Bitcoin Safety: 12 vs 24 Words
Vložit
- čas přidán 7. 01. 2024
- In this video we compare the Bitcoin safety of 12 vs 24 word seed phrases. While both 12 and 24 word seed phrases are very secure, it is not true that 24 word seed phrases are twice as safe as 12 word seed phrases. You'll be surprised why and what you should actually be doing to secure your Bitcoin.
✍️ Companion Blog Post: www.rhett.blog/12-vs-24-words/
🆓 Download Mastering Bitcoin: github.com/bitcoinbook/bitcoi...
📖 Mastering Bitcoin Vol 3: amzn.to/3HbPyQW
🎥 Use Cursor.sh to talk to Andreas: • How to Learn Python Pr...
![The Best Bitcoin Multisig in 2024 [Unchained vs Casa vs Nunchuk]](http://i.ytimg.com/vi/Ito1YJYhc3g/mqdefault.jpg)
![MultiSig is NOT the best option for most people to store their bitcoin [June 2023]](http://i.ytimg.com/vi/sjS5qF65Yos/mqdefault.jpg)
Trezor Safe 3 allows for Shamir backup. Oddly, that is a 20-word seedphrase, with 3 of the words the same in each derivation. So in essence it is really a 17-word seed? So odd.
This is a great example of the point I was making in the video.
From their website: Trezor Suite will automatically initiate a device with Shamir backup using 20-word shares (128-bit strength).
trezor.io/learn/a/what-is-shamir-backup
Note that it says 128 bit strength. Even though there are more words it will contain the same amount of entropy as a 12 word seed phrase.
There are tradeoffs with Shamir - I would argue that it’s not worth it in 90% of cases because it complicates your recovery process.
But regardless - it’s not “safer” just because there are more words. It’s exactly the same amount of entropy
@@RhettReisman , thanks! It seems the best way is to use 12 words, keep it simple, and don't lose your seed. Anything beyond that just adds risk, not reduce it. No matter that the numbers show.
Love your videos and contributions.
Thank you! Happy to help :)
Great video. Thanks for sharing your knowledge!
Happy to help :)
Happy new year!
👍 Your videos are awesome. I have learned so much from your channel. Thanks.
Appreciate it 😁 happy to help Steve
Great! Thank you Rhett!
Hey Jarol happy to help!
Had this same thought when I saw the new Trezors only do 12 words. You explained it very well. Thanks dude
Yeah it’s a really interesting concept - happy to help :)
Excellent vidéo. Thank you. Read your post …
Thanks man happy new year 🎆
Subscribed !
You dropped this, king 👑
Excellent!
Happy to help :)
What are production hd wallets? The ledger nano ?
Yeah - ledger, trezor, coldcard, etc. basically every hardware wallet
Great video….
A little confused on 128-bit entropy schema. Are we saying that the addition 12 words AFTER the first 12 aren’t random enough to be considered truly random? Therefore we’re adding unnecessary complexity and not (in practice) much more security?
Yeah, I find this confusing too, as long as we are choosing out of the 2048 word pool randomly for each word, shouldn't it be more secure in theory with 24 words, AND in practice? It's just not random enough? What does only using 128 bits of entropy with 24 words really mean here? Isn't entropy just a function of how many random words you use, IE: 12 vs 24? How is it "unused" entropy as per the quote? Isn't it being used by nature of having the randomly generated 24 word seed phrase?
Maybe the person he was quoting in the video was just a blow hard trying to sell a book?
Andreas is definitely not a blow hard trying to sell a book - he’s released it for free to everyone on the internet
In practice most hardware wallet manufacturers are only using 128 bits of entropy. Think of the bits like empty slots where a number can go.
A bit can have 2 values. 0 or 1. If I have 128 slots (bits) I have 2^128 possible values or 10^38 possible combinations
If I have a 24 word seed phrase and 2048 possible words that’s 10^79 combinations.
If I have more combinations of seed phrases than I have slots of available entropy I’m having to drop all that extra entropy - it ends up not being used.
