What is the seeds in creating account or finding the account in solana, and could the seeds be anything or be specific?

Question

My questions here are:

1. what the seed is?
2. Why need seed?
3. Is the seed input randomly or specific?

For examples:

1. The first parameter is seeds for function findProgramAddress

const [_pda, _nonce] = await PublicKey.findProgramAddress(
  [Buffer.from(anchor.utils.bytes.utf8.encode("escrow"))],
  program.programId
)

2. The second parameter is a seed for function createWithSeed?

const GREETING_SEED = 'hello';
const greetedPubkey = await PublicKey.createWithSeed(
  payer.publicKey,
  GREETING_SEED,
  programId,
);

Answer 1

When creating a program-derived address for a Solana on-chain program, the function Pubkey::create_program_address simply hashes together the seeds with the program's address to create some new 32-byte address. This 32-byte address, however, may be a point on the ed25519 curve, which means that there is a private key associated with it. This means that an attacker could really sign for your program-derived address, breaking the safety of the Solana programming model.

To get around this attack, Pubkey::create_program_address will fail if the resulting value is a valid point on the ed25519 curve. So, to make things easier for developers, Pubkey::find_program_address will iteratively call Pubkey::create_program_address until it finds a safe address for the given seeds and program id. The first return value is that safe address, and the second return value is the additional seed used to create the program address.

Here are some additional resources:

• all information about program-derived addresses https://docs.solana.com/developing/programming-model/calling-between-programs#private-keys-for-program-addresses
• full example of how to use find_program_address at https://docs.solana.com/developing/programming-model/calling-between-programs#using-program-addresses