From: James MacWhyte <macwhyte@gmail.com>
To: vitteaymeric@gmail.com,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP39 seeds
Date: Tue, 25 Dec 2018 00:30:26 +0000 [thread overview]
Message-ID: <CAH+Axy6dKDOkE6cQYZUusTUxxOSwWchOWxYh6ZkhnOgXuELaYg@mail.gmail.com> (raw)
In-Reply-To: <db184306-7ec0-322e-5637-7889b51f50bf@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1605 bytes --]
On Mon, Dec 24, 2018 at 2:48 PM Aymeric Vitte via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
>
> I don't see very well why it's easier to write n words that you cannot
> choose rather than a 32B BIP32 hex seed, and I have seen many people
> completely lost with their wallets because of this
>
In practice it has quite a few qualities that make it a bit more resilient
for physical (written) storage.
If a few letters of a word get rubbed off or otherwise become illegible, it
is pretty easy for a native speaker to figure out what the word is supposed
to be. Even a non-native speaker could look through the word list and
figure out which word fits. Missing characters in a hex string require more
advanced brute force searching, which the average user isn't capable of.
Additionally, having the bits grouped into words makes a more serious
recovery easier. If you lose one entire word, it can be brute forced in
about 5 minutes on a normal pc, even if you don't know which position the
missing word is in (I have published a tool that does just this:
https://jmacwhyte.github.io/recovery-phrase-recovery). If you are missing
two words, you can brute force it in about a week (napkin math).
If you were missing a random chunk of a hex string, I don't know how you'd
go about brute forcing that in a timely manner.
As an aside, from a UX standpoint we've seen that the 12 words don't *look*
important so people don't take them seriously (and they get lost). A hex
string or equivalent would look more password-y, and therefore would most
likely be better protected by users.
James
[-- Attachment #2: Type: text/html, Size: 2147 bytes --]
next prev parent reply other threads:[~2018-12-25 0:30 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-21 23:58 [bitcoin-dev] BIP39 seeds Aymeric Vitte
2018-12-23 18:46 ` Pavol Rusnak
2018-12-23 22:41 ` Aymeric Vitte
2018-12-25 0:30 ` James MacWhyte [this message]
2018-12-26 11:33 ` Aymeric Vitte
2018-12-26 18:54 ` James MacWhyte
2018-12-27 11:04 ` Aymeric Vitte
2018-12-31 16:52 ` Alan Evans
2019-01-01 19:44 ` Aymeric Vitte
2019-01-02 18:06 ` James MacWhyte
2019-01-04 0:02 ` Aymeric Vitte
2018-12-24 14:58 ` Tiago Romagnani Silveira
2018-12-23 20:55 ` Eric Scrivner
2018-12-23 21:08 ` Jameson Lopp
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAH+Axy6dKDOkE6cQYZUusTUxxOSwWchOWxYh6ZkhnOgXuELaYg@mail.gmail.com \
--to=macwhyte@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=vitteaymeric@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox