Share this page!

John Cantrell Profile picture
Twitter logo
Jan 23 10 tweets 2 min read
My thread about the security of 12 vs 24 word mnemonic phrases surfaced some good discussion and some confusion. To clarify it further it’s important to understand the answers to:

What is a seed?
How’s it different from a private key?

Let me further break it down for you 👇
A seed is a set of random data that is used as the starting point for wallets to generate an endless supply of public and private keys for you.

If someone has your seed they can use it to generate the private keys for ALL of the addresses you use and ever will use.
The mnemonic phrase is used as an easy way to remember and/or write down your seed.

So if someone gets your mnemonic phrase they can use it to get your seed and eventually all of your private keys.
It will take an attacker who is brute forcing your mnemonic exponentially longer to brute force a 24 word seed over a 12 word seed.

A 24 word mnemonic is more secure than a 12 word mnemonic if the attack you are worried about is someone brute forcing your seed.
The seed is used by your wallet to generate ALL of your private and public keys.

The way the cryptography behind these keys work is that it’s practically impossible to get the private key for any one public key.

It takes roughly 2^128 operations. This is unfathomably large.
So when someone says that you don’t really gain any “security” when using more than a 12 word mnemonic the idea is that no matter how many words you use for your seed it always takes 2^128 operations to get a private key from a public key.
Okay so as long as you don’t expose your public keys then your 24 word mnemonic is more secure, right?

Yes that would be true.

However, you generally expose your public key anytime you spend Bitcoin. This is why avoiding address reuse is so important.
However, millions of coins are already in addresses where the owner reused them and the public keys are exposed.

Also, you expose a public key when using taproot addresses.

If you have no use for taproot and never reuse addresses then your 24 word mnemonic adds security.
It’s important to understand that to perform 2^128 operations is for all intents and purposes impossible.

A 12 word mnemonic is more than enough to prevent the ability for someone to brute force it.

I’ll go into the specifics in a future thread.
I hope this helped you understand the difference between a seed and a private key and how the security of brute forcing a seed is different from finding the private key for a public key.

Proper usage of Bitcoin is important in maintaining security and privacy. Educate yourself!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with John Cantrell

John Cantrell Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @JohnCantrell97

John Cantrell Profile picture
Jan 22
Something bitcoiners can forget is that it is challenging for the avg person to realize modern, govt issued currencies are a social construct and not a force of nature.

The illusion of fiat is completely pervasive and is reinforced constantly from our very first allowance 👇
A helpful discussion to wake others up to the injustice of fiat comes from the “The bitcoin standard” by @saifedean.

By simply asking the question:

“what makes for a good form of money?”

the perception of our local fiat currency as inherent and necessary can be broken.
Ammous' discussion of hard vs easy money illustrates that currencies that have an unlimited supply become worthless in the long run but there is also the possibility to strategically and nefariously siphon off a society's value through intentional manipulation of currency supply.
Read 12 tweets
John Cantrell Profile picture
Jan 22
Did you know that both 12 and 24 word mnemonic phrases offer the same level of security in terms of protecting your private keys?

It’s hard to believe, I know. Let me break down why 👇
It depends how you define ‘level of security’.

I am referring to the amount of time or resources required by an attacker to get your keys.

If protocol A takes an attacker 4hrs to get your keys and protocol B takes 24hrs to access your keys then protocol B is more secure.
In Bitcoin the security is largely defined by the cryptography used.

In Bitcoin’s case we use elliptic curve cryptography to define keys and calculate signatures.

There are known algorithms that can compute a private key from a public key in roughly 2^128 operations.
Read 10 tweets
John Cantrell Profile picture
Jan 20
You’ve heard Bitcoin is a decentralized p2p system for transferring value anywhere on earth. That sounds awesome but you might be wondering:

How changes are made?
What is the process?
Who decides?

I’ve been working on Bitcoin for almost a decade, I'll break it down for you 👇
Bitcoin is free and open source software meaning that anyone can view. download, review, and run the source code.

Just like any open source project it also means anyone is welcome to propose changes as long as they follow the guidelines that the project's community defines.
Because of the scale and impact of Bitcoin, these guidelines are more formalized than most other projects you might have been involved with.

Bitcoin defines something called a Bitcoin Improvement Proposal (BIP)

The first of which is used to define the proposal process itself.
Read 17 tweets
John Cantrell Profile picture
Jan 19
If you self custody your Bitcoin then you almost certainly have come across a mnemonic phrase of 12 or 24 words.

What is a mnemonic?
Why do I have one?
How does it work?

I’ve been working on Bitcoin for almost a decade, let me break it down for you 👇
A mnemonic is a tool that makes it easier to remember something.

You’ve probably used them in school to help you learn the planets (My Very Easy Method Just Speeds Up Naming Planets) or for biological classification (King Philip Came Over For Good Spaghetti).
So how are mnemonics used in Bitcoin?

They help you remember your private keys by making it easy to write down or even memorize your seed.

Why would it be hard to write down or memorize without a mnemonic?

Without it you’d have to memorize a string of 132 one’s and zero’s
Read 13 tweets
John Cantrell Profile picture
Jan 18
Did you know that it is possible to swap your on-chain Bitcoin with someone else’s lightning funds or the other way around without any trust or risk?

How does that work?
Why might you do it?

I’ve been working with lightning for years, let me break it down for you 👇
These swaps are called submarine swaps and use similar concepts to those used with regular lightning payments.

If you need a quick refresher on how HTLCs work, what hash locks are, and what time locks are then see my earlier thread here:
With swaps, let's call the person sending on-chain funds and receiving lightning funds the sender and the person receiving the on-chain funds but sending lightning funds the recipient.

So when I use the term sender and receiver I’m referring to movement of the on-chain funds.
Read 10 tweets
John Cantrell Profile picture
Jan 17
A lot of people think that Bitcoin is “too expensive” for them to get involved. That it’s a tool for the already wealthy. This is not true. You might be wondering:

Do I need to buy a whole coin?
How should I value Bitcoin?

Let me explain a bit about how I think about it 👇
First and foremost, no, you do not need to buy a whole coin.

A Bitcoin is divisible into 100M units called Satoshis (yes, after Satoshi Nakamoto, the pseudonymous creator of Bitcoin).

You can buy ANY amount you’re comfortable with. As little as $0.25 on the @ln_strike app!
There are a million ways people try to value Bitcoin and all of them will give you different results.

I try to stay away from short term price predictions and look at it as more than an investment.

Bitcoin provides a new form of digital money that is native to the internet.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @JohnCantrell97 has new unrolls!

Check out other threads from @JohnCantrell97!

Read all threads by @JohnCantrell97

:(