It’s a software/hardware reality of production HD wallets that is dropping entropy for 24 word seed phrases
@@RhettReisman The problem with your explanation, is just the blanket statement saying that modern day hardware wallets only use 128 bits of entropy with no explanation or anything to back it up. I've seen other videos that explain how entropy works and how there are about 11 bits of entropy in each word. (It's really 10.6 repeating) so 12 words x 10.6 repeating is 128 bits of entropy and 24 words x10.6 repeating is 256 bits of entropy
Entropy is just how random the whole thing is. You can have 12 random words for 128 bits of entrophy, or 24 for 256 bits of entropy. Making a program that chooses from 2048 words 24 times is not complicated at all, it's just a few lines of code not counting the word list you've have to look through.
So to say that most wallets are only made with 128 bits of entropy even if they have 24 words is like saying 12 of the 24 words weren't chosen randomly. It doesn't make any sense.
@@RhettReisman And on the point about more seed phrases than slots. Each word is made of 11 bits, so it's 2^11 possible combinations for the 0's and 1's since there's 2 choices 11 times, so that's 2048 possible words. You're just doing that 24 times instead of 12. All of the possible bits are covered with the 2048 words.
I have a question & concern. My concern is around a program that can "brute force" a 12 word vs 24 word seed phrase. Since the 2048 words are known, computer programs can generate 12 word phrases and test random phrases until eventually finding a wallet. Wouldn't you agree that a 24 word seed phrase would protect you much better against this issue?
It would if the wallets that generate the 24 words use 24 words of entropy, but most don’t.
Because most only use 12, they’re functionally the same.
Every computer on earth working together would take centuries to crack a 12 word seed phrase.
You shouldn’t worry about it
@@RhettReisman Thank you, even with the security of a 12 word seed, would you recommend adding a passphrase for extra protection?
@@tpks2542 , I am also interested in that question. I sense the answer is yes but to me this seems like all one is doing is adding a paper wallet overlay (memorized passphrase) to a HD wallet. HD wallets were meant to eliminate paper wallets but adding a passphrase to me seems like going backwards.
@@tpks2542yes 12 words plus a few words as a pass phrase
@@tpks2542 If you use a physical ledger, the passphrase will definitely add a serious layer of security as it is not stored on a the device.
I have trezor one with 24 words
Am i safe?
If you generated the seed using Trezors normal process you’re fine
It’s just that it’s probably the same level of security and harder to store than 12. If you already have one though it’s less important to try to get a new one
There is no Secure Element in the Trezor One, you should upgrade to Trezor Safe and regenrate your 24 words seedphrase in it (or switch to a 12 words ... it's much easier to memorize)
@@thomasconstant9354
I can't do it...Bitcoin is too complex for me. I'm a dummy.
I switched to ETF & MSTR with little BTC in my trezor.
3:44 but why… not sure I understood this part…
If a wallet only uses 128 bits of entropy (which is what most of them are doing) 12 words and 24 words are including the same amount of randomness.
In that case 12 words is more secure than 24
@@RhettReisman i think I understand. But then why not on 256 bits if 24 words ?
Why is coldcard having 24 words ?
They also allow 12 and 18
@@RhettReisman oh!
The way entropy works when generating randomness is so hard to comprehend. Well i find it hard to understand it.
Check out this video if you haven’t already czcams.com/video/D9j5y3tyMo8/video.htmlsi=fAFAFc-UFR0Hj7Kq
I go over the random function in Python and show you how different seeds affect the number. It is pretty confusing though lmk if there’s a specific part that I could explain better r
Someone managed to guess 100 random trust wallet addresses but all were empty how it could be possible?
It’s likely that if you guess 100 random wallets that they’ll be empty because there are more wallets combinations than grains of sand on earth. 100 guesses is not very many
Fourth reason to not do 24 word..... you won't be tempted to split your seed phrase location, which I think will cause a lot of lost BTC in years to come.
Exactly! People want to get too smart with all of this and some of them will pay the price.
Exactly! People want to get too smart with all of this and some of them will unfortunately pay the price.
He forgot to have you MUST use 24 words for a hot wallet or else you are screwed.
I’m him. I didn’t forget. You can use 12.
🧠🧠🧠🧠🧠