From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 23 May 2025 07:31:12 -0700 Received: from mail-oa1-f61.google.com ([209.85.160.61]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1uITQV-0005bN-VH for bitcoindev@gnusha.org; Fri, 23 May 2025 07:31:12 -0700 Received: by mail-oa1-f61.google.com with SMTP id 586e51a60fabf-2c855402a6dsf1216fac.3 for ; Fri, 23 May 2025 07:31:12 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1748010666; cv=pass; d=google.com; s=arc-20240605; b=fyFfLSx86qH/mKInjWAvR3UeKG408+wy6sZlIZ7Br5jj5g43ghXHa0qAgJmbDdMwnB l7o8MF5xB5UjAaPWBTV3MpcRSaf14tNlxfQ6rPFrwZpeKyDAtRVYdc4D+IaR+moJ1589 LHtkoS86tAbIZBu/Iq2wuWsJpaAP1T462S8FvRmH02rfvirgxio1BoNPJM8IISC5zCRR gluONXVxgI80m3/vlfj6nQK+kV3INwjvIDV0L2/7JvlVYq/LVMHL/ojztCO70eP46dNm 22+VINWS+WDZXTcTR3kLe7x8/80DegexqmAcZbDmNNbA40aV4Zcdd225ixK1hrUyJi9t nWRA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:sender:dkim-signature :dkim-signature; bh=FSli5yT3KTmT5nMvKj3vvFLsViySqPtyiyLfSt/n1gQ=; fh=+NFnX7qHeJotE64SvjUmDX6fKmRJOMVi0XOn68+cnUs=; b=Fc1jJQFJbTWHvIers5Y//sjcykiUoflwDOTcMHaf4Jcv6XETA0IHo3QwCzySxCFUZG ct59JYThs5ncPXFgGb4QZLIzeYMK2D15LdRc77I+jGeY7AbuZ07MNvx6wReGMM7MW1PI TYdJUjuLbZvAH4HgQ0a05ah+2ktt9nNw68PK3cyeCXzG4Qe+YDcWzQmVlSrFiKx3xqAK V7tnHT2O76QTfz9nlUecxtnS4sYNs7aYgIVfKOj9Uhs80f5ThW6ZvSiBPFYihC6XMFr2 V3DFsnAVWJFYX009SQF1rltDchnSv78rf6YLJy79MaBmgYOP/04U2V5FRJ/y4/bd6glR gu5Q==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZSOP7M6f; spf=pass (google.com: domain of coinables@gmail.com designates 2a00:1450:4864:20::535 as permitted sender) smtp.mailfrom=coinables@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1748010666; x=1748615466; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:sender:from:to:cc:subject:date:message-id :reply-to; bh=FSli5yT3KTmT5nMvKj3vvFLsViySqPtyiyLfSt/n1gQ=; b=ARP3WG2c0zBraFb8iTI9WyKt4Fc966jqVGw0yA2XyDgA98wTn2vU4sgRDR8g8FwL9+ P8NxF2qW5VQCvPlT+sgLcxOmi7r1BM5f8eJeyUyruHEowskPpxvappKmmaXl0E5Arruc qytV2j//Mo1j1rFrZQ5aK/5UVChwTsOs4RbHSMVfY4rU3XmOjj9nL2eja24fJtmWquvj Rgvow6OsjMRqWp6iMfPeLqfGtMnx1lIx2FqLlxDw1SryNURqYkNnt1hZ7qosOLNfkoBP AytDW3MPFpac45htCc1UjVT+/VU5/4iSVvxQTmjSVLgzBARoh5uwDFXlvIrWpXt3jsct JYsA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1748010666; x=1748615466; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:from:to:cc:subject:date:message-id:reply-to; bh=FSli5yT3KTmT5nMvKj3vvFLsViySqPtyiyLfSt/n1gQ=; b=JcwbXTu9LkdH5sY2CjDpTfxF+JhCxZ2FXZlG/zq99Dw0azL4VvTGltbxRb0YhgnjoB 58/VqOJcB2Tbw9oA5+2SdYumZFaG6zLDAGgzeC3dkP3olQRBkCF6kjGv/INsH2Zjtt+v w+R1QDOUSfkApaTuaH+j0ba9+dqTD19pX95VPKen99mv+sMhUPN+LpZYdioz770a7r4c 2pPRJnXrJIcGFoRyhFdjx4ik73lBj293MUK9h7A9zyEOWkWnRt1Oq8fDJGuhxw/1Mo7t Ydqg2Y6IH9szV2nXDB5L9Nbm9nBS+Pfm5JN4fq5s73uKA5ftWeqYFREhZ3ti6m+ILUrH gPxQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748010666; x=1748615466; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-authentication-results :x-original-sender:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:x-beenthere:x-gm-message-state:sender:from :to:cc:subject:date:message-id:reply-to; bh=FSli5yT3KTmT5nMvKj3vvFLsViySqPtyiyLfSt/n1gQ=; b=vdI5CTByTNcG5C0azYjB2pxkhs33Dk0hML7+GYJpvNlItOphx1aW4vABIzL6tk5spC Ov/S8jRlvBfOFvqZJ98PZuxbzQcpQgKfrtUYgM3lRwm9lb21oE6+1X+yZ2I8/iiQh8q4 K8B2mbJVpxlRuuh5dGybBo1rlSxykLaOD7ZsTCNCPYBOM8hezG9lCpc9oFQ3hfrKy4yc Bd/EczayD3W9ZIs4bU0HDdTqOJALVRDXN8I+40nSr/xpwrFD46yy0/jI2TmbKfuibQqq DVZDouya+v0UxGz/hJWER5O6EqDL4hmDbZzgctRM2ctRwRIEi5wNNdr9itmfXhlvMK5H H+SQ== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=2; AJvYcCXtKlgQeSJd0gcamOXTGikF6a/QEOJ2+HfOC8vlexDruvPPIGCds9lCN9JVr8qRfI4viw2uElBPgaY1@gnusha.org X-Gm-Message-State: AOJu0YxtAO5Tlq014R1aybHEhBIkFKTob25dqvROoKx0pXsrGhYmdAww ODRkCBkVbqTPKwUjqcnwnMl9m/cIJ9aD2gv9uwaqbWBZRjSbUSX6IY98 X-Google-Smtp-Source: AGHT+IH1JuESF+FSr9vCUDmt5/1H0TulkFGwC80rI05Yg+EUvulUdPxjS0SGBuimGblQApqHkxUN/A== X-Received: by 2002:a05:6871:a593:b0:2cf:bc73:7bbb with SMTP id 586e51a60fabf-2e844b9974fmr1867053fac.25.1748010665792; Fri, 23 May 2025 07:31:05 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com; h=AVT/gBHRzS7KYUNWo/pO0aUvv7/mFaOLkh/SOCQIIfxGPFcGJw== Received: by 2002:a05:6871:7411:b0:29e:3655:1970 with SMTP id 586e51a60fabf-2e39c8b7ee3ls346183fac.0.-pod-prod-08-us; Fri, 23 May 2025 07:31:02 -0700 (PDT) X-Received: by 2002:a05:6808:1191:b0:3fe:b0ad:f927 with SMTP id 5614622812f47-4063d9fa702mr2090218b6e.16.1748010661965; Fri, 23 May 2025 07:31:01 -0700 (PDT) Received: by 2002:a05:6402:710:b0:5ff:f6a3:6001 with SMTP id 4fb4d7f45d1cf-600d4add767msa12; Fri, 23 May 2025 07:29:41 -0700 (PDT) X-Received: by 2002:a17:907:7da2:b0:ad4:d9c9:c758 with SMTP id a640c23a62f3a-ad536b7c8dfmr2510057166b.11.1748010579756; Fri, 23 May 2025 07:29:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1748010579; cv=none; d=google.com; s=arc-20240605; b=DQ55TQ9POzq8IDVeCOGbnp2HdNV98A+kRX10Zn+M7TXieUcYUjfHIAQamX0Ajv7iGH 3yNAFxAwoCmPlxGXFcz+tUIYxzHoE2bUqn1reTGX2L+uY+4B7J8+vwqIccHOgAQwhrZv sEkhVHnnTB0jdjn6DH8mFA/T7UW5syrgUdXvvexIrhKbjJy4MXcFYcdlAMxSFYKjk+6F 1VYvHyQgMYNdPsrydwTK55UIHMHjiSQ5h87QkR4PhwHhw/VM3p9PlO0yvMgAfJOS82e6 hcqF2YGCpr+Ev01Xa/Q9/yW75ITKegl9n+f4A1KeEzUahnRmt87oJUT0ILDtR5OxS+wt ew2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=KpKyMNO3Kq9nUyxfX8mr5OUNlEuAJo9nCCmu4nssjhs=; fh=qrQhDDFeK4br7zleEk9iKvg1FW5JhU54jRDeUc2Os5A=; b=RfIdD7DTd6j2I+Zy9/LwIRU91jXIDVYOM6BPe7huJYtuvYAVYMNsNtGpPHT6GZcwyt Je1y0ao0LWqZJGvNDrRG83bq2yO0MI+gI9KqXpjage75ARrZZ3jo0+TIXcrOq8KASrmf XdlUKjGeApff0Er3g2DyRAwVqv3t3FbADQWLrp6j9HYi6ogF+9Ehe9zVES3QYhMWPC0g 4udT25+5X10f3pMDc9IUauIRkGJ7JdsHgap3WOTMgYHqroA67A0tLsbQ4lGh0wX3lglS B9uTkizmfmeDzyvpri17kW+v1coSv7NnZxONysqIfDsW5UbOkkiuxBJU5UmAZlv5Bsnh eb5Q==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZSOP7M6f; spf=pass (google.com: domain of coinables@gmail.com designates 2a00:1450:4864:20::535 as permitted sender) smtp.mailfrom=coinables@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com. [2a00:1450:4864:20::535]) by gmr-mx.google.com with ESMTPS id a640c23a62f3a-ad52cb25825si36634166b.0.2025.05.23.07.29.39 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 23 May 2025 07:29:39 -0700 (PDT) Received-SPF: pass (google.com: domain of coinables@gmail.com designates 2a00:1450:4864:20::535 as permitted sender) client-ip=2a00:1450:4864:20::535; Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-5efe8d9ebdfso17283748a12.3 for ; Fri, 23 May 2025 07:29:39 -0700 (PDT) X-Gm-Gg: ASbGnct4WaurCx3UBZPx9HzuPm6MwGQvkdligugwlzZUbhWwtodV/MlD+QPvaXxz5Op WaqFGqcbSLwgsqQ/kH68WoLaN25j4hmALYw56l8fJ03hdWt++aJCB77fDSUaNUcB32mMHl1Pe1Q /haSrkHfUEZ51j5JszT0sM47zOILqXaz/G0SyxAez8ZBmsH6iAf6amNPEo4Av/eIxgzGNn+AoAZ 6kX X-Received: by 2002:a17:906:9f86:b0:ad2:2fdd:fef2 with SMTP id a640c23a62f3a-ad536ff339amr2349575066b.53.1748010578917; Fri, 23 May 2025 07:29:38 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Kyle Honeycutt Date: Fri, 23 May 2025 07:29:27 -0700 X-Gm-Features: AX0GCFtzos-UYEhvbTs5NzT4IZIJjnSn7pPFVoK2ODTd5B2OWk8wYATuEWoJb-o Message-ID: Subject: Re: [bitcoindev] BIP39 Extension for Manual Seed Phrase Creation To: Eric Kvam Cc: Bitcoin Development Mailing List Content-Type: multipart/alternative; boundary="0000000000009ebe150635ce6da1" X-Original-Sender: coinableS@gmail.com X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZSOP7M6f; spf=pass (google.com: domain of coinables@gmail.com designates 2a00:1450:4864:20::535 as permitted sender) smtp.mailfrom=coinables@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com; dara=pass header.i=@googlegroups.