2 sats \ 5 replies \ @nym 4 Aug 2023 \ on: Going for the HRF's BorderWallets Bounty by REMOVING the Entropy Grid? Don't --> bitcoin
The seed used to create entropy grid is random. After the grid is created, a person picks the pattern. So, the same pattern used on a entropy grid created by a different seed would create a different wallet.
Oh I see what you're saying. If an attacker finds an actual entropy grid, they can run all possible patterns easily. That makes sense.
Can you help me understand better. Sparrow uses the border wallet implementation now, so I want to make sure it is secure.
Hi - the ability to reproduce Entropy Grids using 12 words as entropy (128-bit/Deterministic Entropy Grids) uses Gibson Research Corporation’s Ultra-High Entropy Pseudo-Random Number Generator. Details here: https://www.grc.com/otg/uheprng.htm
reply
How difficult is it to run all possible word configurations that result in a valid checksum using a found grid? Once that tool is built, it would be trivial to treat every seed phrase found as a potential border wallet, and could be run through that hypothetical program.
reply
For any and every 11-cell pattern/shape, there are 39,916,800 possible combinations that an attacker could face just within that one pattern - e.g. A1 to A11, and 258,520,167,388,849,766,400 combinations if you use 23 cells. The checksum is calculated post hoc and pursuant to the 11-cells selected, and there are an additional 128 possible checksums for every 11-cell combination.
I haven't run all the numbers for the total number of possible 11-cell patterns but it is an extremely - extremely - large number. You would be far better off applying that energy to mining bitcoin directly.
reply
deleted by author
reply
Using multi-sig (two patterns on one grid) would help some, but still not sure how much compute power it would take to run all patterns of different n-of-n wallets
reply