public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: slush <slush@centrum.cz>
To: "thomasV1@gmx.de" <thomasV1@gmx.de>
Cc: "bitcoin-development@lists.sourceforge.net"
	<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal to replace BIP0039
Date: Thu, 24 Oct 2013 20:54:53 +0200	[thread overview]
Message-ID: <CAJna-HjgpRhLdVGh+prx54VezHaH1vXGpPotW1Xkz2tiAiWrbg@mail.gmail.com> (raw)
In-Reply-To: <trinity-ba3941a0-f758-4372-b431-c64e9b44328a-1382635758149@3capp-gmx-bs09>

[-- Attachment #1: Type: text/plain, Size: 2477 bytes --]

On Thu, Oct 24, 2013 at 7:29 PM, <thomasV1@gmx.de> wrote:
>
> My initial problem was that BIP0039 is not backward compatible with
> Electrum. When trying to solve that, I realized that the seed encoding used
> in Electrum does not help, because it does not contain a version number
> information. However, BIP0039 suffers the same shortcoming: it does nothing
> to help a future replacement, it wants to be final. My first recommendation
> is to allocate a few bits of the mnemonic, in order to encode a "version
> number" along with the checksum bits.
>
>
On topic of "it wants to be final" and "it is incompatible with Electrum":
None of this is true. Firstly, it *is* possible to implement both algorithm
into the client at the same time, so user will be able to recover wallet
using Electrum or bip39 mnemonic and - what is worse - you already *know*
about this solution. Still you're spreading FUD about it on IRC, on emails
behind my back and here on mailing list.

The solution for Electrum client - as we discussed two weeks ago on IRC -
is that:

a) User type down the mnemonic (created with Electrum or BIP39)
b1) Only if *all* words are presented in both dictionaries and it has valid
BIP39 checksum (which is quite rare situation itself!), the mnemonic can be
consider to be both Electrum or BIP39.
b2) In most of cases we end up here, because the most common situation is
that with given words, only Electrum *or* BIP39 seed can be recovered.
----
c) Consider the mnemonic as Electrum. Create first few addresses and do a
lookup. If there are transactions in address history, this is Electrum
mnemonic.
d) If there were no used address in c), build seed using BIP39 and do the
same lookup. If there's history, this is BIP39 mnemonic.
e) If there are no history on both algorithm, then pick prefered one for
given client (it should not hurt which one, because first use of given
mnemonic will "freeze" given algorithm for next time of mnemonic recovery).

Well, because only Electrum uses some mnemonic algorithm to this date, such
decision tree need to be implemented only in Electrum. You cannot tell that
"it is too complicated" or "ambiguous", because you're using the same
algorithm of deciding between Electrum deterministic / BIP32.

I must admit that I'm quite annoyed of such discussion, because we already
discussed all this privately, you didn't tell me any reason why this should
not work and still I see that this is coming back as a boomerang.

slush

[-- Attachment #2: Type: text/html, Size: 3174 bytes --]

  parent reply	other threads:[~2013-10-24 18:55 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-10-24 17:29 [Bitcoin-development] Proposal to replace BIP0039 thomasV1
2013-10-24 18:09 ` slush
2013-10-25  9:27   ` Thomas Voegtlin
2013-10-24 18:54 ` slush [this message]
2013-10-26 15:24   ` Thomas Voegtlin
2013-10-26 20:47     ` slush
2013-10-26 21:30       ` Pieter Wuille
2013-10-31  9:13         ` Thomas Voegtlin
2013-10-31 10:41           ` slush
2013-10-31 11:07             ` Peter Todd
2013-11-02  9:44             ` Thomas Voegtlin
2013-11-03  6:41               ` Timo Hanke
2013-11-03  7:03                 ` Thomas Voegtlin
2013-11-03  7:40                   ` Timo Hanke
2013-11-03  8:39                     ` Thomas Voegtlin
2013-11-04 15:10                       ` Timo Hanke
2013-11-16 23:41                         ` Pavol Rusnak
2013-11-16 23:49                     ` Pavol Rusnak
2013-11-17  0:42                       ` Timo Hanke
2013-11-17  0:49                         ` Pavol Rusnak
2013-10-31 11:11           ` slush
2013-10-31 11:18             ` slush
2013-11-02 10:10               ` Thomas Voegtlin
2013-10-24 21:55 ` Luke-Jr

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAJna-HjgpRhLdVGh+prx54VezHaH1vXGpPotW1Xkz2tiAiWrbg@mail.gmail.com \
    --to=slush@centrum.cz \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=thomasV1@gmx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox