public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: "Jorge Timón" <jtimon@monetize.io>
To: slush <slush@centrum.cz>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP0039 Mnemonic code for generating deterministic keys
Date: Thu, 24 Oct 2013 21:32:26 +0200	[thread overview]
Message-ID: <CAC1+kJPTXOkLoo=QHt1xyNwJ4BkNu1kVOXcZX5gF1MCNMbNSpg@mail.gmail.com> (raw)
In-Reply-To: <CAJna-HiE8YgKOuAHubRKbJYQviMz8Ws9E+eMDwcgV1pWpDBijg@mail.gmail.com>

This will probably sound stupid to most of you, but I'll say it anyway.

The aim of mnemonics is to easily remember, isn't it?
But the approach of removing "offensive words" is probably
counterproductive to achieving that end. These words cause a greater
emotional impact in our human moral psyches.
If we were willing to use that fact in our advantage to optimize the
"maximum unforgettableness" criterion, we should actually prefer the
most generally offensive words in that list. Specially if they can
combine with each other to produce more offensive results, basically
the opposite of what we're doing.

Isn't "legalize murder dirty jew" much easier to remember for most
people than "sandwich house yellow cauliflower"?

I guess that even if I'm right, this will be hard to explain to users
and I'm not offering myself to do it. So I completely understand if
the people working on this BIP simply ignore this "unforgettable
wordlist" proposal like if it was just a bad taste joke.
Using the sub-optimal (in terms of human memory) politically correct
wordlist probably won't be that much worse.


On 10/24/13, slush <slush@centrum.cz> wrote:
> We've reflected many comments about BIP39 wordlist from the community and I
> think the wordlist is much better now. Specifically we removed many of
> theoretically offensive words as well as we implemented algorithm for
> detecting words with similar characters (cat/eat) and we resolved these
> duplicities. I'm now quite happy with the wordlist and I want to ask you
> for next (final?) round of comments.
>
> >From other features, we added password protection of seed and seed
> hardening (against bruteforcing) using Rijndael cipher. This has been
> chosen because its blocksize can be 128, 192 or 256 bits, so it fits length
> of desired seeds. Also there are Rijndael implementations in every
> language. Btw password protection has one interesting feature - plausible
> deniability. It allows user to have one mnemonic and by using it with
> different passwords, it will generate different BIP32 wallets.... (wink
> wink)
>
> I want to be pretty clear that we need to close this topic somehow, because
> we want to use such algorithm in Trezor (which deadline is coming quick)
> and also other wallet developers want to implement such algorithm into
> clients to be compatible with Trezor. There were quite strict requirements
> for such algorithm (like the possibility to convert mnemonic to seed as
> well as seed to mnemonic) and I think we found a good solution. I'm wildly
> asking you for constructive comments, but saying "it's a crap, I don't like
> it" won't help anything.
>
> Thanks,
> slush
>
>
> On Thu, Sep 12, 2013 at 6:02 PM, Matthew Mitchell <
> matthewmitchell@godofgod.co.uk> wrote:
>
>> I removed some more but I haven't added enough back in. It was taking far
>> longer than expected so I gave up, but maybe someone else can try to add
>> some more:
>>
>>
>> https://github.com/MatthewLM/python-mnemonic/blob/master/mnemonic/wordlist/english.txt
>>
>> On 12 Sep 2013, at 13:11, Pavol Rusnak <stick@gk2.sk> wrote:
>>
>> > On 10/09/13 23:03, Matthew Mitchell wrote:
>> >> Maybe it would have been better without the aggressive words?
>> >
>> > I revisited the wordlist and replaced around 67 words that can be
>> > found offensive in some context.
>> >
>> > --
>> > Best Regards / S pozdravom,
>> >
>> > Pavol Rusnak <stick@gk2.sk>
>> >
>> >
>> ------------------------------------------------------------------------------
>> > How ServiceNow helps IT people transform IT departments:
>> > 1. Consolidate legacy IT systems to a single system of record for IT
>> > 2. Standardize and globalize service processes across IT
>> > 3. Implement zero-touch automation to replace manual, redundant tasks
>> >
>> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
>> > _______________________________________________
>> > Bitcoin-development mailing list
>> > Bitcoin-development@lists.sourceforge.net
>> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>>
>> ------------------------------------------------------------------------------
>> How ServiceNow helps IT people transform IT departments:
>> 1. Consolidate legacy IT systems to a single system of record for IT
>> 2. Standardize and globalize service processes across IT
>> 3. Implement zero-touch automation to replace manual, redundant tasks
>> http://pubads.g.doubleclick.net/gampad/clk?id=51271111&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>


-- 
Jorge Timón

http://freico.in/



  parent reply	other threads:[~2013-10-24 19:38 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-09-10 16:44 [Bitcoin-development] BIP0039 Mnemonic code for generating deterministic keys slush
2013-09-10 17:36 ` Andreas M. Antonopoulos
2013-09-10 20:40 ` Matthew Mitchell
2013-09-10 20:50   ` slush
2013-09-10 21:03     ` Matthew Mitchell
2013-09-10 21:34       ` Pavol Rusnak
2013-09-10 22:08       ` Gregory Maxwell
2013-09-10 22:35         ` Mark Friedenbach
2013-09-10 22:43           ` Gregory Maxwell
2013-09-11 12:49           ` Andreas Petersson
2013-09-12 12:09             ` Pavol Rusnak
2013-09-10 22:47         ` slush
2013-09-12 12:11       ` Pavol Rusnak
2013-09-12 16:02         ` Matthew Mitchell
2013-10-24 18:26           ` slush
2013-10-24 19:23             ` Pieter Wuille
2013-10-24 19:46               ` slush
2013-10-24 19:32             ` Jorge Timón [this message]
2013-10-24 19:37               ` slush

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAC1+kJPTXOkLoo=QHt1xyNwJ4BkNu1kVOXcZX5gF1MCNMbNSpg@mail.gmail.com' \
    --to=jtimon@monetize.io \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=slush@centrum.cz \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox