7

As I understand for BIP32. There are 2048 words.

12 words would give you 2048^12 combinations. However, not all combinations are valid because of the checksum, so how do i calculate the actual space?

Kyle Graham
  • 662
  • 8
  • 23

1 Answers1

7

BIP 32 is not a mnemonic specification, so it has 0 possible combinations.

I assume you are talking about BIP 39. In that case there are are 2048^12 combinations for 12 word mnemonics, 2048^18 for 18 word mnemonics, and 2048^24 for 24 word mnemonics. However BIP 39 currently supports 8 languages, so there are (2048^12 + 2048^18 + 2048^24)*8 possible combinations.

The checksum doesn't matter because BIP 39 does not specify that the checksum must be enforced. The checksum can be invalid, and all that BIP 39 compliant software should do is show a warning.

JohnAllen
  • 103
  • 4
Andrew Chow
  • 67,209
  • 5
  • 76
  • 149
  • Thank you for the response. I understand that there are 2048^12 combinations. Is there a way to know what combinations are invalid out of that space according to the checksum? Thanks for the correction on the BIP. – Kyle Graham Mar 03 '18 at 16:19
  • For a 12 word mnemonic, there are `2048^11*2048^(11-4)` valid combinations, for 18 it's `2048^11*2048^(11-6)` and for 24 it's `2048^11*2048^(11-8)` – Andrew Chow Mar 03 '18 at 16:35
  • I'm not sure I follow. Is the 12 word mnemonic just for one language? – Kyle Graham Mar 03 '18 at 16:40
  • Yes. All are for one language. Multiply by 8 for all combinations with all current BIP 39 wordlists. – Andrew Chow Mar 03 '18 at 16:44
  • So all possible combinations for 12 words is 2048^12 and for just valid words it is 2048^11*2048^(11-4) which is equal to 2048^18 , I think I am missing something as there seems to be more valid combinations than there are combinations – Kyle Graham Mar 03 '18 at 17:03
  • 1
    Ahh, whoops. I typed that wrong. It's `2048^11*2048/(11-4)`. Same pattern for other mnemonic lengths. – Andrew Chow Mar 03 '18 at 17:12
  • Ahh that makes sense to me now, thank you for writing back and I saw someone with the same name as yours make a interesting proposal for partial signatures. Thanks again for the formula 2048^11 / 2048^(11-4) – Kyle Graham Mar 03 '18 at 17:57
  • @AndrewChow does BIP39 allow duplicate words in the mnemonic? I thought not so isn't it 2048*2047*2046..... (then *8 for the diff languages). – JoelAZ Jan 12 '22 at 01:39
  • 1
    @JoelAZ Duplicate words are allowed. Mnemonics are not generated by randomly choosing words, they are generated by choosing a large random number, splitting up the data into chunks, converting each chunk to a number, and looking up the word that corresponds. It is possible for multiple chunks to be the same value. Otherwise the seed would not be uniformly random and would reduce the search space necessary for brute forcing seeds. – Andrew Chow Jan 12 '22 at 01:46
  • Thank you Andrew. Came to edit my answer (too late) that 3rd time searching I did find my answer and you are correct, dupes are permissible. Guess my google-foo is slipping. – JoelAZ Jan 12 '22 at 01:48