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) --0000000000009ebe150635ce6da1 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Respectfully, a "black box" is not trusted to generate mnemonic passphrases, the standard is well-defined and generally followed across wallets. https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#Generating_t= he_mnemonic Users can create their own mnemonics in a trustless way following the BIP39 standard published in 2013. Using any entropy source a user can perform a SHA256 hash on the entropy to get a 256 bit string, then convert that to binary. Perform another SHA256 hash on the binary, take the first 8 bits and solve for checksum and then solve the rest of mnemonic words. On Fri, May 23, 2025, 6:15=E2=80=AFAM Eric Kvam w= rote: > *Motivation* > Make it easy for users to manually create their seed phrase so that they > don't have to trust a "black box" and allow for encoding derivation path = in > seed phrase to simplify recovery > > *How* > Use every eighth word from the wordlist to generate 16 word phrases with > 128 bits of entropy (no checksum). The most significant eight bits of ea= ch > word are used as entropy. The least significant three bits of each word > specify the derivation path. > > - *000* Derivation Path Not Specified > - *001* m/44'/0'/0' > - *010* m/49'/0'/0' > - *011* m/84'/0'/0' > - *100* m/48'/0'/0'/2' > - *101* m/86'/0'/0' > > Up to seven derivation paths can be specified if all words have the same > least significant bits. If the least significant bits of each word vary, > there are 48 bits that can be used to encode meta-data. As long as > meta-data is limited to certain allowable values, this provides a mechani= sm > for error detection, similar to a checksum. > > *Benefits of Suggested Implementation* > > - The word length determines how the seed phrase should be > interpreted. User only needs to know how many words they have and how= many > words the wallet supports to check for compatibility with this extensi= on > - Uses same wordlist to represent the same entropy as a 12 word phrase > (could be a revision to BIP39 instead of a new BIP) > - Manual procedure is very simple, each derivation path can use a > shortened 256 word list which enjoys improved alphabetical separation = of > words > - May prevent naive word selections which aren't limited to every > eighth word (similar to what checksum does) > - Can be extended further. For example, a 32 word phrase with the > same entropy as a 24 word phrase could also be added. We can keep add= ing > formats with unique word length and keep adding uses for the meta data= as > needed. > > -- > You received this message because you are subscribed to the Google Groups > "Bitcoin Development Mailing List" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to bitcoindev+unsubscribe@googlegroups.com. > To view this discussion visit > https://groups.google.com/d/msgid/bitcoindev/a139ee2e-473c-487b-a9b0-e680= 13fdb7cen%40googlegroups.com > > . > --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= CAL9hkF1ptPqvjNqpBHv3_WkEf0cL5HhNudT9SNXZ9DfzpupyOA%40mail.gmail.com. --0000000000009ebe150635ce6da1 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

Respectfully, a "black box" is no= t trusted to generate mnemonic passphrases, the standard is well-defined an= d generally followed across wallets.

https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#Generati= ng_the_mnemonic

Users can create their own mnemonics in a trustle= ss way following the BIP39 standard published in 2013.=C2=A0

Using an= y entropy source a user can perform a SHA256 hash on the entropy to get a 2= 56 bit string, then convert that to binary. Perform another SHA256 hash on = the binary, take the first 8 bits and solve for checksum and then solve the= rest of mnemonic words.


On Fri= , May 23, 2025, 6:15=E2=80=AFAM Eric Kvam <nerdyrugbyguy@gmail.com> wrote:
<= /div>
Motivation=
Make it easy for users to manually create their seed phrase so tha= t they don't have to trust a "black box" and allow for encodi= ng derivation path in seed phrase to simplify recovery

<= div>How
Use every eighth word from the wordli= st to generate 16 word phrases with 128 bits of entropy (no checksum).=C2= =A0 The most significant eight bits of each word are used as entropy.=C2=A0= The least significant three bits of each word specify the derivation path.=
  • 000 Derivation Path Not Specified
  • 001<= /b> m/44'/0'/0'
  • 010 m/49'/0'/0'
  • 011 m/84'/0'/0'
  • 100 m/48'/0'= ;/0'/2'
  • 101 m/86'/0'/0'
Up= to seven derivation paths can be specified if all words have the same leas= t significant bits.=C2=A0 If the least significant bits of each word vary, = there are 48 bits that can be used to encode meta-data.=C2=A0 As long as me= ta-data is limited to certain allowable values, this provides a mechanism f= or error detection, similar to a checksum.

=
Benefits of Suggested Implementation
  • T= he word length determines how the seed phrase should be interpreted.=C2=A0 = User only needs to know how many words they have and how many words the wal= let supports to check for compatibility with this extension
  • Uses sa= me wordlist to represent the same entropy as a 12 word phrase (could be a r= evision to BIP39 instead of a new BIP)
  • Manual procedure is very sim= ple, each derivation path can use a shortened 256 word list which enjoys im= proved alphabetical separation of words
  • May prevent naive word sele= ctions which aren't limited to every eighth word (similar to what check= sum does)
  • Can be extended further.=C2=A0 For example, a 32 word phr= ase with the same entropy as a 24 word phrase could also be added.=C2=A0 We= can keep adding formats with unique word length and keep adding uses for t= he meta data as needed.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit h= ttps://groups.google.com/d/msgid/bitcoindev/a139ee2e-473c-487b-a9b0-e68013f= db7cen%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/ms= gid/bitcoindev/CAL9hkF1ptPqvjNqpBHv3_WkEf0cL5HhNudT9SNXZ9DfzpupyOA%40mail.g= mail.com.
--0000000000009ebe150635ce6da1--