In this down the rabbit hole, I'm going to answer
a question you asked as a follow-up to a previous rabbit hole where we talked about why it's
impossible for someone to guess your private key by relating it to very large numbers
of cosmological scale. And now the the follow-up question we got was, "okay, so
if a bitcoin private key is such a big number that every atom in the observable universe could
have its own bitcoin private key, and you could never guess it because that's the same as guessing
which atom in the entire observable universe is my atom out of all of those out there, how does
this relate to mnemonic phrases? Is it more or less difficult to guess a mnemonic phrase?
What is the scale of a mnemonic phrase? Is a mnemonic phrase is just as difficult to
guess?" A lot of people have a lot of confusion when it comes to mnemonic phrases or
seed phrases.
What is a mnemonic phrase? What's up with that? All right let's explain what a
mnemonic phrase is. You've probably heard me say that a private key in bitcoin just like a bitcoin
address, or a bitcoin signature is just a number. Everything we're talking about here
is just numbers. There's nothing magical. So a bitcoin private key is just a
number, a bitcoin address is just a number. We write them in different ways and you may have
heard of this concept of a mnemonic phrase you've probably used it if you have your own self-custody
or non-custodial wallet. A mnemonic phrase is a collection of between 12 and 24 English words
which is used to back up your own wallet. When you first run a wallet, maybe a mobile wallet
on your mobile device, that is non-custodial or a hardware wallet that generates keys for you — the
first thing it's going to ask you to do is back up this phrase.
And it's going to show you 24 let's
say 24 English words. This is based on a standard called BIP39, the bitcoin improvement proposal 39,
which sets the standard for mnemonic phrases as they are known. A lot of people call them a "seed
phrase" or simply "seed," not exactly correct terminology but we'll run with it. So the
seed phrase is called the seed phrase because if you have those 24 words you can recover your
wallet: all of its transactions, all of its keys, across multiple cryptocurrencies even if you've
been using that wallet for years and you've done thousands of transactions, generated thousands
of addresses, across hundreds or even thousands of different cryptocurrencies.
All of that can
be recovered from these 24 words. How is that possible? And how is it different from a private
key? And how difficult is it to guess those 24 words? So, that mnemonic phrase, those 24 words
which can be expressed in a variety of languages but let's stick to English for now, come from a
dictionary. And this dictionary has 2048 words in it. It's a fairly small dictionary.
It
was designed by Satoshi Labs, the company that first proposed this standard, and it was
a development of an idea previously created by the authors of the Electrum wallet. But here's
the really key idea that you have to understand. A mnemonic phrase made of 24 English words is a
number. It's just a number, it's a number that's written in English words, but it's still just a
number. So, how do you make a number out of words? Well, I mentioned that this dictionary has 2048
words.
The first word, if I remember correctly, is about. The last word is zebra. And in between
there are 2046 other words alphabetically: about, above, aardvark, etc all the way down
to zebra. Now if you think of this dictionary, you could line up all of the words from "about"
through "zebra" and then put a number next to them. And if you put a number next to them,
about would be one, above would be two, etc, all the way down and 2048 would be zebra
or zebra would be 2048.
So you can see how if you have a dictionary with 2048 words
in it, then you could basically assign a number between 1 and 2048 indexing these
words. And therefore you can see how each one of these words can be a number. Now think of
the 24 words in a row as a series of 24 numbers numbers between 1 and 2048 and you begin to see
how this is simply a numeric encoding system. So when you write out a number in decimal, you use
digits 0 through 9, and the position of the digit is important.
And if you put lots of these digits
together you come up with some pretty big numbers. A bitcoin private key, for example, is a 77 digit
long decimal number. And that can be encoded as 10 to the 77. It corresponds to the number 10 to
the power of 77 because it's a combination of 0 through 9 repeated 77 times. So you can choose
the first digit, 0 through 9, that gives you 10 possible combinations. Then the second digit will
be 10 more possible combinations, so 10, times 10, times 10, times 10, times 10, times 10, and for
77 digits you multiply 10 with itself 77 times and you end up with 10 to the power of 77. Now
let's do that with the words of a mnemonic phrase! The first word which is between [the words]
about and zebra, is a number between 1 and 2048 so you can choose 2048 possible options for
the first word in your 24 word sequence. The second word also gives you another 2048
choices to pick from again: about through zebra. And so if you took a two-word mnemonic phrase,
how many combinations does that have? Well it has 2048 combinations for the first word, times
2048 possible combinations for the second word. So 2048 times 2048 or 2048 squared.
If you had
a three-word mnemonic phrase, then it would be 2048 times 2048 times 2048. You're beginning to
see a pattern here. So a 24-word mnemonic phrase is effectively 2048 to the power of 24. That's
how many possible arrangements of a 24-word phrase exist. 2048 choices for word one, 2048
choices for word two, 2048 choices for word three, times times times times 24 times for 24 words:
2048 to the power of 24. 2048 to the power of 24 which is your mnemonic phrase, is the same number
as 2 to the power of 264 which is slightly bigger than the 256-bit key and the reason for that is
because the mnemonic phrase has a checksum in it to make sure that we don't mess it up when we're
transcribing it.
So effectively, the 24-word mnemonic phrase is the same size as a private key.
And if you take that as your starting position, with a special function, a derivation function,
you can actually generate a sequence of keys from that first one in such a way that it
always generates the same sequence of keys; which allows you to restore an entire wallet
with multiple cryptocurrencies and perhaps thousands tens of thousands of transactions from
that single number.
A mnemonic phrase is a number. And it's a number as big as a bitcoin private
key, slightly bigger because it has a checksum. And therefore, picking or guessing your 24 word
English mnemonic phrase is equivalent to guessing a bitcoin private key, is equivalent to picking
one atom out of the observable universe. And that's why mnemonic phrases are not only a
secure mechanism and cannot be guessed but also a convenient mechanism because it's a lot easier
to read write down and read again 24 English words than it is to try to back up a 77 digit decimal
number, or 256 bit digit binary number onto a piece of paper.
And that was our rabbit hole
for today. Hi! Thanks for watching the video. I'm Andreas M. Antonopoulos, I'm the author of
Mastering Bitcoin, Mastering Ethereum, and The Internet of Money Series. If you'd like to support
my mission of bringing education about bitcoin and open blockchains to as many people as possible,
under open free creative commons licenses, please consider subscribing to my channel and supporting
me on patreon.com a-a-n-t-o-n-o-p. Thank you!.
