Randomness and recovery seed

Modified on Thu, 24 Dec 2020 at 01:02 PM

  • The encryption level of a seed depends on the quality of the randomness used to generate it. Humans are very bad at generating randomness. 


  • In order to generate uniform entropy, hardware wallets use built in Random Number Generators. To add another layer of unpredictability, some manufacturers combine it with an additional external source of entropy coming from the connected computer.


  • Whether it comes from RNGs or computers, it is the size of the pool from which random numbers are drawn that matters. The best pools are physical measurements such as sound, electrical noise, light variations, quantum movements, etc…


  • The encryption level of a seed is always limited by the entropy of the initial randomness. If the initial entropy is 128bits, the seed encryption cannot be higher, even if the seed is 256 bits long (= 24 words in BIP39).


  • In general, a 128 bits encryption is considered very strong.

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article