From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WdiKX-0005z1-Gq for bitcoin-development@lists.sourceforge.net; Fri, 25 Apr 2014 15:46:25 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.215.43 as permitted sender) client-ip=209.85.215.43; envelope-from=gmaxwell@gmail.com; helo=mail-la0-f43.google.com; Received: from mail-la0-f43.google.com ([209.85.215.43]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WdiKU-0004vZ-8Y for bitcoin-development@lists.sourceforge.net; Fri, 25 Apr 2014 15:46:25 +0000 Received: by mail-la0-f43.google.com with SMTP id c6so3177341lan.2 for ; Fri, 25 Apr 2014 08:46:15 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.152.4.41 with SMTP id h9mr1752913lah.43.1398440775552; Fri, 25 Apr 2014 08:46:15 -0700 (PDT) Received: by 10.112.89.68 with HTTP; Fri, 25 Apr 2014 08:46:15 -0700 (PDT) In-Reply-To: <1398437607.23028.110362141.03111A2A@webmail.messagingengine.com> References: <1398437607.23028.110362141.03111A2A@webmail.messagingengine.com> Date: Fri, 25 Apr 2014 08:46:15 -0700 Message-ID: From: Gregory Maxwell To: Jim Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WdiKU-0004vZ-8Y Cc: Bitcoin Development Subject: Re: [Bitcoin-development] BIP32 "wallet structure" in use? Remove it? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Apr 2014 15:46:25 -0000 On Fri, Apr 25, 2014 at 7:53 AM, Jim wrote: > Oh dear. > > For reasons that are perfectly reasonable we are close to losing any chan= ce of intra-client HD compatibility for BIP32 wallets. > > In the next 12 months there will probably be collectively millions of use= rs of our new wallets. I don't want them to suffer from vendor lockin. > > Can we not agree on a lowest common denominator that we agree to support = ? > An "HD Basic" if you like. > For entry level users we can keep things simple and any "HD Basic" bitcoi= n will be fully interoperable. > > Sure, if you use anything fancy you'll be locked in to a particular walle= t but a lot of users just want somewhere safe to put their bitcoin, spend i= t and receive it. > > I appreciate standising everything is very difficult (if not impossible) = but if we don't have a minimum of interoperability I think we'll do our use= rs a disservice. I don't believe that wallet interoperability at this level is possible in general except as an explicit compatibility feature. I also don't believe that it is a huge loss that it is so. The structure of the derivation defines and constrains functionality. You cannot be structure compatible unless you have the same features and behavior with respect to key management. To that extent that wallets have the same features, I agree its better if they are compatible=E2=80=94 but unless they are dead software they likely won't kee= p the same features for long. Even if their key management were compatible there are many other things that go into making a wallet portable between systems; the handling of private keys is just one part: a complete wallet will have other (again, functionality specific) metadata. I agree that it would be it would be possible to support a compatibility mode where a wallet has just a subset of features which works when loaded into different systems, but I'm somewhat doubtful that it would be widely used. The decision to use that mode comes at the wrong time=E2=80=94 when you start, not when you need the features you chose to disable or when you want to switch programs. But the obvious thing to do there is to just specify that a linear chain with no further branching is that mode: then that will be the same mode you use when someone gives you a master public key and asks you to use it for reoccurring changes=E2=80=94 so at least the software will get used. Compatibility for something like a recovery tool is another matter, and BIP32 probably defines enough there that with a bit of extra data about how the real wallet worked that recovery can be successful. Calling it "vendor lock in" sounds overblown to me. If someone wants to change wallets they can transfer the funds=E2=80=94 manual handling of private keys is seldom advisable, and as is they're going to lose their metadata in any case. No one expects to switch banks and to keep their account records at the new bank. And while less than perfect, the price of heavily constraining functionality in order to get another result is just too high.