0

I recently read about hierarchical deterministic keys, which allow a single seed to produce multiple private and public keys.

In decentralized systems, identity can be represented by a wallet, which can be generated from a seed. Therefore, it is recommended to back up the seed phrase in a safe place.

This means that true identity is not represented by the public key (wallet address) but by the seed. As far as I know, a seed is 64 bytes in size.

Regardless of the size, there is still a chance of collision. This implies a security risk or potentially fatal event where an individual could discover my seed phrase (by brute-forcing the seed bit by bit over 64 bytes) and then generate private keys to access my wallet.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
Muhammad Ikhwan Perwira
  • 375
  • 2
  • 11

1 Answers1

1

"by brute-forcing the seed bit by bit over 64 bytes". If the seed is random enough then this is not possible. You would have 512 bits to brute force, which would take $2^{511}$ tries on average for your specific wallet.

If multiple wallets can be attacked at once then some advantage can be had. But remember that an AES key with 128 bits is considered secure. Even if you only had $2^{127}$ tries then it would take forever to crack it, and the power required alone would be insurmountable.

The big trick is to avoid having the user generate the seed, because that's almost guaranteed not random and will therefore be easier to attack, for instance using dictionary attacks.

In case you are not yet convinced, here is the value of $2^{511}$ in decimals:

57,896,044,618,658,097,711,785,492,504,343,953,926,634,992,332,820,282,019,728,792,003,956,564,819,968.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323