To recap, a sido or mnemonic phrase is a secret combination used to restore access to a cryptocurrency wallet. It can consist of 12, 18 or 24 words, which directly affects the security of assets.

The presence of a Sid-phrase means full control over the cryptocurrency wallet by its owner. For example, this unique combination is displayed when creating an account in the familiar Phantom wallet.


At the same time, cryptocurrency exchanges, centralized wallets and other similar platforms do not disclose the sears to their users, because the assets on the exchange are controlled by the company’s employees. This means that users have to wait for permission from the platform’s representatives in order to conduct any transaction, such as withdrawing coins to a third-party wallet.

Each sido is unique, and its loss or accidental disclosure means a loss of crypto-assets. Still, regaining access to the wallet by entering a sido in the app interface is easy.

How to hack a crypto wallet?

Wicked tweeted out a photo of twelve words on a sheet of paper, arranged in a circle in random order. If you enter the words in the wrong order, access to the wallet won’t open. On that basis, the author of the riddle himself noted that there are a total of about 9 trillion ways to enter the sid-phrase he presented, Cointelegraph reported.

The prize for the solver of the combination is 100 thousand satoshi, that is 0.001 BTC or about $30 in the wallet. The winner received the sum 25 minutes after the publishing of the Sid-phrase. In this case, Andrew Frazier used the BTCrecover software that can be found on GitHub. It is a software program that is designed to recover the secret combination from known words.

???? MORE INTERESTING STUFF CAN BE FOUND AT US AT YANDEX.ZEN!

In an interview with journalists, Fraser commented on his actions that helped him achieve the result.

My gaming video card was able to determine the correct cid-phrase order in about 25 minutes. Although a more powerful system would have done it much faster.

He noted that anyone with a basic knowledge of executing Python scripts, using the Windows command shell and understanding the Bitcoin protocol could have repeated the same thing. At the same time, Fraser is fully confident in the safety of the cid-phrase itself, when the fraudster does not know at least a few words from its set.

At the same time, the expert stressed the extreme safety of the 24-word Sid-phrases.

Even if an attacker knows all 24 words of your sid-phrase without the correct sequence, he has no chance to access your crypto-wallet.

As a reminder, 24-word sid-phrases are used in the Ledger hardware wallets we are already familiar with. We talked more about setting up such a device and sending crypto-assets to it in this piece.

Fraser also explained the difference in security between the two types of sido phrases with calculations. A 12-word combination has approximately 128 bits of entropy, while a 24-word phrase reaches 256 bits of entropy. When an attacker knows the unordered words of a shorter phrase, there are only about half a billion possible combinations of input, which is relatively easy to check with a decent GPU. But a cid phrase of 24 words has about 6.24^24 possible combinations – and that’s a lot of zeros. And a very low probability of being hacked as well.

This is all an important reminder to make sure that the passphrases are never published or broadcast over the Internet. This means that secret combinations should not be stored in a password manager or cloud storage, and definitely should not be typed into your phone. It is especially important to avoid creating screenshots when displaying the mnemonic phrase while setting up the mobile wallet. Hacking into iCloud or another such mishap could end up losing money.

Fraser also stressed the importance of keeping the cid phrases secret and using the control secret combination, which functions as part of the key to unlock the wallet. As for the 100,000 satoshi that Fraser took home, he spent it that evening on dinner - chicken marsala.


This story clearly demonstrates that cryptocurrency investors should not be primarily concerned about the exchange rates of coins, but the safety of their Sid-phrase. If the latter ends up in the wrong hands, then an attacker can very quickly send crypto-assets to their wallets, after which there is no way to get to them anymore. Accordingly, every holder of a considerable amount of coins on private non-custodial wallets should think carefully about where to store the most important combination. As the experts point out, ideally it should not be in the same location as the hardware wallet.