From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Tue, 14 May 2024 05:14:42 -0700 Received: from mail-qt1-f190.google.com ([209.85.160.190]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1s6r3K-0000li-3A for bitcoindev@gnusha.org; Tue, 14 May 2024 05:14:42 -0700 Received: by mail-qt1-f190.google.com with SMTP id d75a77b69052e-43e1af4fbc4sf22942041cf.3 for ; Tue, 14 May 2024 05:14:41 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715688875; cv=pass; d=google.com; s=arc-20160816; b=WukfvvNct3idIRmEhfc53MjuP28TnWoCltMg0DAQeNG5nkr2WDCoHIUyGeXOxLtIA0 uQyHyE8HMbU4gED4E5pM6K4Mpi8QzTVMDLp0tlcT0BwihV1lNM/8dtwGZmoGjUogOV51 V6Q4WjyS+jMeAlgRpwruIcRHlbena9Bpzw6OJqmxlk46dxl+ls+Q6rPA7Sc+DGJBgNbN aba7SKF4oCdmYNbXI6MIa0BQ7/IxlyLsZhjWpmjyoUyCSl6gA5MicYZ30hqjElRqPCmd D2ozzXyw7BuUJRKezvlVxiyIBAMVBua6lsRo14orDizEi4u9eavIBr5Vp+uLtI0jB5PV 83AQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:mime-version:feedback-id :references:in-reply-to:message-id:subject:cc:from:to:date :dkim-signature; bh=c62ao5iayeRqwiU17Fv5EOskP8YLxMZIwdkIq9ENMTM=; fh=p8+UdjnNalO0hbHyoGCPCktKlxwpjRQ9VX2w/tQzAho=; b=eVqXJdZr4G4yv0ikFss+b2AjKp9vs2DpR/5u1GGL7eQF4JYKbWh2G3/+Rom76qAzk7 u/OIJTAa3tJjZmo+itm4yo82eZIJqiEbYz7f5ekMQ8HCUskG3mSiMAeW1HDob/GR267Q Ze/WFrh+11/asm82oyEXJEb0ZdnYid0nuC0YSX7gKVYS6RJpwx2tiZqU3/T2hfTIOMgs LgSQEwY7IsQ+udPsA844dtZv3e6FbH1SlGJ0R1V4OoOwR6QBmYZEsVXmBqU5Jt/MfIVU E1TLeWe+3zMKXx9VdlpJ5j6BVJtiP130eCkRJFtNRqtf0INCA39RRrfeS0ZVECLPlYNF cxKg==; darn=gnusha.org ARC-Authentication-Results: i=2; gmr-mx.google.com; dkim=pass header.i=@proton.me header.s=protonmail header.b=m0Ff0IYe; spf=pass (google.com: domain of ganrama@proton.me designates 185.70.40.141 as permitted sender) smtp.mailfrom=ganrama@proton.me; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=proton.me DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1715688875; x=1716293675; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :feedback-id:references:in-reply-to:message-id:subject:cc:from:to :date:from:to:cc:subject:date:message-id:reply-to; bh=c62ao5iayeRqwiU17Fv5EOskP8YLxMZIwdkIq9ENMTM=; b=CVigSizO5FVexxG1SyuvAuDGR7esL1aoFbbCOFXhbEGdWyToLOYw1jiP6xGSE0k53a hVZ55A6tykyYMgsOiT0XVK2AHIZhffziSNhFlNTBhDZTB3Q90JjTk/W0TFTPmkZ8N5jP 4fmsg9XbZDIOqudbNeeG9gzRQTszgO8Kl+qUE5Ru0p6xFrS/2IhdKg5vPYBFTJN3/Xne y8OgEw5JwBp3E8ZoPcUNn7teVaB8r0ikyps75I2yI6gACThqcSI2MNTDADnEKzGrBA4R lKIMzFb2haCB5QjkBuRpgQEQcgFCrccte8HuFCjVTrzEYnxSpyABv053Yvh7XV/U/LMy vTaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715688875; x=1716293675; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to :x-original-authentication-results:x-original-sender:mime-version :feedback-id:references:in-reply-to:message-id:subject:cc:from:to :date:x-beenthere:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=c62ao5iayeRqwiU17Fv5EOskP8YLxMZIwdkIq9ENMTM=; b=nIh2IRzmalc/QTxEKYYRMAP62q0kzxLzjH3hilprkc1hwOwuwGsQdUlxV+EIvWo+nd 5EcdgqU9N+rUwwBrfANmcJOwmxDssdl39a83UlFyqFN6k6jmWVUQAm54rxGyAgniAdeC qadwRjDLxlUFfYY3ldXcvPSZlUrZlcrGjiGtHtvHrLuChvWA2CgYF2YDkrpj3Izsuxhl /1JyexN1iJeRLYGzRmY5C536Qy/ZHtVn5eJ/cMznnkS6MDJ577J/mBaTelwrY3/Hv/vp BZHgoI5W8i9K1E6Cl8ppCzdR9BV7LIu45FL2SNnZIOidN389efK1kheMSp3YEBQ0LJER 9HQQ== X-Forwarded-Encrypted: i=2; AJvYcCV/BAwyWu1i9JCOsiH7WkkhPaQEMzrXYe/O3+05DslHjsp/6iOXtJWAGH+xYQqsAlmnCoFTpUMDMxAjklSLHiakKV/83sc= X-Gm-Message-State: AOJu0Yz8JaEKI1jQ5E0nrlIaAcfIrnUSIGTryZr7w1/gzPHPaMK2xWC5 OzmQCWYl77GZ4c97DI7n7/6iDOKC37GF9jGNcV70r1cXerCeZTV8 X-Google-Smtp-Source: AGHT+IGtRy847fkyaQuGYd2Qp4WKak8VVz4tkVkzxfwXueGZFJDYyUgt5ftDqMJh3q8EWccN5UdrlQ== X-Received: by 2002:a05:6214:3389:b0:6a3:5327:4888 with SMTP id 6a1803df08f44-6a3532753c3mr1102106d6.29.1715688875545; Tue, 14 May 2024 05:14:35 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6214:19c4:b0:6a0:9d11:3b1b with SMTP id 6a1803df08f44-6a15d44fe69ls66622636d6.2.-pod-prod-05-us; Tue, 14 May 2024 05:14:34 -0700 (PDT) X-Received: by 2002:a05:620a:3909:b0:792:c361:c2d with SMTP id af79cd13be357-792c757f213mr16172885a.5.1715688874310; Tue, 14 May 2024 05:14:34 -0700 (PDT) Received: by 2002:a05:620a:190f:b0:790:ee24:5a3f with SMTP id af79cd13be357-792bcb6ec4ems85a; Tue, 14 May 2024 05:03:54 -0700 (PDT) X-Received: by 2002:a05:6512:ba7:b0:51b:efc:df39 with SMTP id 2adb3069b0e04-5220e373733mr4635005e87.10.1715688232370; Tue, 14 May 2024 05:03:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1715688232; cv=none; d=google.com; s=arc-20160816; b=T3kWDgi49CWWd8vym8IcmeHe6HE/NR0SHbDyJ5kpRqBR5EGQGjRWyCWbkAg1Srz1cj CjY3X2aFmnGOoKyoH7pUvnsx6EVU1wCzKtQgP0TjNlOOILhSUSFsCrwv/O8XvXwba1ZD ZJHsg1qyLe3udsL2K2w7tBhPE/xcBeeFSRtDPIM0Gxai5LAGt3JyCFOvReMW8FcSOQsh 5mbsAC5tVOLzvOvB+/LU5obZA0WpJ4piU8qQlRRI+2J06xGs5KBEGOd8H3cEhfgnKgkp nQpw0Ft7ObxWcvKONPk6KRXR5N6qdDlp7ja2BPoRKULqqNpG43h+DexbOv5C9lDzKfcO LgVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:feedback-id:references :in-reply-to:message-id:subject:cc:from:to:date:dkim-signature; bh=nCVpExP7zRz5aI39xBeqNcxpEbW7OLIAYKN0/eJUg04=; fh=OfJO9UbfJJMWyNfR6ZYY8yzp2YD4Z+A+tUdE5xF3F34=; b=KAqElpKl4j54ekaUbOfGeoc/fUZAvlPMyt7is/1trXFKoiOATxcT/133xr4VcHPstZ 62MW4/NUcYaRlLiHv8Pe6zVZV5GtVQsMlpDO/TVOHpIt88fxbdGrosJGyK9kDPmHVFD4 9r1TQYVny9igsXqzj+dPIWkSfQAK1ZTqv3KcftETq1cMG3MXXJEaBRtTvzEaIw6MqrhM BHdxrjb13wVD45YLSNU1Kg67oyfOhP3CqoVfS7fkVAwYz1NPZFeb8024GXhwwLNwH5di IVWdn12W5sJGU0pYeklvAzWYoCzn9MtNa3KvrrXI4+aNfobwX/8H7fycSw1KXc/VdAr6 6Oyg==; dara=google.com ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@proton.me header.s=protonmail header.b=m0Ff0IYe; spf=pass (google.com: domain of ganrama@proton.me designates 185.70.40.141 as permitted sender) smtp.mailfrom=ganrama@proton.me; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=proton.me Received: from mail-40141.protonmail.ch (mail-40141.protonmail.ch. [185.70.40.141]) by gmr-mx.google.com with ESMTPS id 2adb3069b0e04-521f318b27esi358221e87.0.2024.05.14.05.03.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 May 2024 05:03:52 -0700 (PDT) Received-SPF: pass (google.com: domain of ganrama@proton.me designates 185.70.40.141 as permitted sender) client-ip=185.70.40.141; Date: Tue, 14 May 2024 12:03:45 +0000 To: Andrew Poelstra From: "'Rama Gan' via Bitcoin Development Mailing List" Cc: "bitcoindev@googlegroups.com" Subject: Re: [bitcoindev] Penlock, a paper-computer for secret-splitting BIP39 seed phrases Message-ID: In-Reply-To: References: <9bt6npqSdpuYOcaDySZDvBOwXVq_v70FBnIseMT6AXNZ4V9HylyubEaGU0S8K5TMckXTcUqQIv-FN-QLIZjj8hJbzfB9ja9S8gxKTaQ2FfM=@proton.me> Feedback-ID: 79991369:user:proton X-Pm-Message-ID: 9dccff905bbf9fddd7943a760940face9bfcf251 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Original-Sender: ganrama@proton.me X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@proton.me header.s=protonmail header.b=m0Ff0IYe; spf=pass (google.com: domain of ganrama@proton.me designates 185.70.40.141 as permitted sender) smtp.mailfrom=ganrama@proton.me; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=proton.me X-Original-From: Rama Gan Reply-To: Rama Gan Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -1.0 (-) Hello Andrew, Thank you for sharing your thoughts. I think I fixed the biggest compatibility issues. Most browsers should now display the documents correctly, but there still are issues when using the "Print to PDF" feature. Chromium, Brave and Firefox do it well. With qutebrowser 5.x and 6.x, I get weirdly pixelated results and the wrong page margins. I'm not sure yet if it is something that I can fix, or how it will look when actually printing; I'll investigate further as soon as I can. - The "Generate a Seed Phrase" guide is useful for initializing a new hardware wallet that only supports BIP39. The guide and the worksheet only support the 12-word variant, because as you said grinding for the checksum is otherwise tedious. I guess I should add an explainer for that. I also expect that most Penlock users will already have a seed phrase and that's why I didn't mention this feature in the presentation. - About seedxor: I am not familiar with it, but it looks like something I'd want to dig in. About BIP39->binary conversion: even double-checking can't fully guarantee its correctness, so it can lead to dramatic failures. - About GF(27) being non-standard: the documents for analog computations will remain valid and available, so it's not like a software implementation that requires routine maintenance or might be discontinued. - Penlock implements arithmetic operations differently than Codex32. Additions and subtractions are implemented with a slider-wheel (only possible with GF(P)); Multiplications and "divisions" are done with volvelles. There is indeed a risk of using the slider-wheel in the wrong direction, and this is mitigated by 2-of-N not using additions at all. - An experienced user can compute a 12-words checksum in 4mins, and verify its correctness in 3 mins. Checksumming 24-word is quite doable, but then the difficulty comes with the shares derivation part that takes close to an hour and feels really tedious (again, for 24 words). For reference, an experienced user can secret-split a 12-words sentence in 45 minutes. A 24-words sentence will more than double that due to getting tired and losing focus. - The 2-of-(N<=26) case is handled with a variant of Shamir's algorithm that can be fully implemented in a single wheel. I'm about to post a presentation that will go into more details about that. For (K>=3)-of-M cases there's indeed a recovery wheel, plus a volvelle that does translation+fusion on the same side (see: https://beta.penlock.io/kofm-wheels.html). Best regards, Rama Gan -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/GqYxqTBUgHl6yq1UAaOc2O9Ea4-5yKnM-jGZzGaKC19c-k3KcUN_Bo2e7XPYUrNaX3NMJC0tCMudgSl0_l1BCRUz4DIYBR1ecL2ifopzs98%3D%40proton.me.