Hi slush,

Thank you for your new proposal; it seems to be a compromise.

@Christophe Biocca:
If the wordlist becomes part of the standard, then we will run into
problems of collisions once users ask for wordlists in every language.

IMO the right approach is to implement checksums that do not depend
on the wordlist (eg the 'brute force' method, Hash(mnemonic||1) mod 2^k == 0 )
this would also allow us to implement sipa's variable stretching proposal.

I understand this is not possible because of the computational
requirements of devices such as trezor.

I am leaning toward considering these devices as a nonstandard case,
instead of enforcing a given wordlist in the standard.

Thomas






Le 21/01/2014 00:18, slush a écrit :

On Tue, Jan 21, 2014 at 12:06 AM, Christophe Biocca <christophe.biocca@gmail.com> wrote:
I remember the wordlist choice getting bikeshedded to death a month ago.

I would just include the wordlist as part of the standard (as a
recommendation) so that fully compliant implementations can correct a
user's typos regardless of the original generator.


That's exactly our attitude. We realized that have a community-wide agreement on the wordlist itself is simply imposible, so to reach at least some consensus we split the proposal to two parts - one what is essential to call itself a "bip39 compatible", i.e. converting the mnemonic to bip32 node and second which is optional, including our proposed wordlist, which has some advanced features like checksums etc. Now it is up to client developers to decide if they really insist on their superior wordlist or if they'll implement checksums following the full specification.

 
Those who don't like it will have to deal with the compatibility
concerns themselves, or get an alternate wordlist approved as a BIP. 
Odds are no one will go that route.

 
At least Trezor and bitcoinj (Multibit) seems to be going in this way, which is 100% of clients which expressed interest in bip39 :-).

slush