Yes exactly. It’s what we call an encoding. It’s kind of like how in English we call a school bag a backpack and in Spanish a mochila and we can draw it as a picture. They’re all different encodings of the same information.

I never thought about it that way, that the words are not actually the private key, they are a mnemonic resource to make memorization easier. It’s like an interaction mask, is that it? I’m not a technical person.

LibertasBR

bitcoin

Bitcoin Safety: Why 12 Words are Better Than 24 - YouTube

He kind of misses the main reason why 12-words are as secure as 24-words: someone deriving the private key from a public key will use [Pollard's rho algorithm](https://en.wikipedia.org/wiki/Pollard%27s_rho_algorithm). They won't brute force the words. Regardless of 128 bits or 256 bits of entropy it takes 2^128 iterations to compute the private key using rho, according to Wullie[^1]:

> 24-word based private/public keys do have 256 bits of entropy, but it still only takes on the order of 2^128 iterations to compute the private key from a public key.

[^1]: https://bitcoin.stackexchange.com/questions/118558/is-24-words-seed-safer-than-12-words-in-terms-of-bruteforcing-the-private-key

Footnotes