Du kannst diesen Artikel auch auf Deutsch lesen.
When you sign up for a new bank account, you will most likely be asked to verify your identity and provide personal information about yourself. Apart from other things we won’t get into, this enables the bank to uniquely identify you as a customer and make sure nobody else can open an account in your name or access your existing one.
With bitcoin wallets, things work a bit differently. Since there is no single point of authority in a decentralized network, users cannot “open” a wallet in the same way one would open a bank account. On the contrary: Bitcoin wallets can be created without any coordination or communication with anyone else, which raises an interesting question for many: How do wallets protect against accidentally creating an “already existing” wallet – or even doing so on purpose?
Top secret
A bitcoin wallet is essentially just a collection of private keys. With hardware wallets like the BitBox02, these private keys are generated, stored and managed in a very secure way while maintaining ease-of-use. Some wallet setups might be more complicated than others, with additional protections like passphrases or advanced strategies for wallet backups in use, but in the end they all safeguard only a small piece of information.
As with most other things, information can get stolen if not properly taken care of, compromising it forever once revealed. This is why protecting the information to access your wallet – the backup recovery words on paper, metal or a microSD card is so important.
Still, this doesn’t answer the question of how we can prevent the creation of “duplicate wallets” as described above. The simple answer to this question is that we actually can’t. In theory, you might become rich on accident when you create a new wallet on your BitBox02 (or any wallet for that matter)! Don’t get too excited, though, as we now explore the more thorough answer to this question.
Entropy
We already established that a bitcoin wallet simply stores information. Information can be represented or “encoded” in many ways. While the user of a bitcoin wallet might use recovery words from the BIP-39 wordlist as an encoding method, a hardware wallet will use a binary representation of zeroes and ones – because that’s how computers work.
Regardless of the encoding method used, the secret information behind a bitcoin wallet with 24 words is just a very large number, containing 256 consecutive ones and zeroes:
To measure the amount of information in a number like this, experts will often bring up the concept of “entropy”, which is just a fancy word to express how difficult it is to guess it – at least in the context of a bitcoin wallet.
For example, if you flip a coin four times in a row and note down the results, you will end up with four bits of entropy. Eventually, guessing the correct order of heads and tails is easy in this case, as there are only 16 possibilities in total. In other words: Creating a bitcoin wallet based on four coin flips is a very bad idea.
But now imagine flipping the same coin 256 times in a row, creating 256 bits of entropy. We can represent the resulting order of heads and tails as a large number like the one above and create a bitcoin wallet from it. Guessing this number by chance is far more difficult than in our previous example, because there are now 2256 possibilities instead of just 16 (or 24).
Note: If you really want to create a wallet yourself by “rolling your own seed”, please check out our blog post on the topic first, as there are important aspects to consider.
You might jump to the conclusion now, that 256 bits of entropy are not enough to create a secure bitcoin wallet. Modern computers can perform billions of operations per second (and growing), so surely someone will eventually guess a number that happens to lead to a big bitcoin stash, right?
Let’s draw some comparisons to illustrate how impossibly large these numbers actually are.
Across the universe and back
Comparing the difficulty of guessing a seed phrase with 24 words to real world examples is quite hard, because such real world examples simply don’t exist.gi The theoretical total amount of Bitcoin wallets, which sits around 2256, is more or less comparable to the amount of atoms in the observable universe. Our brains quickly struggle to process or even imagine the true magnitude of such a number, since the observable universe is already unfeasibly large by itself.
Playing along with this analogy, telling someone to take a guess at your recovery words would be comparable to someone taking a round-trip around the entire known universe and by chance picking the same atom you selected before them.
But what about using just 12 recovery words, which is common practice among other wallets and also an optional feature in the BitBoxApp? Although the random number behind wallets with 12 recovery words is a lot smaller (2128), it is still large enough from a security perspective and roughly comparable to 57 billion times the weight of planet earth in grams. Our traveler from above would have to pick the correct one-gram-piece of one of 57 billion earth like planets, which, even if not comparable to the entire universe, still sounds very unlikely.
Good randomness
As we learned in the previous sections, a bitcoin wallet can only be deemed secure if the random number which was used to create it has a high enough entropy.
Crucially, this does not automatically apply to every large number, because not every large number was created randomly. As an example, the number 2121212121… and so forth has a clear pattern to it. Everyone knowing this pattern can quickly apply it to any arbitrary length, which would make any wallet created like this insecure.
There have been numerous cases of hacked wallets in the past due to weak random number generators, which use reproducible or predictable patterns, kind of like the one above, resulting in numbers that aren’t truly random. Another example would be users themselves, who used weak and common passwords to create their wallets (also known as brain wallets).
For this reason and to increase redundancy even further, the BitBox02 draws the random number used to create wallets from several sources of entropy:
- a true random number generator on the secure chip
- a true random number generator on the microcontroller
- a static random number set during factory installation and unique to each
- host entropy provided by the app running on your computer
- a cryptographic hash of the device password
Combining different sources of entropy like this ensures that the user’s wallet remains secure, even in the unlikely event of one entropy source being compromised. As mentioned before, users who wish to create their own seed phrase can do so by following our guide and even use the BitBox02 to conveniently choose the last recovery word (containing a checksum).
Conclusion
Using large, random numbers to create wallets enables users to “open up a bitcoin account” without having to contact, trust or rely on anyone else. The large amount of theoretical wallets make it practically impossible for anyone to guess your seed phrase, not to mention “re-creating” your wallet by sheer accident.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in a Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease - along with its software companion, the BitBoxApp.