Hi, could some one explain how are seedphrases considered to be super secure? If it’s just a random string of words from a well-known list of words, what stops someone with a simple python script generating random phrases and trying to open wallets with them?
Yes, if you know the hash is of dictionary words. If you have a hash, with no knowledge of its contents, you cannot make that assumption and must increase your search space.
For example, if I give you this md5 hash: bd49d549f7c1f0169d6d61322a02d39d
How long do you think it will take to guess if you use dictionary words? The answer is “infinity”, because it’s not dictionary words. What if you expand to all lowercase letters? Uppercase? Numbers? Symbols? All ASCII printable characters? Even then you’ll never crack it, because it’s UTF-8. With that knowledge, you can probably crack it in seconds because it’s a pretty short string, but otherwise, never.
Thanks for all the answers, Im just going through them quickly now, so quick question, if I understand it correctly, then, knowing seedphrases are from a well known list, all lower case words, doesn’t it make it less safe then? Since attacker knows whats behind the hash? Wouldn’t making it all random instead of using wellknown list more secure?
Yes, it’s less secure if they know it’s from a list, and which list.
If they don’t know that, they have to treat it like a completely random password, which is a lot slower to crack.