From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8D33CC002D for ; Wed, 4 May 2022 00:27:16 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 8A771823CB for ; Wed, 4 May 2022 00:27:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.098 X-Spam-Level: X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nmjk9eK4fm1W for ; Wed, 4 May 2022 00:27:15 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-lf1-x12e.google.com (mail-lf1-x12e.google.com [IPv6:2a00:1450:4864:20::12e]) by smtp1.osuosl.org (Postfix) with ESMTPS id 6215D81D67 for ; Wed, 4 May 2022 00:27:15 +0000 (UTC) Received: by mail-lf1-x12e.google.com with SMTP id w1so32939936lfa.4 for ; Tue, 03 May 2022 17:27:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=TyPdByrOhRqDAnJVsJJVdxv527Vn7sW2B1/nLswqdvE=; b=VWe4puKfX5tyhOdvLmszyG+5K3BZFYuLfQLjZr454RTmuF2ySYUCKpy8Le5kD23hsb OUsEGEaHxCYfUqXJGoKpJEl2paolNy06+ATAarRWsJRiobRF/8syqW3eh60Cub/jnlL7 XovZTURcj2iZ+KvKS5EGCPxlsMZkIP67PIzfUWf+HZtAGP9lhP161/5zPdsx3BjNAbD/ rQE0V6d8trwgvu5TPdpLuIT+Cm8nIozy7o/aJR7wbYmDj6x+/vAafWAh+/QbhSy6J6wz IbOOvDKtFHTL0IYH78NKXs9f0Eza8MU12INAUeL0NDP6PbU1KPy4Zdz0CYA8b0NW/MOU YNWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=TyPdByrOhRqDAnJVsJJVdxv527Vn7sW2B1/nLswqdvE=; b=JW0xHtKxpy3PHbBrDTRXZsjtTtmTpWq/eQm/YHM5xXE9/SE2yKJ+CU+QR47w7vXkLv sR5LvkHUF8WsvS0g90g1QEgaVMsaHJK6lg8CKoBuin/e607lLf65834OJ3a9oNiUSc8N lq+cyIM4c9RVctbR0lS4IT2BrL4wH5caX/HMsOEPrWs/N9/5rZ9smnbVmJOSzoeiUsPB Hcir8vhkgsGK1FdscTOS+gsukxhuQguTSyJk+URQHhTQQ3DMRwC82QkA3Nc1/9w1mVl0 O1mdgtwTsR5qUEbga2lGWVEpUtEapdfJplX2UKoncT+f07A5Sx/FWVt61+q8RC/Eahk+ ZEIQ== X-Gm-Message-State: AOAM532NwwYIhrAuRI7kyujQKu9Z80eLImWSzH9NRZGRrg70sjgvkD+S S9wBZgOx3hZexuySobk6W8FZhh/dVDr6ZPfmbDI= X-Google-Smtp-Source: ABdhPJw1M0JYPUHjlX3lBuVmF0/cT00AeSIcwzxU3b0rFcPXLv48YeToLzCKn3h4jY4l3syWRPgzw+27HQv/ASDW84M= X-Received: by 2002:a05:6512:2586:b0:472:6266:4052 with SMTP id bf6-20020a056512258600b0047262664052mr8612427lfb.684.1651624032896; Tue, 03 May 2022 17:27:12 -0700 (PDT) MIME-Version: 1.0 References: <68441995-c7d44f8b69d56a75112afa495bca5bf9@pmq6v.m5r2.onet> In-Reply-To: <68441995-c7d44f8b69d56a75112afa495bca5bf9@pmq6v.m5r2.onet> From: Lloyd Fournier Date: Wed, 4 May 2022 10:26:46 +1000 Message-ID: To: vjudeu@gazeta.pl, Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000c88a2705de24af9e" X-Mailman-Approved-At: Wed, 04 May 2022 08:00:49 +0000 Subject: Re: [bitcoin-dev] Password-protected wallet on Taproot X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 May 2022 00:27:16 -0000 --000000000000c88a2705de24af9e Content-Type: text/plain; charset="UTF-8" Hi Vjudeu, Perhaps this could make sense in some setting. e.g. instead of a hardware device which protects your secret key via pin you use a pinless device but you create a strong password and use a proper password hash to create another key and put them in a 2-of-2. But make sure you don't use sha256 to hash the password. Use a proper password hash. Keep in mind there's also bip39 passwords which do a similar but this does involve entering them into the possibly malicious hardware device. Cheers, LL On Mon, 2 May 2022 at 03:56, vjudeu via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > It seems that Taproot allows us to protect each individual public key with > a password. It could work in this way: we have some normal, Taproot-based > public key, that is generated in a secure and random way, as it is today in > Bitcoin Core wallet. Then, we can create another public key, just by taking > password from the user, executing SHA-256 on that, and using it as a > private key, so the second key will be just a brainwallet. Then, we can > combine them in a Schnorr signature, forming 2-of-2 multisig, where the > first key is totally random, and the second key is just a brainwallet that > takes a password chosen by the user. By default, each key can be protected > with the same password, used for the whole wallet, but it could be possible > to choose different passwords for different addresses, if needed. > Descriptors should handle that nicely, in the same way as they can be used > to handle any other 2-of-2 multisig. > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --000000000000c88a2705de24af9e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi Vjudeu,

Perhaps this could make sens= e in some setting. e.g. instead of a hardware device which protects your se= cret key via pin you use a pinless device but you create a strong password = and use a proper password hash to create another key and put them in a 2-of= -2. But make sure you don't use sha256 to hash the password. Use a prop= er password hash. Keep in mind there's also bip39 passwords which do a = similar but this does involve entering them into the possibly malicious har= dware device.

Cheers,

LL<= /div>

On Mon, 2 May 2022 at 03:56, vjudeu via bitcoin-dev <bitcoin-dev@lists.linuxfoundatio= n.org> wrote:
It seems that Taproot allows us to protect each individual public key = with a password. It could work in this way: we have some normal, Taproot-ba= sed public key, that is generated in a secure and random way, as it is toda= y in Bitcoin Core wallet. Then, we can create another public key, just by t= aking password from the user, executing SHA-256 on that, and using it as a = private key, so the second key will be just a brainwallet. Then, we can com= bine them in a Schnorr signature, forming 2-of-2 multisig, where the first = key is totally random, and the second key is just a brainwallet that takes = a password chosen by the user. By default, each key can be protected with t= he same password, used for the whole wallet, but it could be possible to ch= oose different passwords for different addresses, if needed. Descriptors sh= ould handle that nicely, in the same way as they can be used to handle any = other 2-of-2 multisig.
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000c88a2705de24af9e--