* [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
@ 2018-01-09 11:20 Ronald van der Meer
2018-01-18 1:07 ` Weiwu Zhang
0 siblings, 1 reply; 8+ messages in thread
From: Ronald van der Meer @ 2018-01-09 11:20 UTC (permalink / raw)
To: bitcoin-dev
Hello guys,
After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.
I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.
Regards,
Ronald van der Meer
E: ronald@vandermeer.frl | W: https://www.vandermeer.frl
S: https://twitter.com/truly_secure
GPG: 8203 CE3E 064D C462 1D22 F635 A1EC 45F9 645F 878D
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-09 11:20 [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist Ronald van der Meer
@ 2018-01-18 1:07 ` Weiwu Zhang
2018-01-18 1:14 ` CryptAxe
0 siblings, 1 reply; 8+ messages in thread
From: Weiwu Zhang @ 2018-01-18 1:07 UTC (permalink / raw)
To: Ronald van der Meer, Bitcoin Protocol Discussion
2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org>:
> After reviewing some bitcoin improvement proposals, I noticed that one of the words that can be found on the BIP39 English wordlist is “satoshi”.
> I suggest removing this word from the list so it’s less obvious that it’s a bitcoin seed when found by a malicious third party.
If a malicious third party discovers a word list that look like a
seed, they would try using it as Bitcoin seed first anyway, with or
without finding the word 'satoshi' in it. The security threat is that
a malicious third party may index what they found and test every
occurrence of 'satoshi' for a lead to a seed.
For example, a hard-disk recycling service would add this word to
their salvage tools. Any successfully hacked gmail account will be
'satoshi' tested too.
So I see this as a reasonable improvement:)
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-18 1:07 ` Weiwu Zhang
@ 2018-01-18 1:14 ` CryptAxe
2018-01-18 6:55 ` Jonathan Sterling
0 siblings, 1 reply; 8+ messages in thread
From: CryptAxe @ 2018-01-18 1:14 UTC (permalink / raw)
To: Weiwu Zhang, Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 1340 bytes --]
Why wouldn't they just test the frequency of words from the wordlist in
entirety?
On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org>:
> > After reviewing some bitcoin improvement proposals, I noticed that one
> of the words that can be found on the BIP39 English wordlist is “satoshi”.
> > I suggest removing this word from the list so it’s less obvious that
> it’s a bitcoin seed when found by a malicious third party.
>
> If a malicious third party discovers a word list that look like a
> seed, they would try using it as Bitcoin seed first anyway, with or
> without finding the word 'satoshi' in it. The security threat is that
> a malicious third party may index what they found and test every
> occurrence of 'satoshi' for a lead to a seed.
>
> For example, a hard-disk recycling service would add this word to
> their salvage tools. Any successfully hacked gmail account will be
> 'satoshi' tested too.
>
> So I see this as a reasonable improvement:)
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
[-- Attachment #2: Type: text/html, Size: 1959 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-18 1:14 ` CryptAxe
@ 2018-01-18 6:55 ` Jonathan Sterling
2018-01-18 19:50 ` Alan Evans
0 siblings, 1 reply; 8+ messages in thread
From: Jonathan Sterling @ 2018-01-18 6:55 UTC (permalink / raw)
To: CryptAxe, Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 2015 bytes --]
All the more reason to only use the most common words that meet the other
criteria:
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#Wordlist
I agree - keeping "satoshi" in there is an unnecessary security risk.
Kind Regards,
Jonathan Sterling
On Thu, Jan 18, 2018 at 8:14 AM, CryptAxe via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Why wouldn't they just test the frequency of words from the wordlist in
> entirety?
>
> On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" <bitcoin-dev@lists.
> linuxfoundation.org> wrote:
>
>> 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
>> <bitcoin-dev@lists.linuxfoundation.org>:
>> > After reviewing some bitcoin improvement proposals, I noticed that one
>> of the words that can be found on the BIP39 English wordlist is “satoshi”.
>> > I suggest removing this word from the list so it’s less obvious that
>> it’s a bitcoin seed when found by a malicious third party.
>>
>> If a malicious third party discovers a word list that look like a
>> seed, they would try using it as Bitcoin seed first anyway, with or
>> without finding the word 'satoshi' in it. The security threat is that
>> a malicious third party may index what they found and test every
>> occurrence of 'satoshi' for a lead to a seed.
