Hi I have a small interjection about the point on error correction (excuse me if it seems elementary). Isn't there an argument to be made where a wallet software should never attempt to figure out the 'correct' address, or in this case private key? I don't think it's crazy to suggest somebody could import a slightly erroneous WIF, the software gracefully error-corrects any problem, but then the user copies that error onward such as in their backup processes like a paper wallet. I always hate to advocate against a feature, I'm just worried too much error correcting removes the burden of exactitude and attention of the user (eg. "I know I can have up to 4 errors").

I'm pretty sure I read those arguments somewhere in a documentation or issue tracker/forum post. Maybe I'm misunderstanding the bigger picture in this particular case, but I was just reminded of that concept (even if it only applies generally).

Thanks,

AJ West

On Sun, Sep 17, 2017 at 4:10 AM, Thomas Voegtlin via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

On 17.09.2017 04:29, Pieter Wuille wrote:
>
> This has been a low-priority thing for me, though, and the computation work
> to find a good checksum is significant.
>

Thanks for the info. I guess this means that a bech32 format for private
keys is not going to happen soon. Even if such a format was available,
the issue would remain for segwit-in-p2sh addresses, which use base58.

The ambiguity of the WIF format is currently holding me from releasing a
segwit-capable version of Electrum. I believe it is not acceptable to
use the current WIF format with segwit scripts; that would just create
technological debt, forcing wallets to try all possible scripts. There
is a good reason why WIF adds a 0x01 byte for compressed pubkeys; it
makes it unambiguous.

I see only two options:
1. Disable private keys export in Electrum Segwit wallets, until a
common WIF extension has been agreed on.
2. Define my own WIF extension for Electrum, and go ahead with it.

Defining my own format does make sense for the xpub/xprv format, because
Electrum users need to share master public keys across Electrum wallets.
It makes much less sense for WIF, though, because WIF is mostly used to
import/sweep keys from other wallets.

I would love to know what other wallet developers are going to do,
especially Core. Are you going to export private keys used in segwit
scripts in the current WIF format?

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev