Is it possible to hack or guess someone’s seed phrase?

In the era of rapidly developing quantum computing, some folks in the crypto community are wondering how significant this threat of quantum supremacy is for cryptography. Vitalik Buterin often mentions Gnosys Safe Multisig in his speeches as one of the most reliable solutions for storing crypto assets.

Despite the proven security of wallets that use a 12- or 24-word phrase, there are other more reliable solutions, especially for storing significant capital. We’ll discuss these solutions later, but for now, let’s focus on the basics and reliability of a 12-word seed phrase.

There is the well-known BIP39 standard, which uses a list of 2048 words which are used to cryptographically generate a public key and encrypt the private key.

The mathematics behind the possible combinations for both 12 and 24 words is well-established. And there are Gnosys Safe or Flare multisig wallets, smart contracts with multi-signatures that are resistant to any quantum powers, mathematical accidents, or even the slightest chance of compromise. They are time-tested, open source, and used for cold storage by large crypto exchanges, funds, DEXs, and other advanced users in the industry.

Returning to seed phrases, I’d like to immediately point out that the chance of guessing one exists, but it is incredibly tiny. To put it in perspective, the random selection of a valid phrase is comparable to winning the US National Lottery four times in a row. This is because, to successfully gain access to a wallet, you must know not only the exact words and their correct order, but also the checksum, which is embedded within the final word (either the 12th or the 24th).

.

For phrases of 12 words, the maximum possible number of combinations is (2048^11)(2048/(11-4)), resulting in: 777 788 267 247 859 345 059 141 959 844 041 626 185! 

For 24 words, respectively: (2048^23)(2048/(23-8)) and
1976 184 989 650 196 401 895 611 477 481 606 960 695 807 738 293 598 959 606 742 767 067 068 384 079 188 241!

These figures represent immense numbers, making the system highly reliable from the perspective of mathematics and probability theory. As a side note, the probability of being struck and killed by lightning is statistically higher than the chance of successfully guessing your mnemonic phrase. For those interested, there are other interesting statistical comparisons in this regard floating around the Internet.

To summarize, while it is theoretically possible to guess your wallet’s phrase, in practice, it remains highly improbable.

For those interested in multi-signature smart contract wallets, we recommend familiarizing yourself with tools like Gnosis Safe or Flare multisig. Both utilize the same reliable and audited open-source code that has long been known to the entire crypto community, making them excellent for 100% secure storage of your crypto assets.