>>
>> For example, a hard-disk recycling service would add this word to
>> their salvage tools. Any successfully hacked gmail account will be
>> 'satoshi' tested too.
>>
>> So I see this as a reasonable improvement:)
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
--
Kind Regards,
Jonathan Sterling
+44 (0)7415 512691
[-- Attachment #2: Type: text/html, Size: 3602 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-18 6:55 ` Jonathan Sterling
@ 2018-01-18 19:50 ` Alan Evans
0 siblings, 0 replies; 8+ messages in thread
From: Alan Evans @ 2018-01-18 19:50 UTC (permalink / raw)
To: Jonathan Sterling, Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 3708 bytes --]
> so it’s less obvious that it’s a bitcoin seed when found by a malicious
third party
1. The same words are used for wallets of all kinds of coins, so it's not
obvious it's for bitcoin.
2. Anyone recognising the word "satoshi" as related to cryptocurrency in
general, would also recognise any mnemonic.
3. You could elect to skip a mnemonic that includes the word if it was a
personal concern (but I would discourage selecting a mnemonic base on
personal preference, as could get dangerously close to being a brain wallet
in effect).
4. You could choose to record just the first 4 characters of each word,
"sato" is enough.
5. Where do we stop? the words "coin", "cash", "rich" are in there too.
6. About automated data-recovery, if you are storing mnemonics on HDDs or
other digial media, then you have larger security concerns than it just
being found during HDD recycling.
But most of all:
7. Removing a word or changing a list *is impossible* as verification of an
existing mnemonic requires the list. To change one word, you would need to
provide an alternative to BIP0039 to cope with alternative words, or change
all the words to a completely new set of 2048 English words so that it is
clear which wordlist is in use.
Regards,
Alan
On Thu, Jan 18, 2018 at 2:55 AM, Jonathan Sterling via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> All the more reason to only use the most common words that meet the other
> criteria: https://github.com/bitcoin/bips/blob/master/bip-
> 0039.mediawiki#Wordlist
>
> I agree - keeping "satoshi" in there is an unnecessary security risk.
>
> Kind Regards,
>
> Jonathan Sterling
>
> On Thu, Jan 18, 2018 at 8:14 AM, CryptAxe via bitcoin-dev <
> bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> Why wouldn't they just test the frequency of words from the wordlist in
>> entirety?
>>
>> On Jan 17, 2018 5:10 PM, "Weiwu Zhang via bitcoin-dev" <
>> bitcoin-dev@lists.linuxfoundation.org> wrote:
>>
>>> 2018-01-09 19:20 GMT+08:00 Ronald van der Meer via bitcoin-dev
>>> <bitcoin-dev@lists.linuxfoundation.org>:
>>> > After reviewing some bitcoin improvement proposals, I noticed that one
>>> of the words that can be found on the BIP39 English wordlist is “satoshi”.
>>> > I suggest removing this word from the list so it’s less obvious that
>>> it’s a bitcoin seed when found by a malicious third party.
>>>
>>> If a malicious third party discovers a word list that look like a
>>> seed, they would try using it as Bitcoin seed first anyway, with or
>>> without finding the word 'satoshi' in it. The security threat is that
>>> a malicious third party may index what they found and test every
>>> occurrence of 'satoshi' for a lead to a seed.
>>>
>>> For example, a hard-disk recycling service would add this word to
>>> their salvage tools. Any successfully hacked gmail account will be
>>> 'satoshi' tested too.
>>>
>>> So I see this as a reasonable improvement:)
>>> _______________________________________________
>>> bitcoin-dev mailing list
>>> bitcoin-dev@lists.linuxfoundation.org
>>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>>
>>
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>>
>>
>
>
> --
> Kind Regards,
>
> Jonathan Sterling
> +44 (0)7415 512691 <+44%207415%20512691>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
[-- Attachment #2: Type: text/html, Size: 6932 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-18 21:29 ` Alan Evans
@ 2018-01-23 19:40 ` Ronald van der Meer
0 siblings, 0 replies; 8+ messages in thread
From: Ronald van der Meer @ 2018-01-23 19:40 UTC (permalink / raw)
To: Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 1645 bytes --]
I’m new to this so what is the next step?
