The total number seed phrases are 1,329,227,995,784,920,000,000,000,000,000,000,000 – if I right counted – 12 words.
Yes is very much, as seems.
But let's regard – there is a thief and he wants to steal money from anybody.
I focus accent on the words from ANYBODY.
I.e. thief's target is to find the first address with money.
And that large number doesn't seem so much.
Also bad that the dictionary base is opened to everyone.
A thief can use a brute-force attack and get the first address with money.
And if we understand seed phrase include many addresses, that make the task for thief easier.
I understand the 13 or 25 words, it's created by me, and they are known by no one. It means that security is more, more, more better.
Anybody can say what number of seed phrases are used now?
Do developers of the network think about what happens later?
And need whether to think about this problem at all. Can be I see this problem in the dark.
Best Answer
No. :-)
The word list contains 2048 different words. This means there are a total of 204812 12-word phrases, which is:
54,445,178,707,350,154,154,139,93,718,908,291,383,296
This is equivalent to 2132, meaning 132 bits of security.
Some of these bits are not valid - equating to certain invalid 12-word combinations - so the security is actually 2128, which is 128 bits.
So...:
About 128 bits for 12 words and 256 bits for 24 words. 256 bits is the same level of security as the secp256k1 ECDSA algorithm which Ethereum and Bitcoin use to create private/public key pairs.
So if you're worried about mnemonic security, you'll also need to worry about all 256-bit elliptic curves.
This is a good thing. It means you can generate your own seed phrase, rather than relying on a piece of opaque, 3rd-party software.
You can check how many addresses have been used, but you can't know how many seed phrases or private keys have been generated. (People could generate them and not use them.)