Starting with "Chasing Shadows": The 2048 Words That Determine Trillions in Crypto Assets

Author: Tyler

Recently, I watched Jackie Chan's critically acclaimed new film "The Foreboding Shadow," and there was an interesting plot point—over 10 billion Hong Kong dollars worth of crypto assets locked in a wallet with a 12-word mnemonic phrase, with only the last word unknown.

After watching, I tried it out and found that the 10th and 12th words were not in the standard mnemonic word list. Clearly, the screenwriter wrote it this way on purpose to prevent anyone from recreating the wallet for scams, as similar scams on the blockchain are not uncommon:

Scammers will deliberately leak a wallet address with a "balance" (typically on the Tron chain, using the Owner mechanism), luring people to transfer Gas, waiting for their prey; once the funds are transferred, they can never be retrieved.

But an interesting point here is that the movie says only the last word is unknown. In the real world, however, mnemonics follow the BIP39 standard, which consists of only 2048 words. This means that brute-forcing the last word would yield at most 2048 possibilities. If we narrow it down further, for example, if the first letters are known to be "es," the possibilities decrease even more, and it could be tested in a minute.

However, a more worthwhile question beyond the movie is: What is the relationship between mnemonics, private keys, and public keys? Why does losing the mnemonic mean losing all assets?

1. Mnemonic: Private Key: Public Key/Address = "Keychain": "Key": "House Number"

A mnemonic is a backup method that follows the BIP39 standard, randomly selected and combined from a vocabulary of 2048 English words to form 12, 18, or 24 words.

This set of mnemonics, processed through the PBKDF2 algorithm, generates a seed, which then derives a series of private keys according to path standards like BIP32/BIP44, corresponding to a series of public keys/addresses.

A set of mnemonics → generates a series of private keys → generates a series of public keys → corresponds to a series of addresses

In other words:

• Mnemonic = Keychain, which often has a one-to-many relationship with private keys; theoretically, a set of mnemonics can derive thousands of private keys;
• Private Key = Key, each private key corresponds to the usage rights of one address;
• Public Key/Address = House Number, which can be public; others can use it to transfer funds to you;

So, you can think of the mnemonic as your "keychain," and each private key as one of the keys that can open a door, used to sign and prove your control over a certain wallet address—when you initiate a transaction, you sign it with the private key, telling the entire network: "This transfer is authorized by me."

2. Can I choose my own mnemonics?

Some friends might wonder: Can I come up with my own 12 words? For example, my birthday, favorite English words, or idol names, to make it more personalized.

The answer is: Yes, but it's extremely dangerous.

Because computer-generated random numbers are truly random, while humans tend to choose words with patterns (common words, habitual words, order preferences), which significantly reduces the search space, making your mnemonic easier to guess.

There have been security incidents involving "pseudo-random wallets," where some wallets used pseudo-random algorithms to generate mnemonics, resulting in insufficient entropy, allowing hackers to brute-force and crack them—in 2015, the hacker group Blockchain Bandit systematically searched for weak private keys using faulty random number generators and code vulnerabilities, successfully scanning over 700,000 vulnerable wallet addresses and stealing more than 50,000 ETH.

Of course, some geeks use dice (ensuring the dice are fair) to roll random numbers and map them to the BIP39 word list, which is considered manually secure, but for most people, it's unnecessary to complicate things, as it can lead to mistakes.

3. Can I brute-force the wallets of V God or other whales?

I once fantasized about this, imagining one day generating a wallet address, only to find it contained millions of ETH, instantly achieving financial freedom by robbing a certain whale.

I must say, just thinking about it is quite tempting. But the reality is: the probability is almost zero.

Why? Because the number of possible combinations for mnemonics is already exaggerated beyond human imagination:

• 12 words: Effective combinations are about 2¹²⁸ ≈ 3.4 × 10³⁸
• 24 words: Effective combinations are about 2²⁵⁶ ≈ 1.16 × 10⁷⁷

What does this scale mean?

We all know that there are countless grains of sand on Earth, but scientists have estimated an approximate value; assuming all the beaches and deserts on Earth combined, the total number of grains of sand is about 7.5×10¹⁸, which also means:

• The effective combinations of 12 words are equivalent to 4.5 × 10¹⁹ times the total number of grains of sand on Earth.
• The effective combinations of 24 words are even 1.5 × 10⁵⁸ times the total number of grains of sand on Earth.

In other words, it's like every grain of sand on Earth has become a "new Earth," and each new Earth has beaches and sand, and you have to randomly find the one grain you marked among all this sand in one go.

This far exceeds the scale that humans can imagine.

Therefore, the probability of brute-forcing a wallet is not "extremely low," but under known physics and computational capabilities, it is equivalent to zero. Trying to get rich by "brute-forcing" is less likely than winning the lottery, where the odds are much higher.

Returning to the movie's premise: If someone really is just one word short of a mnemonic, it is indeed possible to try brute-forcing.

Finally, here are a few security tips regarding wallets/mnemonics/private keys:

1. Prefer using non-custodial wallets that have been tested over time and market, with open-source code audits, such as MetaMask, Trust Wallet, SafePal, etc.; if possible, use hardware wallets directly.
2. Never screenshot, store in cloud drives, copy and paste, or share your mnemonics and private keys with others.
3. It's best to write them down on paper (consider using a stainless steel mnemonic board, which is moisture-proof, fireproof, and corrosion-resistant), keep them in a safe place, and back them up in 2-3 locations.
4. Public keys/addresses can be safely shared; they are your house number, but be cautious of phishing links.
5. It's advisable to manage wallets on clean devices and avoid installing unknown plugins or apps.
6. Remember this: Anyone asking you for your mnemonic is 100% a scammer.