How long would it take someone to hack my wallet if they knew my 24 words (in no particular order)?

[Chonky 34]

Hello, I'd like to know how long it would take someone to hack my wallet if he knew all 24 of my words but not their order.

I'm sure it would be counted as 24! It's also a lot less than 2048^24 (— traditional hacking without understanding any language).
The answer to 24! is 6.204484e+23.
Do you believe there will be any devices or algorithms that can test it in real time?

Thank you very much.

[alliebear 1]

At the moment, it would be possible but extremely impractical and expensive, but that is unlikely to remain the case in the future.

The equivalent of 24! is just over 279. The bitcoin network as a whole is creating 200 EH/s. While these two things are not directly comparable (because every valid seed phrase requires several more operations in addition to the hash required to verify the checksum in order to check for balance), the bitcoin network could create 279 hashes in around 52 minutes.

As a result, unless an attacker can afford to rent massive amounts of computer power for an extended period of time, they will be unable to solve 24! at this time. However, as processors get more affordable and powerful, I believe that breaking the seed phrase will become more feasible in the future.

[aquaticde 48]

If you're considering shuffling your seed as a form of custom encryption, I strongly advise against it. It's far more likely that you'll forget about the order and lose the coins forever than that someone will discover your seed and take your coins.

Check the past two pages of this thread for more information; we've already discussed this topic at least once in the last few months.

[bevyde 31]

Trying to check the balance of estimated addresses would be the time-consuming aspect.

ASICs conduct calculations on an input, but they do not compare the results to a list. I don't believe that an ASIC that compares a calculated value to a list can be created. So, while someone might theoretically calculate all possible seed combinations, they would be impossible to compare this to a list of addresses that have ever received a transaction effectively.

[dehandkerchief 44]

I believe this will only become more important as the original Bitcoiners grow older, and some have already passed away (R.I.P. Hal - read something from him the other day again).

I'd also argue that if you're storing quantities that make sense to store in such a dangerous fashion as described here, you should just buy (and invest in) a few safes and distribute copies of the seed in various areas where you put those safes. Or, while you're at it, make it a multisig.

Pass would be the one tough item where I'd say: it's standardized, so you can use it, but make sure you leave the pass and the seed behind if something bad happens to you (memory loss, ...). However, you may argue its value in terms of increased security at that time (assuming it's written / stamped). So the highest amount of "cryptography added to a seed" that I feel safe suggesting is the standard pass feature.

[insidede 18]

You'd best make very certain that anybody you'd like to pass the money along to recalls this in the event of memory loss or some other calamity. However, it appears to be less difficult than a whole word scramble.
It will, however, be easy to crack. In a simple brute-force 'descrambling' script, this would almost certainly be the very first try, given that it is the first two (rather than 'two random') words (at least how I would code it)...

[getde 18]

You'd best make very certain that anybody you'd like to pass the money along to recalls this in the event of memory loss or some other calamity. However, it does. It's not a good idea to do this and rely on your shaky memory to remember everything without a written backup.
I'll give you an example of a password I use on a regular basis to gain access to a facility, and I thought I had it down pat.
I wasn't feeling well one day, and when I arrived at the building, my brain was frozen, and I couldn't recall the combination to open the door.

This is going to get worse for most people as they get older, even if they don't have significant illnesses like Alzheimer's, therefore I don't think BRAIN is a smart long-term hardware device for preserving secrets.

[babbled 52]

It's much better if you make a pass in addition to your 24 words.

Simply memorize the pass and keep the 24 words in the correct order.

Even if an attacker obtains your words, they will not have access to your password, therefore you are still safe.

However, if you rearrange the words, you'll most likely forget about it and lose all of your money with no need for an attacker.

[malk0n 48]

How would you know the words are jumbled, or that the words you have are a seed?

If someone is keeping their seed hidden in what they assume would be a safe spot, they are unlikely to name it or announce how much money is "in" the seed.

Attempting to (efficiently) brute force the seed with a given collection of words would not be a wise use of resources for an adversary.

[argolf 21]

I believe that most people simply want to learn more about it; the worst thing a person can do to a seed phrase is to rearrange the seed words.

That should just be for the sake of knowing; it's better to back up your seed phrase than to search for a secure method that could result in you losing your seed phrase and your coins.

Edited March 22, 2022 by argolf

[babbled 52]

I'd be more "intelligent."
If you truly want to accomplish it, I believe you should shuffle in such a way that you will acquire the correct seed.
That way, whoever intercepts it will have no idea what's wrong - the seed is correct (checksum is correct), but there are no coins.