2

That may sound like a silly question, but if I have created my keys using a passphrase in “brain wallet” at bitaddress.org, why do I need to record the private key, if I can recreate it at any time by using my downloaded version of bitaddress.org?

To be sure that I can do that safely, I need to know whether the algorithm to generate a private key from a passphrase with a downloaded copy of bitaddress.org is deterministic.

Peter
  • 421
  • 1
  • 3
  • 12
  • 1
    possible duplicate of [How safe is a brain wallet?](http://bitcoin.stackexchange.com/questions/8449/how-safe-is-a-brain-wallet) – Murch Feb 17 '14 at 10:07
  • 1
    NO DUPLICATE: The question above does not ask about the entropy of the brain wallet passphrase. The question asks whether it is safe only to retain the passphrase so that the private key can be re-created at a later date. – Peter Feb 17 '14 at 10:40
  • Alright, I retracted my close vote. However, I am still not quite sure I understand your intent: Is your question *"Is the algorithm to generate a private key with bitaddress.org deterministic?"* i.e. does it always give the same result for the same input? Or is it *"Is there only one way to generate private keys from a passphrase?"*, i.e. can I use any tool to re-generate the private-key and don't have to retain a copy of Bitaddress.org? – Murch Feb 17 '14 at 10:49
  • 1
    Let me explain. I use dice to create a 160 bit passphrase. I enter the 62 digits into my offline copy of bitaddress.org “brain wallet” and get my keys, which I copy onto a sheet of paper. My question is this: why can’t I just keep my passphrase and not bother recording the keys, as I can always create these electronically with my passphrase and bitaddress.org when I want them? – Peter Feb 17 '14 at 11:00
  • Thanks. Perhaps you should replace the last sentence of your question with something along the lines of `"Is the algorithm to generate a private key from a passphrase with bitaddress.org deterministic?"`, as it seems that is what you wanted to ask. I'd say that your approach is viable, if a) you make sure that a copy of bitaddress.org remains available to you, and b) the algorithm used by bitaddress.org is in fact deterministic, which I don't know for sure. – Murch Feb 17 '14 at 11:05
  • I am not sure whether the algorithm used by bitaddress.org is deterministic or not, which is why I won't rely on merely noting down the passphrase. But if it were, it would make working with paper wallets much simpler, hence my (even if badly worded) question – Peter Feb 17 '14 at 11:12
  • Well, you can always edit your question to improve it, and I think the phrasing I suggested would help convey your underlying intent. – Then we might find out for sure. ;) You might also add the tag "bitaddress.org" which is very appropriate in this case. – I mean of course I can edit it, but I'd rather "teach the man to fish than give him a fish." ;) – Murch Feb 17 '14 at 11:19

2 Answers2

2

To answer your question: bitaddress.org uses the SHA-256 hash of the password you provided as the private key. Therefore, you can always derive that private key from your password. If you can write a few lines of code, you can test this yourself (I just did).

However, if you generated your passphrase using dice then you are unlikely to memorize it. Therefore, it's not really a brain wallet. The SHA-256 step is really unnecessary, you might as well use the numbers from the dice rolls as a private key (you'd have to convert it to binary, encode it as 32 bytes and then convert it into the wallet import format).

The only reason to do what you just did is if you don't trust the random number generator in your browser. Now that you have a private key, you might as well write that down and forget the input to the SHA-256 hash.

Diego Basch
  • 336
  • 1
  • 5
0

You can tell if the address is deterministic - you can create a "second" private key with the same password. If the algorithm is deterministic, you will get the same answer!

Beware, however, that if they change their algorithm, or if the website disappears, and you don't have your private key, your bitcoin are gone forever!

I would not take the risk.

AMADANON Inc.
  • 410
  • 2
  • 7
  • Unless you already have a copy downloaded and safe for that purpose. – Murch Feb 17 '14 at 22:12
  • I specifically put in "and you dont have your key". – AMADANON Inc. Feb 18 '14 at 00:38
  • Sorry, I should have been clearer. I meant a copy of the bitaddress.org website. – Murch Feb 18 '14 at 00:48
  • Ah I see what you mean :) – AMADANON Inc. Feb 18 '14 at 01:05
  • Yes, there clearly is a risk as you would have to guard both your passphrase AND your downloaded version of bitaddress.org. I withdraw the suggestion. (My earlier thinking was that it would be easier, and just as effective, to write down the passphrase which you already had rather than relying on copying down the private key which appears on screen.) – Peter Feb 18 '14 at 15:54