Oct 24, 2023 | Updated Oct 24, 2023

The crypto world is full of technical terms, and when it comes to self-custody, things can get a little more complicated under the hood. You have likely heard of a secret recovery phrase, and maybe even private keys – but what about the entropy? 

Entropy is a term used in a whole range of industries, from planning, to finance, biology and even manufacturing. For example, in the world of information technology, it simply signifies the level of randomness within data.

However, when it comes to understanding how your secret recovery phrase works, the entropy refers to something a little different.

So what is it exactly and why does it matter? Let’s dive in, starting with its significance in crypto.

What is the Entropy in Crypto? 

The entropy is simply a very large random number created by crypto wallets that is represented (most frequently) by a secret recovery phrase.

You might have heard about a secret recovery phrase before. Simply, it’s the 12-24 word phrase you’re presented with when you first initiate a crypto wallet. It’s also known as a mnemonic, and it serves as a backup for every account ever created by that particular crypto wallet.

However, your secret recovery phrase doesn’t start out as words. It’s actually just a large random number, otherwise known as the entropy. 

Essentially the entropy contains exactly the same information as your secret recovery phrase,  but it’s presented in a different format—a less readable format. But how does that work exactly?

How Does The Entropy Work? 

The concept of the entropy was introduced with the publication of the BIP-39 standard in 2013. In short, this standard introduced a standardized way to translate this number into easy-to-write-down words. 

That’s because the entropy itself is very long; specifically 256 bits of information for a 24 word recovery phrase or 128 bits for a 12 word recovery phrase. This allows you to backup your wallet and generate new private keys for new accounts. However, backing up so many bits of information is impractical.

A secret recovery phrase, made up of 12-24 English words out of a fixed list of a possible 2048, is much easier to write down and look after. So that’s exactly what the BIP-39 standard does: it provides a way to literally translate the entropy into 12-24 words. 

Why is the Entropy Important? 

Seeing as they contain the same information but in different formats, your entropy must stay as private as your recovery phrase. To reiterate, anyone with access to your entropy can access your entire wallet! 

Just like your secret recovery phrase gives someone access to all of your private keys, and therefore to every account protected by that wallet, so does your entropy! Thus, making sure  your entropy is as random as possible and difficult to work out is imperative for security. 

You wouldn’t want someone to guess your entropy and gain access to your funds, right? Well that’s exactly why this number must be so difficult to guess. The idea is, it should be so random that it would be statistically impossible to guess the sequence or encounter the same combination twice.

If your entropy is easy to guess, hackers will take advantage of this and they may gain access to your funds. Thus, choosing a crypto wallet that keeps this in mind is extremely important.

Trust Wallet Hack: Why Randomness Matters 

A shining example of how your wallet generating the entropy is so important is the Trust Wallet hack. The Trust Wallet hack in 2022 was largely due to the predictability of how these wallets generated this number.

While iOS and Android versions of the wallet used a secure method for determining the entropy, the WebAssembly (Wasm) version did not. To be specific, the Wasm version generated it based on the “Mersenne Twister Algorithm”. Without getting too technical, this method is unsuitable for cryptographic purposes. It essentially created a bug which artificially reduced the amount of possible combinations from 256 bits of entropy down to 32. 

Unfortunately, this allowed attackers to rapidly guess all possible mnemonics, giving them access to any wallets created by WebAssembly users. Furthermore, Trust Wallet’s browser extension was also susceptible to this flaw, putting users at risk.

The Trust Wallet hack highlights the critical importance of robust entropy generation in securing cryptocurrency wallets. The exploit was not devastating in practice. Users lost just $170k in total. However, it’s easy to see how neglecting this mechanism could cause trouble. Luckily, Trust Wallet addressed the issue by reimbursing users who lost funds. And, of course, they also improved their method of generating the entropy for subsequent wallets. 

So now you know how important it is, let’s explore the correct way to approach the entropy!

How Ledger Devices Generate Your Entropy

With Ledger, you can be sure that your entropy is sufficiently secure. This is because Ledger uses a Random Number Generator that is both tested and certified by an external laboratory. In short, this random number generator makes sure that no computer or human could possibly work this long random number out.

If you want to know the technical details, the lab also ensures that Ledger wallets have the highest level certifications – EAL5+ and AIS-31.

A step-by-step process

Let’s break down how Ledger security model handles it:

• When you first set up your wallet, your entropy is generated by the True Random Number Generator. This happens inside the device’s Secure Element. The data is, in its most raw form, a long random number. 
• With the number generated, Ledger then uses BIP39 to translate your entropy into 24 out of a list of a possible 2048 English words. This sequence is your secret recovery phrase.
• The secret recovery phrase is then displayed on your trusted screen.    

You can rest assured knowing that Ledger generates the entropy in a secure and random enough method that it cannot be guessed. Because security is at the forefront of Ledger’s ethos: and what use is a crypto wallet that can’t keep you secure? For more information as to how Ledger approaches this, check out the full post on how Ledger guarantees randomness when generating secret recovery phrases.

The Entropy: At The Base of Your Secret Recovery Phrase

It’s clear to see how important it is that the words for your secret recovery phrase are random. If you were to choose your own words from the BIP39 word list, it wouldn’t be as secure as using the entropy. Without randomness, your secret recovery phrase would be more likely to be guessed through attacks. So your crypto wallet needs this random number in order to keep your crypto secure. But remember, it is up to you to keep your secret recovery phrase safe. A wallet can only help you as long as you are protecting its most precious secret: the secret recovery phrase. Never give your secret recovery phrase  to anyone. There is no reason for anyone but yourself to ever know your secret recovery phrase. Not even Ledger.