public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] Fortune Cookies to Bitcoin Seed
@ 2019-02-28  3:48 Trey Del Bonis
  2019-03-06  1:05 ` James MacWhyte
  0 siblings, 1 reply; 3+ messages in thread
From: Trey Del Bonis @ 2019-02-28  3:48 UTC (permalink / raw)
  To: Bitcoin Protocol Discussion

Hello all,

This might be another proto-BIP similar to the post about using a card
shuffle as a wallet seed that was posted here a few weeks back:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-February/016645.html

This is an idea I had to deriving a wallet seed from the lucky numbers
on a fortunes from fortune cookies [1].

On one side is some silly fortune, which we don't really care about
here.  But depending on the brand, on the other side there's 2 parts:

* "Learn Chinese", with a word in English and its translation into
Chinese characters and the (probably) pinyin.

* "Lucky Numbers", followed by usually 6 or 7 numbers, presumably in
the range of 1 to 99.  Someone can correct me on this if I'm wrong.

So each number should have around ~6.6 bits of entropy, which means
you could generate a "very secure" wallet seed with about 7 fortunes.
We can remember the order of the numbers on these fortunes based on
the English words, which we can commit to memory.

It's considered a rule of thumb that you can remember "7 things" at
once, which is pretty convenient for this.  Sometimes the numbers are
sorted, which decreases the entropy a bit, but that can be remedied
with just more fortunes.  This also splits up the information required
to reconstruct the seed into both something physical and something
remembered, and there isn't any particular ordering that someone can
mess up by, say, shuffling the card deck.  Although someone is
arguably more likely to throw away random fortunes than they are to
throw away a deck of cards which is a weakness of this scheme.

It also arguably has better deniability.  If you keep a pile of 20
fortunes (with different "Learn Chinese" words) and remember which 7
of them are for your key, but pick another 7 you can use to make a
decoy wallet to use if being forced to reveal a wallet.  Keeping 20
around is a little excessive but it gives 390700800 possible wallets.
So security can be trivially parameterized based on how secure you
want your wallet to be if someone finds your stash.

I wrote a little Python script to generate a key with this, it's not
very clean and could be much improved but it works pretty well as a
proof of concept: https://gitlab.com/delbonis/chinese-wallet

-Trey Del Bonis

[1] https://en.wikipedia.org/wiki/Fortune_cookie


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2019-03-06  1:37 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-28  3:48 [bitcoin-dev] Fortune Cookies to Bitcoin Seed Trey Del Bonis
2019-03-06  1:05 ` James MacWhyte
2019-03-06  1:37   ` Trey Del Bonis

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox