From: GOLEM XIV <GOLEMXIVGOLEMXIVGOLEMXIV@protonmail.ch>
To: "bitcoin-dev@lists.linuxfoundation.org"
<bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] METABIP: ONE SEED STANDARD
Date: Thu, 13 Dec 2018 14:35:22 +0000 [thread overview]
Message-ID: <iQHuFn8oFceD9sIR80eSaSJHd7Wfo8AUCGFyJCG5HDE2BKKeRUs9a5_MXoWJnGgqQTPHpJIk-q0LyC5ckR3lKbYmdrpILVov6t89BbqOu6I=@protonmail.ch> (raw)
[-- Attachment #1: Type: text/plain, Size: 2554 bytes --]
From a user perspective it is desirable that, independent from software/hardware used, a seed would be the only information necessary to recover a wallet. Unfortunately, many users think that is currently the case with BIP39, while at the same time it is marked as "Unanimously discourage for implementation" in the bitcoin wiki. The situation is confusing, and a arguably a threat to users funds.
This METABIP is *not* proposing or advocating a specific format. It only claims the importance and urgency of a clear definition, remaining indifferent about the possible outcome even if it should be 'interoperability is not desired'. Its purpose is to be as synthetic and clear as possible about the characteristics of each existing format. Advantages/disadvantages categorization was explicitly avoided.
BIP39 (https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki):
- "Unanimously discouraged for implementation"
- widely implemented/supported
- weak KDF
- no version number
- no birth date
- requires a fixed word list
- extendable with pass phrases
- simple implementation
Electrum seeds (http://docs.electrum.org/en/latest/seedphrase.html):
- only supported by Electrum
- includes version number
- no birth date
- does not require a fixed word list
- extendable with pass phrases
- simple implementation
AEZeeds (https://github.com/lightningnetwork/lnd/tree/master/aezeed):
- only supported by LND
- includes version number
- includes birth date
- requires fixed word list
- pass phrase not only extends, but encrypts seed
- pass phrase can be modified
- complex implementation¹
Cypherseed(https://gist.github.com/jonasschnelli/245f35894f6ff585b3f3d33c6f208991):
Includes all aspects of AEZeeds, with the differences:
- still in draft stage
- does not use words at all, but 5char blocks
- uses MAC tags for plausible deniability
¹) AEZ is an authenticated-encryption (AE) scheme optimized for ease of correct use (“AE made EZ”). - "Easy to use, not to implement. The easiness claim for AEZ is with respect to ease and versatility of use, not implementation. Writing software for AEZ is not easy, while doing a hardware design for AEZ is far worse. From the hardware designer’s perspective, AEZ’s name might seem ironic, the name better suggesting anti-easy, the antithesis of easy, or anything-but easy!" - quoted from the original AEZ paper (http://web.cs.ucdavis.edu/~rogaway/aez/aez.pdf)
Hopefully, a tiny step towards consensus in this sensible theme.
G.
--
// there would be no flight without the dream of flying - Lem
[-- Attachment #2: Type: text/html, Size: 3696 bytes --]
reply other threads:[~2018-12-13 14:35 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='iQHuFn8oFceD9sIR80eSaSJHd7Wfo8AUCGFyJCG5HDE2BKKeRUs9a5_MXoWJnGgqQTPHpJIk-q0LyC5ckR3lKbYmdrpILVov6t89BbqOu6I=@protonmail.ch' \
--to=golemxivgolemxivgolemxiv@protonmail.ch \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox