How many bits of entropy does this use? #95
-
|
Love the tool! How many bits of entropy does this use and where can I find that in the code? As we know Profanity addresses have been hacked because that gen only used 32 bits of entropy. Thanks. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
In normal usage, the seed size is defined by the SEED_LEN macro, which is 32 bytes/256 bits by default (the full private key size of ed25519). The seeds are randomly generated using libsodium, but the actual entropy of the seed will depend on the source of the random data (see https://libsodium.gitbook.io/doc/generating_random_data). Given that these functions are designed for cryptographic applications, they should have a reasonably high entropy. If you use the passphrase option, your generated keys will only be as strong as the passphrase you use (and never a higher entropy than SEED_LEN). If a weak passphrase is used, it could be feasible to brute-force the key pair for a vanity address generated with mkp224o. |
Beta Was this translation helpful? Give feedback.
-
|
Perfect, thanks! Very interesting about the passphrase option, I wasn't aware of that. |
Beta Was this translation helpful? Give feedback.
In normal usage, the seed size is defined by the SEED_LEN macro, which is 32 bytes/256 bits by default (the full private key size of ed25519). The seeds are randomly generated using libsodium, but the actual entropy of the seed will depend on the source of the random data (see https://libsodium.gitbook.io/doc/generating_random_data). Given that these functions are designed for cryptographic applications, they should have a reasonably high entropy.
If you use the passphrase option, your generated keys will only be as strong as the passphrase you use (and never a higher entropy than SEED_LEN). If a weak passphrase is used, it could be feasible to brute-force the key pair for a vanity addres…