7

The wallet creation with monero-wallet-cli results in a seemingly random mnemonic seeds and wallet address. Since the result of any computer program is deterministic and thus relies on an external random state to create true randomness - what mechanism creates the entropy for Moneros wallet creation algorithm?

Imagine I set up two computer systems with identical hardware (lets assume I can do this, ie. that there is a fabrication line that is able to produce identical parts). Lets assume further that these machines share one connection to the outside world, ie. input devices and power cables. I shall start them at the same time (in a relativistic sense, that is their CPU clocks are running synchronously). Will the wallet creation on these two systems result in the same wallet?

lux
  • 259
  • 2
  • 5

1 Answers1

7

Monero uses a Keccak based PRNG. I believe this is one that was proposed by the team behind Keccak, though I am not 100% certain. The seeding is done from /dev/urandom (or, for Windows, some Windows specific API). There is no reseeding, but the Keccak construction is rated for LOTS of random numbers before reseeding is needed.

See "Sponge-based pseudo-random number generators" by Bertoni et al. I can't recall where I got it from, but it might be keccak.noekeon.org, though I can't see it there at first glance.

It would be nice if someone reviewed that code to make sure it really is the same construction.

user36303
  • 34,928
  • 2
  • 58
  • 123