2

Say I have two MetaMask accounts generated from the same seed phrase. If I accidentally expose one account's private key, could an attacker reconstruct the wallet's seed phrase and therefore the other account's private key?

I've seen this question asked in terms of a user recovering one account's funds when all they have is the second account's private key. While the answer should theoretically be the same, I want to be clear that I'm talking about an arbitrarily sophisticated and motivated attacker. Whitfield Diffie's cryptography, Inigo Montoya's thirst for vengeance.

davidfloyd91
  • 143
  • 4

1 Answers1

4

TL;DR never disclose your private key or your seed.

There's almost no chances to revert seed from a private key but it's not mathematically impossible.

Indeed your seed is probably a bip32 word list seed and the derivation path of your private key is probably one of the first (account 0) see Can someone explain the meaning of derivation path in wallet in plain English (such as m/44'/60'/0'/0)? It can be possible to brute force the word list combinations (but honestly so many combinations that it would take more than your lifetime) to find the 12 or 24 word list that once derived with path 44'/60'/0'/0 provides the private key. Then there's far more chances to find the other keys by just trying all the derivation paths. I don't say it's technically possible but it's theoretically not impossible.

So for safety, consider never showing any private keys. Never show your seed or even a part of it.

Also if you start with showing some you will inevitably get confused at some point make a mistake and disclose the wrong important one (you know when in a hurry at 3am after some party).

Nicolas Massart
  • 6,783
  • 2
  • 29
  • 63