Last week a poster wrote in asking how safe it would be if someone knew their 24 seed phrase words but didn't know the order. The comments in response were basically split between "It would be trivial to brute force it and compromise the wallet" and "It would take much longer than a human lifetime." I'm in that latter category. If we assume you know/figure out which one is the final checksum seed word, you would have 23!=2.6e22 possible combinations. I have no idea how many permutations a good script could reasonably test, but as a conservative check if you could test 10 billion per second it would still take 82 thousand years to try all the permutations (so we might expect you to get it in roughly half that time, 41 thousand years).
But maybe I'm way underestimating how fast scripts could check the seed phrases, or maybe I'm overlooking some feature of BIP39 that actually reduces the valid permutations. Regardless, many people are just not convinced by numbers on a page. Therefore, I'm putting my (little) money where my mouth is.
I've got a fresh 24-word wallet set up with 0.062 ETH (equivalent to $100 as of writing). The public address is 0xb6f420204511C7fE9Dd3DE14266a260e8f11aC37. It's yours for the taking if you can access it. The words in my seed phrase have been randomized in order and printed below. I'll plan to leave this wallet untouched until someone compromises it, or a year has passed and no one is interested. I should also mention that this wouldn't apply to a 12 word seed phrase. With the same estimation (11! permutations, 10 billion attempts per second,) that would only require 4 milliseconds to try every permutation for the 12 seed word phrase!
My 24 seed words in randomized order: camera rhythm feature layer coconut ready need final north can early story stable report group depend employ problem monitor interest logic sausage toilet pencil
Happy de-crypting!
Updates ~10 hours later:
Wow, I didn't expect this to take off! Love all the engagement! So far the ETH is all still there (albeit worth slightly less USD than last time I checked...) As a PSA for those who don't know, you can check the holdings and transaction history of the wallet on etherscan.io by searching for the public key noted above (and lots of other blockchains have similar portals.) So if you have any doubts, give it a check yourself.
One of the major themes of comments has been "$100 ? That's not even worth it!" And I totally agree! I suspect any amount of money is not worth it, short of the amount needed for a major decade-spanning quantum cryptography research campaign. Sadly, I'm not able to offer that right now, check back next bull run. But, I get it. Some people here win or lose thousands every time Powell picks up a microphone or Musk sits in front of a keyboard. Mostly lose these days. So considering all that, I'm adding another $900 and change to make it an even $1000. Hope I don't end up cross-posted on confidently incorrect!
And for comparison I'll add another test: you're also welcome to the $5 of ALGO in my newly created 12 word protected wallet. The public key for that wallet is CWGUNPGO6ESAZSU4WNNMKKCVPLA6VBWWQIRR4OOFE4XC4SYNLZLUT5DWPM. The 12 seed words in random order are:
doctor crane pilot creek embrace burden boring excite orbit tank reflect town
Please post the correct order if anyone bothers to crack it! Not sure you could recoup minimum wage for lost time, but maybe one of you already has a script ready to go.
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments