A bitcoin wallet key is (usually) a 256-bit number. That means there are 2^256 possibilities, or more than 10^(77).

Even if you could attempt 100 trillion keys every second, it would still take 10^55 years to attempt them all. By current estimates, the universe is only 1.3x10^10 years old.

You’re right that guessing any wallet key is a lot easier than guessing a particular one… which is why crypto keys are really really long. An Ethereum private key is 64 hexadecimal characters, which is 256 bits of data. That means the total space of possible private keys is 2^256 which is 77 digits long when written out. Even if there are billions of valid crypto wallets in existence, the possibility that you will randomly guess any one of them is extraordinarily small.

You could guess ten thousand private keys a second for 100 years and you’d still have less than a 0.0000000000000000000000000000000000000000000000000000000000000000000000000000001% chance of guessing a single valid key

Assuming optimal conditions, an unheard-of powerful supercomputer, and infinite patience, it would likely only take you a few hundred million years to crack a single password. You need to understand, this is a 256 bit password with significant hashing to boot. That's more possible passwords than people have accounts. that's more passwords than *atoms in the observable universe.* **MOST** passwords are not used, and will never BE used. "Millions" is a tiny amount compared to a number that can only usefully be expressed in scientific notation.

To put it is perspective, 1 million is 1000000

A 256 bit password is 2\^256, or 1.15 \*10 \^77, or 11500000000000000000000000000000000000000000000000000000000000000000000000000

The fundamental real issue in both situations is time. Whether you’re trying to find the key to a single wallet, or to find any key to any wallet, you have to compute a given number of wallet-key pairs. It doesn’t matter if it’s against one wallet or every wallet, the amount of time to check each combination is roughly the same. If you wanted to try to break into one of a million wallets it would take as much time to compare one key to those million wallets as it would to compare a million keys to one wallet. Your odds of finding a match within a reasonable timeframe would be roughly the same for either situation.

Brute forcing a 1 word secret phrase from a 2048 word list: each guess has a 1 in 2048, or less than 0.05% chance of being correct.

Brute forcing a 2 word secret phrase from a 2048 word list: each guess has a 1 in 2048², or 0.0000238% chance of being correct.

Brute forcing a 3 word secret phrase from a 2048 word list: each guess has a 1 in 2048³, or 0.0000000116% chance of being correct.

Brute forcing a 4 word secret phrase from a 2048 word list: each guess has a 1 in 2048⁴, or 0.00000000000568% chance of being correct.

Brute forcing a 5 word secret phrase from a 2048 word list: each guess has a 1 in 2048⁵, or 0.00000000000000278% chance of being correct.

Brute forcing a 12 word secret phrase from a 2048 word list: each guess has a 1 in 2048¹², or 0.0000000000000000000000000000000000000184% chance of being correct. If you could make a trillion guesses per second on each of a trillion computers, it would take the lifetime of the universe so far to have a decent shot at it.

Brute forcing a 24 word secret phrase from a 2048 word list: each guess has a 1 in 2048²⁴ chance of being correct. It would take 2048¹² as many computers, or 2048¹² universes, as the 12 word secret, to brute force it.

So I think the key fallacy here is:

>but to guess the keys to "any" random wallet must have a good chance


Guessing 1 million seeds for a single wallet


is exactly the same computing power and time as


Guessing 1 seed and testing it on 1 million wallets


Sure, it is possible that the first seed you guess is in fact a seed of a current wallet. However, you now have to find the wallet.

Ultimately, even if you could gain some efficiency, you have now given up on trying to find the key to a wallet that you know has at least $X worth of crypto, and you could end up finding the key to a random wallet with no crypto.

Using brute force to guess the password on a zipped file I inherited was going to take over 3400 years via the CPU and that was just using a 12 character long string. Most new encryption is 256 to 1024. Good luck.

Guessing the seed keys of a crypto wallet is like finding a needle in a haystack. The keys are made up of long strings of random numbers and letters, with so many possible combinations that it's nearly impossible to guess the right one. Even if someone had super-fast computers and lots of time, the chances of guessing the keys for a specific wallet are extremely low. It's like winning the lottery many times in a row.

There are millions of wallets, but each one has its own unique key. So, even if someone wanted to guess the keys for any random wallet, they would have to go through all the possible combinations for each individual wallet, which is still a very difficult task. On top of that, crypto wallets have extra layers of protection, like encryption, which make it even harder for someone to break in.

The ELI5 of it is that just having the seed to a random wallet isn't enough to gain access to that wallet.

You have to both have the seed and know what wallet it unlocks. You need both parts of the puzzle. Imagine you have the key to a safe deposit box, but the number of the actual box is worn off. Now imagine that you don't even know which branch of the bank in question hold the vault that has the box your key opens.

That's what it's like to have a random correct seed.

How would these numbers add up if a quantum computer with a decent number of qubits attempted this activity?

>specific wallet are nearly impossible but to guess the keys to "any" random wallet must have a good chance since there are millions of wallets

With 10^77 bitcoin keys, guessing a particular key is nearly the same likely hood as randomly guessing one of the millions of already used keys.

Even if there are 1,000,000,000 already used bitcoin addresses, that only takes 9 zeros off the equation. The chance of picking a used key is 10^9 / 10^77 which reduces to 1 / 10^68 chance. 1 over 100 is 0.01 or 1% chance. Now add 66 more zeros after the decimal. 0.000000000000000000000000000000000000000000000000000000000000000000001% chance of picking an already used address.

It's like if every star in the universe had 10 Earth's around it, and every grain of sand on every one of those Earth's was a Bitcoin key. Any particular grain of sand that you pick up would be a valid key that you could use, but an already used key is the equivalent a coffee cup full of sand spread across the universe.

Not just bits. With experience as a computer engineering, some bits are only used for positive/negative signed. We may break them soon with quantum computers but it’s not worth the time or money

Like the plot to Horizon Zero Dawn, with a group of super computers yes, but the human race will probably be extinct before they are done.

Would a Quantum computer be able to crack it? (If and when they become available)

It’s a bit of a complex topic. To my understanding, at a very high level quantum computers can’t really brute force passwords significantly faster (with Grover’s algorithm they can perform that in the square root of time, so a 256 bit symmetrical key would have 128 bits of strength - but that’s still a pretty strong key). However quantum computers can break asymmetric cryptographic algorithms like RSA and ECC (which most cryptocurrencies use) very quickly, without brute-forcing, using Shor’s algorithm.

There does not exist a computer with enough computational power or an efficient algorithm to brute force it in a reasonable amount of time.

Yes, theoretically if you were to have a near infinite amount of time, one could brute force any key. Assuming your computer and program remained running for the entire duration. But by the time that you would test every possible solution (technically not needed, as the chance that it’s the last solution tested is low,) you and everyone you knew would be dead.

As a key is 256 bits long, there exists 2^256 possible keys. You could quadruple the length of your family tree, and the odds of you having guessed the correct key would still be near 0.

As for just guessing a key that is valid for some wallet, even if it’s an unknown wallet. That would just be (number of valid keys) / 2^256. Whereas a valid key is defined to be a key that unlocks some wallet.



TLDR

It’s not a computer issue, it’s a time issue.

No idea how but quantum computers are theorized to be able to crack any code. No idea how far we are from that though....

>guess the keys to "any" random wallet must have a good chance since there are millions of wallets

I think you might be misunderstanding how random chance works. Just because there are more possible answers, doesn't mean the odds of guessing a single correct value change. It's really confusing, but whether there is one value you're looking for, or ten million, you have the same odds of brute forcing it to find one of the values you want.

In the case of 'seed keys' or what I think you really mean, the 'seed phrase,' you have 12, 24, or 48 words out of a possible 2048. This actually isn't very secure (look up the BIP39 standard) and is only equivalent to traditional 128-bit security. It's very possible with enough compute power to crack that with technology we have today.