1

This is an interesting question for me. The first question in my mind was, does "Yoroi" (for example) know my secret seed phrase when I create it? Is it stored somewhere in their servers?

Then I thought to myself, that would be outrageous, it should be generated randomly and only you can know it.

But then, I thought, how can Yoroi's "algorithm" (again using Yoroi for this example) create a seed phrase that is unique to a certain person without (I assume) knowing other seed phrases? (Since it cannot compare seed phrases because it doesn't know other people's seed phrases)

This applies also to other wallets when you create on their platform: Nami, Yoroi, ADALite, etc., etc. (Might be also applicable to other wallets like MetaMask, Phantom, or even Trezor and Ledger).

It's truly a very curious question. Thanks in advance!

Improve this question

1 Answer 1

Reset to default
2

The literal answer to your question is yes, the practical answer is no.

Key-derivation is an entirely offline process. CIP-3 talks about how it is currently implemented in cardano (used by all relevant software, including Yoroi, Nami, cardano-cli, etc). A 24-word mnemonic equates to 256 bits of entropy. If generated in a secure fashion, it would take all the computers in the world orders of magnitude longer than the age of the universe to sift through all the possibilities. Ditto for the chances of two identical keys being generated.

It is worth noting that generating your keys using naked Yoroi (no hardware wallet) is not considered secure. The above still applies, but the seed is stored on your computer, and is thus much more likely to be stolen than guessed.

If you'd like to learn more about cardano key-derivation, I recommend the following video by Andrew Westberg: https://www.youtube.com/watch?v=4tSQBK75CPU

It also couldn't hurt to go through BIP-32 and BIP-44 :)

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.