--
Ronald van der Meer
E: ronald@vandermeer.frl<mailto:ronald@vandermeer.frl> | W: https://www.vandermeer.frl
S: https://twitter.com/truly_secure
GPG: 8203 CE3E 064D C462 1D22 F635 A1EC 45F9 645F 878D
From: bitcoin-dev-bounces@lists.linuxfoundation.org [mailto:bitcoin-dev-bounces@lists.linuxfoundation.org] On Behalf Of Alan Evans via bitcoin-dev
Sent: donderdag 18 januari 2018 22:29
To: Matthew Clancy <matthewpclancy@gmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
> and then agree that by convention, the words 'satoshi' or the alternative word will represent the same number on the list
That convention would be the alternative to BIP0039 I am referring to.
On Thu, Jan 18, 2018 at 4:49 PM, Matthew Clancy <matthewpclancy@gmail.com<mailto:matthewpclancy@gmail.com>> wrote:
I would disagree here:
>But most of all:
>7. Removing a word or changing a list *is impossible* as verification of an
>existing mnemonic requires the list. To change one word, you would need to
>provide an alternative to BIP0039 to cope with alternative words, or change
>all the words to a completely new set of 2048 English words so that it is
>clear which wordlist is in use.
All that really would need to be done is select another word that is not on the 2048 list, and then agree that by convention, the words 'satoshi' or the alternative word will represent the same number on the list. It seems to be to be a fairly simple thing to implement.
[-- Attachment #2: Type: text/html, Size: 6325 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
2018-01-18 20:49 Matthew Clancy
@ 2018-01-18 21:29 ` Alan Evans
2018-01-23 19:40 ` Ronald van der Meer
0 siblings, 1 reply; 8+ messages in thread
From: Alan Evans @ 2018-01-18 21:29 UTC (permalink / raw)
To: Matthew Clancy; +Cc: Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 969 bytes --]
> and then agree that by convention, the words 'satoshi' or the
alternative word will represent the same number on the list
That convention would be the alternative to BIP0039 I am referring to.
On Thu, Jan 18, 2018 at 4:49 PM, Matthew Clancy <matthewpclancy@gmail.com>
wrote:
> I would disagree here:
>
> >But most of all:
> >7. Removing a word or changing a list *is impossible* as verification of
> an
> >existing mnemonic requires the list. To change one word, you would need to
> >provide an alternative to BIP0039 to cope with alternative words, or
> change
> >all the words to a completely new set of 2048 English words so that it is
> >clear which wordlist is in use.
>
> All that really would need to be done is select another word that is not
> on the 2048 list, and then agree that by convention, the words 'satoshi'
> or the alternative word will represent the same number on the list. It
> seems to be to be a fairly simple thing to implement.
>
>
>
[-- Attachment #2: Type: text/html, Size: 2841 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist
@ 2018-01-18 20:49 Matthew Clancy
2018-01-18 21:29 ` Alan Evans
0 siblings, 1 reply; 8+ messages in thread
From: Matthew Clancy @ 2018-01-18 20:49 UTC (permalink / raw)
To: thealanevans, bitcoin-dev
[-- Attachment #1: Type: text/plain, Size: 653 bytes --]
I would disagree here:
>But most of all:
>7. Removing a word or changing a list *is impossible* as verification of an
>existing mnemonic requires the list. To change one word, you would need to
>provide an alternative to BIP0039 to cope with alternative words, or change
>all the words to a completely new set of 2048 English words so that it is
>clear which wordlist is in use.
All that really would need to be done is select another word that is not on
the 2048 list, and then agree that by convention, the words 'satoshi' or
the alternative word will represent the same number on the list. It seems
to be to be a fairly simple thing to implement.
[-- Attachment #2: Type: text/html, Size: 1988 bytes --]
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2018-01-23 19:41 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-01-09 11:20 [bitcoin-dev] Suggestion to remove word from BIP39 English wordlist Ronald van der Meer
2018-01-18 1:07 ` Weiwu Zhang
2018-01-18 1:14 ` CryptAxe
2018-01-18 6:55 ` Jonathan Sterling
2018-01-18 19:50 ` Alan Evans
2018-01-18 20:49 Matthew Clancy
2018-01-18 21:29 ` Alan Evans
2018-01-23 19:40 ` Ronald van der Meer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox