What’s the deal with brain wallets?
Crypto wallets come in so many different variations these days. The plethora of crypto wallets on the market can make a newcomer feel anxiety when trying to figure out which wallet to use first. Not only do users need to consider a wallet’s security standard, but also its functionality based on the user’s technological competence. Another factor which doesn’t really get a lot of measurement from is the design and form factor. Crypto wallets need to look savvy and look, but at the same time subtle.
There’s a lot of different factors when it comes to deciding on which wallet to use. But did you know a wallet can essentially not exist in the physical nor digital realm? But rather just in your memory?
Here comes the brain wallets. One of the oldest and least recommended wallet solutions anyone should ever use.
In this piece we’ll briefly educate you on what brain wallets are and why they are highly not recommended.
What are brain wallets?
Brain wallets are essentially a method where one stores their private keys in their memory. A user would literally have to memorize their private key at all times and never forget it. This might sound difficult considering private keys can take the length of 32 bytes or 256 bits. But actually some users can just memorize a 12 word mnemonic seed phrase, which is a lot shorter and more human readable.
Another easier method is for them to memorize some entropy needed to generate the raw private keys. It is with this entropy that can allow a user to memorize something shorter or more memorable.
So how does it work?
An entropy can be any length of characters. For example, it could be a short passphrase or password, similar to what you would use for a normal email login. This entropy phrase is then converted to a 32 byte string, if not already. The reason as to why it needs to be a 32 byte string is because all bitcoin private keys, including many other crypto private keys, start with a 32 byte length private key. This simplest way to convert your entropy phrase to 32 byte is to use the SHA256 hash function. This hash function will deterministically generate the same 32 byte string, which is equivalent to your raw private keys.
And then from your private keys, you can then generate the public keys, and subsequently your public address. This is all done on a computer, which could be disconnected from the internet. One only needs to have the necessary scripts and algorithms in generating your public address from the private key. So as long as you have memorized your entropy phrase, and as long as you can have access to certain tools on a computer to help generate your private key and public address, then you can fairly call that being able to have a controlled brain wallet at your disposal, with no trace of anyone knowing anything about it (unless they know telepathy).
Sounds super stealth and secure, what’s the risk?
1.Flat out forgetting it
Well the name itself presents its risk crystal clear. If something were to happen to you resulting in the loss of memory, cognitive ability, or even worse, loss of life, then you could expect your bitcoins to be gone forever too. Brain injuries can be a serious detriment in wanting to control a brain wallet. Aging for many people can lead to age-related memory changes and even Alzheimer’s disease, which is common amongst people.
As Bobby Lee has stated many times, “are memories are faillible”. Even the best of us can forget simple passwords to our online accounts. And for something that you aren’t going to use on a daily basis, the chance of forgetting what our brain wallet entropy phrase is, will exponentially increase.
2.It’s complicated and prone to mistakes
If you’re not competent to know what hashing functions and public key cryptography algorithms to use on your entropy phrase, then you should not be messing around with brain wallets. One needs to know the exact step-by-step process in converting an entropy phrase to a public address and on top of that, be aware of any changes to those open-source tools. If somehow you are not able to get a hold of that secret offline computer you reserved specifically for decrypting brain wallets, then you’re going to have to rely on another computer or other tools to extract your keys from your entropy phrase.
3.Brain wallet hackers are more common than you think
Being able to hack a private key would essentially be impossible with today’s technology. There are ²²⁵⁶ possible private keys available which is an astronomically humongous number. That is why there is no database checking to see if a certain private key has been used or not. The chances of creating a private key that has already been created is virtually zero.
But remember how the crux of a brain wallet is having a person memorize not a raw private key, but rather an entropy phrase? These phrases are very common to what people use for passwords on online accounts, therefore hackers can actually brute-force their way into stealing brain wallets. They are working with a smaller subset of combinations due to the fact that humans usually aren’t the best at coming up with true randomization. Usually passwords have some type of word and number combination which is actually quite easier to brute force than what most people expect.
So if hackers can brute force using certain common words and numbers combinations and run them through the same private key to public address process described earlier, through a try and test method eventually they can hit jackpot in some occasions. And they have already!
According to a report published by BitMEX Research, hackers are scanning Bitcoin’s network 24/7 in search of familiar and easy to crack passphrases. There have been many incidents online of users claiming that their supposedly super secret passphrase was cracked by a hacker. And you’d be surprised to see how hackers have been able to crack quotes from a book or even lyrics from a song as being an entropy passphrase for a private key holding bitcoins.
Even the below line from “A Tale of Two Cities” by Charles Dickens was sweeped up by hackers:
“It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of Light, it was the season of Darkness, it was the spring of hope, it was the winter of despair”
“The speed and nature of the redemption of the funds clearly indicates that people have servers up online 24/7 scanning the blockchain and their respective memory pool’s for weak brainwallets to hack. These servers are likely to have pre-generated many hundreds of thousands of Bitcoin addresses, using text from thousands of published works, music, books, academic papers, magazines, blogs, tweets and other media and then stored these in a database.”
Short conclusion, don’t use a brain wallet unless you know what you are doing. Rather, use a Ballet wallet. They were designed and engineered to do away with complicated technology but also to be stealth in crypto ownership. Ballet wallet’s unique stainless-steel, durable form makes it a lot easier to store an analog device for a long period of time. There also is no need to memorize anything as the private key entropy components are all protected under anti-tamper proof material on the wallet itself. And there is practically zero risk of hackers being able to steal your funds.
We hope you find this article informative!
Ballet is a U.S. company that provides simple and secure cryptocurrency storage solutions for the global mainstream market. Ballet is the team behind the world’s first multi-currency, non-electronic, physical crypto wallet. The company was founded in 2019 by Bobby Lee and an international team of cryptocurrency industry veterans. Ballet is headquartered in Las Vegas, Nevada in the United States, and has an office in Shanghai, China.
For more on our products please check us out at: https://www.ballet.com/
Interact with us on our other social media platforms: