Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto, rpc: poc mnemonics #2739

Draft
wants to merge 6 commits into
base: development
Choose a base branch
from

Conversation

div72
Copy link
Member

@div72 div72 commented Feb 17, 2024

Other Seed Phrase Schemes

BIP39

  • Variable phrase length (12-24 words, 128-256bit entropy)
  • 4-8 bit checksum (breaks wordlist independence)
  • Unversioned
  • Existing HD master keys cannot be used, new wallet must be generated

Electrum

  • Variable phrase length (12 words, 135bit entropy by default)
  • Versioned(derived from the first 4 + 4n bits of HMACSHA512(seed phrase)), also used as a checksum (8 + 4n bits)
  • Wordlist independent
  • Existing HD master keys cannot be used, new wallet must be generated

aezeed

  • Constant phrase length (24 words, 128bit entropy)
  • Double-versioned, 8bit for the external version (determines how to decode) & 8 bits for the internal version (determines how to derive the keys)
  • 64bit checksum
  • 40bit salt for the password
  • 16bit wallet birthday (in days) for faster seed imports
  • Requires a niche scheme called aez
  • Existing HD master keys cannot be used, new wallet must be generated

This currently

  • Constant phrase length (32 words, 128bit entropy)
  • Double-versioned, 8bit for the external version (determines how to decode) & 8 bits for the internal version (determines how to derive the keys)
  • 128bit checksum
  • 64bit salt for the password
  • 16bit wallet birthday (in days) for faster seed imports
  • Existing HD master keys cannot be used, new wallet must be generated

@jamescowens
Copy link
Member

I like this. What are your thoughts on the +/- of this versus a BIP39 implementation? I don't think it matters, because the keys are not portable across chains anyway...

@div72
Copy link
Member Author

div72 commented Sep 2, 2024

@jamescowens A bit late, but I updated the PR description with data from BIP39, Electrum's seed system and aezeed(lightning's seed system).

I like the properties of aezeed, but a major downside of it is that it uses aez which is a pretty niche scheme. I basically replaced it with ChaCha20Poly1305 but that's more heavy storage-wise.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants