Can You Recover a Wallet with 6 or 8 Known Words?

Recovering a cryptocurrency wallet when only part of the 12-word mnemonic phrase is known is a daunting challenge. The mnemonic, based on the BIP-39 standard, is a cornerstone of wallet security, designed to be nearly impossible to brute-force. Let’s explore why brute-forcing a mnemonic is plausible when 8 words are known but practically impossible when only 6 words are known.

---

The Basics of BIP-39 Mnemonics

• Wordlist: The BIP-39 standard uses a fixed list of 2048 unique words.
• Phrase Structure: A typical mnemonic phrase has 12 words.
• Checksum: The last word encodes a checksum that validates the entire phrase, slightly reducing the total number of valid combinations.

Each word is critical. Missing words exponentially increase the difficulty of brute-forcing the phrase.

---

8 Known Words: Feasible with Enough Power

If you know 8 out of 12 words, there are 4 unknown words to brute-force. Each unknown word can be one of 2048 words. The total number of possible combinations is: 20484=244≈1.1 trillion. $$ 2048^4 = 2^{44} \approx 1.1 \, \text{trillion} $$.

This might sound like an enormous number, but it’s within the range of modern computational power. Let’s break it down:

• Assume: A powerful machine can check 1 million combinations per second.
• Calculation: Time (in seconds)=244106=1.1×1012÷106≈1.1×106 seconds.$$ \text{Time (in seconds)} = \frac{2^{44}}{10^6} = 1.1 \times 10^{12} \div 10^6 \approx 1.1 \times 10^6 \, \text{seconds}.$$ This equals roughly 4.88 hours.

With sufficient computing resources, brute-forcing 4 unknown words is feasible.

---

6 Known Words: Virtually Impossible

If you know 6 out of 12 words, there are 6 unknown words to brute-force. Each of these 6 words has 2048 possibilities, resulting in: $$ 20486=266≈73 quintillion.2048^6 = 2^{66} \approx 73 \, \text{quintillion} $$.

Now, let’s examine the brute-force feasibility:

• Assume: The same powerful machine can check 1 million combinations per second.
• Calculation: Time (in seconds)=266106=73×1018÷106=73×1012 seconds.$$ \text{Time (in seconds)} = \frac{2^{66}}{10^6} = 73 \times 10^{18} \div 10^6 = 73 \times 10^{12} \, \text{seconds}. $$ This equals approximately 2.31 million years.

Even with the most advanced technology, brute-forcing 6 unknown words is entirely unrealistic.

---

Why the Difference?

The reason for this dramatic difference lies in the exponential nature of the problem. Each additional unknown word multiplies the search space by 2048, making brute-forcing exponentially harder. Here’s a quick comparison:

Known Words	Unknown Words	Total Combinations	Feasibility at 1M checks/sec
8	4	$$ 2442^{44} (~1.1 trillion) $$	~4.88 hours
6	6	$$ 2662^{66} (~73 quintillion) $$	~2.31 million years

---

Conclusion

If you know 8 words of your 12-word mnemonic, there’s a slim chance of brute-forcing the remaining 4 words with the right computational resources. However, if you only know 6 words, the search space becomes so vast that brute-forcing is practically impossible—even for the most advanced computers.

The takeaway? Keep your mnemonic phrase safe and secure. Losing even a portion of it could make recovery infeasible.

https://medium.com/@johncantrell97/how-i-checked-over-1-trillion-mnemonics-in-30-hours-to-win-a-bitcoin-635fe051a752

https://github.com/bitcoin/bips/blob/master/bip-0039/english.txt