seeds and it still wouldn't matter. Brute forcing a seed at "lightning speed"? Even the NSA assuming 1 trillion guesses per second would take millions of years to get through just half the possibilities. Not worth it.
@@matthewmoon2463 Are we sure though that two seed phrases wont ever produce the keys to the same wallet, ever? The space of possible addresses has got to be infinitely larger than the space of possible seed phrases that produce them.
@@leesweets4110 Hi, Lee. The space of possible seed phrases is approx 10^67. So, we're not dealing with infinite spaces. They are huge, but not infinite. Infinity is a concept, but not a number that makes much sense. Any finite number (like 10^67, or even 10^67000), no matter how large, is infinitely smaller than infinity (an interesting concept to think about). John talks about a mental model of atoms in the visible universe being the size of the seed phrase space (a close approximation). If you were to somehow pick a random atom from the universe, what's the probability that I would zone into the exact one you did, assuming my pick was random? Is it possible? Yes, the model is open to the possibility. But the probability is so close to zero, that it's practically zero. Even with trillions of people all making keys. For example, a trillion people who've all made keys is 10^12 people out of 10^67 possible wallets. But that's equal to a single person matching a wallet from 10^55 possible wallets. We haven't moved the needle here. Not even a dent. In order to get slightly worried about wallets matching, we'd need to start getting close to a trillion trillion trillion trillion (10^48) people generating wallets. THEN the numbers get worrisome. I can guarantee you there will never be that many wallets generated, ever.
A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
This is amazing! Imagine that all living people (8 billion) somehow have been creating 1 thousand bitcoin wallets per second since the beginning of the universe (13,8 billion years ago). We would "only" have 3.5*10^30 wallets. And the chance to find any would be 1 in 10^49.
Very small odds, does no mean not possible? Actually it seems to me it is very possible, just not very probable. But not probable things happen actually a lot in the universe.
You forget the fact that among 24 randomly selected words there may be invalid, so by using a script to determine which 24 selected words are valid or not, you have to test one by one. and this shows the amount is not as big as you describe even though it won't be easy...
if you have 2 options for 2 positions you get aa ab ba bb all 4 are unique ... so this gives you automatically the formula (Total Positions) ^ total options... = 2 ^2 =4
@@confidential303 A word is reusable. Considering the last word checksum, the exact combinations count is: 12 words combinations = (2048^11)*128 = 2^128. 24 words combinations = (2048^23)*8 = 2^256. In a 12-word seed, the last word has 128 correct options. In a 24-word seed, the last word has 256 correct options. The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
You can choose the words, except the last one, because it is a checksum. But, as human beings are really bad to choose real random words, if you want, you can write the 2048 words in pieces of paper and pick the first 23. For the last one, you'll need a checksum calculator and find the final word. But don't do this online.
If you knew my luck and the sh*t ive been through, you would have zero doubt right now that I would be the one that would get the exact same seed phrase as the world's most vicious crypto criminal. Bet
@@messiiileo1456 Well ripple only needs 6 recovery words. If I had to guess one of the 12 recovery words was inputed wrong but still backed you up with a valued mnemonic phrase. To be absolutely sure go to a coin you sure you own and see if there is any log history with it. There should be many ways you can search your public key online to see if there is a transaction history. If I try to tell you how in a YT comment the YT AI will just auto delete my comment. But yeah it sounds like one of your BIP39 words was replaced with a different word during backup.
the explanation is incorrect. You shouldn't be trying to find out the chance of 1 person getting the exact same letters and sequence if one person chooses. You should be trying to find out the chance that if billions of people all choose randomly, one of them will be the same as yours. That's totally different odds. There aren't only 2 people in the world with these seeds so your explanation is nonsense
A trillion (10^12) wallets is a good number? It's more than 100 wallets for each living person. So you divide those 3*10^79 by 10^12. The result is 3*10^67. So you'd have 1 chance in 3*10^67 to guess any of the 1 trillion wallets.
I don't like the expression "the risk is very very low". In 20 years we will laugh about this when thousands of wallets got brute forced with quantum computers
The chance of getting the correct code is approximately 0.0000000000000000000000000000000000000000000000000000000000000000000000000000033735033418337674318%
So you're telling me there's a chance - Lloyd Christmas
Hahahahha 😂
Can be nakamoto account 🐳🐳
Top comment
😂😂😂😂😂
🤣🤣🤣
So with only 3 words you can almost give everyone on earth a unique combination.
And even when you have the same words they still need to be filled in the correct order. So I guess that makes it even a much larger number of possibilities.
@@PressTubethere’s always a chance…😂
When choosing the 2nd number if you assume it will not be a chosen word already then the seconds combination will be 2048-1=2047 and so on so it won’t be 2048^2 it will be 2048*2047
that's an assumption tho. Words can be repeated.
Words can be repeated in the seedphrase. The other thing we have to remember is that the order of the words matters.
Dude, I like how you explain this. You earn +1 sub here!.
your comment need a ❤️”
Last word is a checksum, it's not random between the 2048 words but a specific one between them, so is even more difficult because if don't generate the correct last word the address is even not valid.
What do you mean by specific one between them?
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Nice video, I like the explaination with the papers.
But you would need to discard the invalid mnemonics, not all combinations are valid as it needs to test the checksum. You calculated an upper bound of the combinations.
It would be nice to see an updated video with the exact real number of combinations (which would still be extremely large).
This video is very misleading and not well researched at all. At 1:08, He said the seed phrase will mathematically derive your private key but it is the opposite
@@soulreaper9453 I agree it's approximative :/
To understand: a word is reusable. In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options. Totals are:
_12 words combinations = (2048^11)*128 = 2^128.
_24 words combinations = (2048^23)*8 = 2^256.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Just what I wanted to know. Thanks!
Great explanation, very easy to understand. Thank you!
Just found out about your channel, Thanks for the explanation :), What about the 12-word seed phase?
I would like to understand the mathematics behind how a single 24 word seed gives rise to everything else. For example, how do we derive the public and private keypair for a wallet, and how do we derive an address? Can a single address be controlled by different private keys owned by different people? Specifically, different bits of coin associated with that address are encrypted by two different owners. And we're not limited to a single address either... how are we able to derive the entire sequence of addresses and how many are in the sequence? Do they all have the same private key or does each get a unique private key? How is the calculation different across the different coin and token types?
It all starts with random numbers generated by a user or wallet software. From the randomness, you first get a private key which will generate a public key (It's a one way process because A public key cannot generate a private key). The mnemonic phrase is only a human understandable representation of the private key the same way a Web address is a human understandable representation of a domain IP address
Anyone who thinks or doubts that two persons might randomly get the same 24 words combination, may add the 25th word (AKA passphrase), so that you and only you know what that 25th word is. Even if another person gets the same 24 words, he / she wont be able to access your funds (assuming you held all your crypto on the accounts that was generated using the 25 words)
Most of the wallets dosn't have passphrase option
@@King-hd5xo Ledger, Trezor, UnstoppableWallet, and BlueWallet support passphrases. With a passphrase of only 4 characters, the total combinations are more than atoms in the universe.
By the way, the passphrase may be as long as 100 characters in some wallets. You could easily choose 15 more words.
When the cosmic egg at the beginning of the universe popped. It increased in size 10 to the 50th power into the size of a grapefruit! If you were 10 to the 50th power larger than you are, you would be larger than the entire universe as it is today.
@@Whale15 Well no. God and the Elves created the cosmic egg.
5:03 it's the US national debt.
For real
Best videos on RUclips. Love it.
Great video! Answered my random 3AM thought. You are awesome!
I am very conservative so I rather pick 24 words, better safe than sorry!
there are 2028^24 combinations or 10^77 (decimal,)which is slightly bigger that SHA256 (2^256), that is 2^264 (binary) to be exact, because a mnemonic phrase also has a checksum. Meaning that the possibility of someone guessing 24 out of 2048 words in the correct order is 1:10 followed by 77 zeros.
For illustration 10^77 is more than there are a number of atoms in the observable universe.
You are safe...as long as you do not choose the words yourself, as you will not do it randomly enough. Never ever choose your own mnemonic phrase always trust a specialized third party like Ledger or Trezor to do if for you.
Thank you for explaining it. I understand now.
ok 24 seed words are pretty safe, but what's about 12 seed words, wich for example electrum uses?
Don't worry about 12-word seeds. They are extremely safe from accidental matches. 24 word seeds are so incredibly overkill.
Not to be a stickler but the number would not have 79 more zeros. The decimal would move right 79 more times. So not as big as that number on the page but still Really Really big.
Thank you John.
wholey smoley#!@ GREAT video, excellent clarification. You're a great teacher John! Much appreciated. This made me a new subscriber.
your so geeky and its nice to see you being passionate about numbers , good on you John ,keep well greetings from Oz....
Great explanation. My only disagreement is "there are more possibilities than atoms in the universe". I would argue that we do not know the number of atoms in the universe.
Scientists estimate that there is within the range of 10^78 to 10^82 atoms in the universe.
My problem: Yes Phrase but wrong place (right position of phrase), I tried running 24^24 it's quite fast, but it gives too many success results, how do I check Balance
Its like shooting an arrow into the universe that hits an atom then having someone else try to hit the same atom with their arrow without even knowing where they are suppose to be shooting the second arrow.
If you enter a random seedphrase words to metamask and you can get acces. Is that then a wallet of someone else
Even if you restrict each word to one-time appearance in a 24 word list, the number of combinations is still very close to 2048 ** 24.
If it ever happens there will be exactly one winner and exactly one loser.
I wonder what the odds of guessing any private key that when hashed into a public address has some non-zero amount of Bitcoin? This also probably has low odds or somebody would have already done it)
what is the possibility that a cold wallet producer has hardcoded a number of seeds for each device they ship out..
You've explained the probability of guessing a single, specific 24-word BIP39 seed phrase. However, wouldn't the chances be higher if we're trying to find any one seed phrase within a set of a million distinct seed phrases? Presumably, we could calculate this by dividing the previously given probability by the number of unique seed phrases in this set. Moreover, if there were 1 billion individuals each attempting to guess a correct seed phrase 100 times, wouldn't we further divide the probability by the total number of attempts, which in this case is 100 billion? Is my understanding correct?
You are correct. If you are looking for any one of a million specific seed phrases, and not just one particular seed phrase, then you would indeed divide the probability I gave by one million.
And yes, if a billion people each tried a hundred different seed phrases, you'd have 100 billion total attempts, so you would divide the probability by 100 billion.
However, keep in mind that the probabilities we're dealing with here are still extraordinarily small. For example, if we consider the case where we're looking for any one of a million specific seed phrases out of all possible ones, the odds become roughly 1 in 10^73, assuming 2^264 total possible seed phrases.
Even if a billion people (10^9) each tried a hundred (10^2) seed phrases, that's 10^11 total attempts. This brings the odds to roughly 1 in 10^62.
These are still astronomically small probabilities. Even with a billion people making a hundred attempts each, the chances of correctly guessing a specific seed phrase (or one of a specific set of seed phrases) are infinitesimally small.
To put it in perspective, you're still more likely to win the Powerball lottery multiple times in a row than to correctly guess a specific seed phrase or one of a set of specific seed phrases in this scenario.
Hi, does the generators of seed phrases know of the existing seed phrases already created? so as not to generate the same one?
I have the same question
If the generator knew you would just iterate over already created seed phrases to check the balance. Nope, it's random.
@@XKKXKKX so you technically can be given an account with bitcoin
How about mass adoption for crypto and 7 billions people have crypto wallet.? I think there a odds people will random get other people seed phrase
Nope. Not even close. 256bit entropy yields more possible seeds than the total # of atoms in the universe....
2048^3 already exceeds the global population.
Nope. Almost zero. You could have many, many trillions of people who've created wallets and it barely moves the needle.
@@rrobb47 Not more not less, circa 10^77 for total 24-words combinations (=2^256) vs circa 10^80 atoms in the universe, depending on how atoms are counted.
but what if some hacker uses super computer to keep guessing seed words. how possible it is to be robbed
it's actually less i believe. You can't have the same word twice in a seed, so it's 2048x2047x2046x....2025 so it's 2.59x10^79
Repeats are allowed in seeds. I've had two repeated words in a single seed. It's not that uncommon.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
Thanks, John !
Thanks for showing us all! Great video!
Great video dude!
hi, great video, but i still don't understand how my ledger recognize my 24 words, how does it verify that those words i entered are correct..
Thanks man❤❤
Great visual explanation. Thanks!
Is remembering the 24 words enough to recover all your funds? does the 24 word also remeber your adress?
Yes, but you also need to remember the exact position of each word.
Great explanation! Rarely do I find exactly the answer I’m looking for, spelled out so clearly. Thanks.
What if a computer tries all possibilities? Meaning it creates all of those wallets, if there is money it takes it.
Satoshi's wallet would be a nice jackpot.
Great work!
3:47 number is wrong.. many zeros
John is a legend of the internet
Ok this is great but what about recovering a 24 seed phrase? Is it possible to try to recover someone’s wallet just by running a computer program that will run 24h/day random seed phrases? This looks to me like it could be doable…
Using the fastest computer, running 24/7, it will take 1 quadrillion years. Enjoy the wait.
The probability of brute forcing a live wallet is the same as winning the lottery NINE TIMES in a row. The probability of that wallet having a balance is like winning the lottery 11 times in a row. So... good luck with that.
@@Jacob-2796 it looks like you forgot to give the specifics of your calculations. What kind of computing have you considered in the calculations and over what time scale were the machines searching for any live wallet existing on this planet?
THANKS DUDE
Thank you you help me with that question I has in my mind I see that 12 words is super secure and the fact that they are not in alphabetical order that are completely random it is just crazy. But guess what? When I created a new waller on the smart chain of Binance the system gime one that had some tokens like it was abandon so I make a new one, cannot tell what happened there.
I think that the correct number is calculated with this formule: 2048 x 2047 x 2046 x 2045 x .... x 2025
The number is obviously so high anyway. Great vid. I appreciate. Got 1 SUB!
No, you don't use a factorial to work out the combination. It's just 2048 to the 24th power.
@@MotoTTZ but if i choose 1 of the 2048 words for the first, I have to choose 1 of the 2047 of the remaining words 🤔 etc...
@@FedericoFumagalli No, a factorial is used to work out the number of combination on moving an objection to a know set of possible locations, like a Rubik's Cube. Here, there are no moving things and no location. There are just 2048 words. If you have to chose one, you have 2048 choices. If you have to two, you have 2048x2480 choices. If you have to chose three, you have 2048x2048x2480 choices. If you have to chose 24, you have 2048 to 24th power choices.
@@FedericoFumagalli The words can be used repeatedly
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
very good...thank you
Thanks for this awesome video 🤗
Thanks for the video. The words will not repeat right? So the option to choose the second word is 2047, third word is 2046. So in this case it’s not all 2048x2048x…all the way for 24 words.
Repeats are allowed in seeds.
@@matthewmoon2463 I see. Thanks for clarify.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
That was very interesting. Thank you for this video!
you know your cars man!
can you use the same word twice ? otherwise it would be 2048 X 2047 X 2046......
Repeated words are allowed.
What about a 12 word, that's very commonly used in wallets.
Superb .,... Keep it up...
is it bigger than a google plex?
Is choosing two words 2048^2 permutations, or 2048P2 ? Ive never been sure if replacement was allowed. And yes, I know the number of permutations is astronomical... but consider the fact that most wallet owners have multiple different wallets, many old and disposed of or forgotten about. Consider that there are thousands upon thousands of crypto owners across the globe and the number is growing. Consider that there are supercomputers that could run through these permutations at lightning speed for the sole purpose of stealing crypto. Much worse and much more nefarious scenario than two people just "accidentally" generating the same wallet. Talking about the number of permutations alone isnt a fair treatment of the probabilities involved, nor is it a fair discussion on the brute force tactics that might be employed. I trust it is by far easier to steal wallets by regenerating them from a word list, than it is to target a single wallet on the blockchain and hack its encryption.
Yes, repeats are allowed. I'm afraid you don't quite understand the numbers involved here. It doesn't matter in the slightest about the number of wallets "across the globe" and its growing number, or disposed of wallets forgotten about. They are insignificant, and forever will be. To put things in perspective, you could have a trillion trillion people (10^24, more humans than there ever will be) generating wallet seeds and it still wouldn't matter. Brute forcing a seed at "lightning speed"? Even the NSA assuming 1 trillion guesses per second would take millions of years to get through just half the possibilities. Not worth it.
@@matthewmoon2463 Are we sure though that two seed phrases wont ever produce the keys to the same wallet, ever? The space of possible addresses has got to be infinitely larger than the space of possible seed phrases that produce them.
@@leesweets4110 Hi, Lee. The space of possible seed phrases is approx 10^67. So, we're not dealing with infinite spaces. They are huge, but not infinite. Infinity is a concept, but not a number that makes much sense. Any finite number (like 10^67, or even 10^67000), no matter how large, is infinitely smaller than infinity (an interesting concept to think about). John talks about a mental model of atoms in the visible universe being the size of the seed phrase space (a close approximation). If you were to somehow pick a random atom from the universe, what's the probability that I would zone into the exact one you did, assuming my pick was random? Is it possible? Yes, the model is open to the possibility. But the probability is so close to zero, that it's practically zero. Even with trillions of people all making keys. For example, a trillion people who've all made keys is 10^12 people out of 10^67 possible wallets. But that's equal to a single person matching a wallet from 10^55 possible wallets. We haven't moved the needle here. Not even a dent. In order to get slightly worried about wallets matching, we'd need to start getting close to a trillion trillion trillion trillion (10^48) people generating wallets. THEN the numbers get worrisome. I can guarantee you there will never be that many wallets generated, ever.
A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
This is amazing! Imagine that all living people (8 billion) somehow have been creating 1 thousand bitcoin wallets per second since the beginning of the universe (13,8 billion years ago). We would "only" have 3.5*10^30 wallets. And the chance to find any would be 1 in 10^49.
👑
thank you
What about same 24word seed and same passphrase
So you're telling me that me randomly putting 12 phrases and them having 400$ in it was something that was never meent to happen lol
TY!
Who is know all 241 words , used in valid repeated word seed phrases ( like word "twelve", repeated 12 times)?
Thx
It was Satoshi’s idea?
No, the BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
so basically i might as well make a 12-word phase and save me some effort and time? a 12 word phrase is also easier to remember in ur head
Hi, question, was there a website that gave you that nice print out?
kryptodots.com/wp-content/downloads/bip-0039-English-wordlist-2pag-v2.5.pdf
@@MotoTTZ Thank you !!!
very good explaind
awesome! it feels more possible than it really is lol, good to know
So you're saying there's a chance I can jackpot satoshis wallet
You can also get stuck by lightning 10 ten times in a row and then have a comet smack you on the head too!
awesome
Very small odds, does no mean not possible?
Actually it seems to me it is very possible, just not very probable.
But not probable things happen actually a lot in the universe.
trust in numbers
Its a lot more probable for someone to hack your bank account so I prefer this storage.
Universe is a big place, how about just here in Earth?
"Very" possible? Hardly. As John says, it's almost zero.
@@matthewmoon2463 what about generators how do we know it wont accidently put in the same 24 words . I know there audited etc but still lol
Yeah...but what if?
You forget the fact that among 24 randomly selected words there may be invalid, so by using a script to determine which 24 selected words are valid or not, you have to test one by one. and this shows the amount is not as big as you describe even though it won't be easy...
You clearly don't know about the limitations of compute power, even w quantum processors
But how do you take the exact sequence of the words into account?
Not sure what you mean.
if you have 2 options for 2 positions you get
aa
ab
ba
bb
all 4 are unique ... so this gives you automatically the formula (Total Positions) ^ total options... = 2 ^2 =4
@@confidential303 A word is reusable. Considering the last word checksum, the exact combinations count is:
12 words combinations = (2048^11)*128 = 2^128.
24 words combinations = (2048^23)*8 = 2^256.
In a 12-word seed, the last word has 128 correct options.
In a 24-word seed, the last word has 256 correct options.
The BIP39 seed is a system to reproduce a 128 or 256-bit long key by a 12 or 24-word seed, easier to write down for a human without mistake.
But we don’t get to chose the words, the wallet does not the person,
When you restore a hardware wallet you get to choose any seed phrase you want.
@@NotMe-wh5vb what? My hardware wallet I started fresh again. The hardware wallet picked the new seed phrase NOT ME.
You can choose the words, except the last one, because it is a checksum. But, as human beings are really bad to choose real random words, if you want, you can write the 2048 words in pieces of paper and pick the first 23. For the last one, you'll need a checksum calculator and find the final word. But don't do this online.
How about 12 ? Its easy right
With kali linux
♾
If you knew my luck and the sh*t ive been through, you would have zero doubt right now that I would be the one that would get the exact same seed phrase as the world's most vicious crypto criminal. Bet
Say hello to my quantum computer 😈First order of business: crack Satoshi's wallet and dump BTC into the open market.
Just kidding 😂
sooo... you'Re saying... that there is a chance.... :P
Quantum Computer: - Hold by qbit.
Nice video, getting it is not easy, but it is possible
arent there 7 billion people on earth? divide that number by 7 billion please
Интересное видео
I need help. I had a recovery with my 12words and I can only see my xrp coins and money my other coins is still 0$ help pls
Are you using the same software wallet or a hardware wallet? Are the public addresses different with the other coins?
@@Leeyouno im useing ellipal wallet just bought a new one
@@messiiileo1456 Well ripple only needs 6 recovery words. If I had to guess one of the 12 recovery words was inputed wrong but still backed you up with a valued mnemonic phrase. To be absolutely sure go to a coin you sure you own and see if there is any log history with it. There should be many ways you can search your public key online to see if there is a transaction history. If I try to tell you how in a YT comment the YT AI will just auto delete my comment. But yeah it sounds like one of your BIP39 words was replaced with a different word during backup.
@@Leeyouno hmm im sure I wrote the right words. Thx
the explanation is incorrect. You shouldn't be trying to find out the chance of 1 person getting the exact same letters and sequence if one person chooses. You should be trying to find out the chance that if billions of people all choose randomly, one of them will be the same as yours. That's totally different odds.
There aren't only 2 people in the world with these seeds so your explanation is nonsense
A trillion (10^12) wallets is a good number? It's more than 100 wallets for each living person. So you divide those 3*10^79 by 10^12. The result is 3*10^67. So you'd have 1 chance in 3*10^67 to guess any of the 1 trillion wallets.
if it happens that another people have similar combination as mine, my only wish is he/she owns more btc than me..!!
should be possible, but not probable.
but there is still a chance right, mathmatically ... lol
+1 sub is it possible to brute force into a wallet seed key
If you have a few million years to spare.
I don't like the expression "the risk is very very low". In 20 years we will laugh about this when thousands of wallets got brute forced with quantum computers
The chance of getting the correct code is approximately 0.0000000000000000000000000000000000000000000000000000000000000000000000000000033735033418337674318%