Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.219.49 as permitted sender)
	client-ip=209.85.219.49; envelope-from=mh.in.england@gmail.com;
	helo=mail-oa0-f49.google.com; 
MIME-Version: 1.0
Sender: mh.in.england@gmail.com
In-Reply-To: <CAPg+sBj68d5ZBDZ4uWvQYHMeq=bwTCaMNbwxfWGVL5MPh=7g2g@mail.gmail.com>
References: <CANEZrP2hbBVGqytmXR1rAcVama4ONnR586Se-Ch=dsxOzy2O4w@mail.gmail.com>
	<CAE-z3OUMp_uO07+_R_x2yRLbSCzK1J5isbVUYEY3KF4Tx16K2Q@mail.gmail.com>
	<53581480.5060103@gk2.sk> <201404231944.14256.luke@dashjr.org>
	<5358B51F.8010202@gmx.de>
	<CAPg+sBj68d5ZBDZ4uWvQYHMeq=bwTCaMNbwxfWGVL5MPh=7g2g@mail.gmail.com>
Date: Thu, 24 Apr 2014 10:09:26 +0200
Message-ID: <CANEZrP19rdDmsCM17-GADyWajxXy8_AeBY-6et0nzG_EMXe2jg@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Pieter Wuille <pieter.wuille@gmail.com>
Content-Type: multipart/alternative; boundary=001a113356c624e6ee04f7c55ea6
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] New BIP32 structure
Precedence: list

--001a113356c624e6ee04f7c55ea6
Content-Type: text/plain; charset=UTF-8

Right. So part of this is my fault, I'm afraid, because I do not intend to
implement any kind of subwallet/account support in bitcoinj. My reasons are:

   1. The bitcoinj API already lets you create and use multiple wallets.
   What's more, because of the desire to do key rotation (think rotating a
   previously unencrypted wallet to an encrypted one that is stored on SSD's
   that cannot reliably erase data), a bitcoinj wallet can actually contain
   multiple BIP32 seeds and hierarchies at once, although only the last one
   will be used for vending addresses. So adding subwallet support onto this
   makes it even more complicated.

   2. If there was a much better user experience to be enabled by this, it
   may be worth it, but I believe many people will find subwallets rather
   confusing. They don't match the analogy of bank accounts in several ways.
   For instance, transferring money across them leaks private data and costs
   miners fees, neither of which are true with banks.

   Also it differs in a more important way. People have different bank
   accounts because those accounts implement different policies. Current
   accounts may pay a lower interest rate than savings accounts, but have
   different features, and accounts can be used as security boundaries i.e. no
   card withdrawals from savings. But "subwallets" are not like this. The only
   justification for their existence is to avoid outputs being merged together
   to make payments - a subtle technical detail of the protocol that users are
   ill equipped to understand. If someone asked me "why should I create a
   second account" I would be unable to give them a satisfying answer without
   first teaching them about how the Bitcoin protocol works and the privacy
   implications of that, which is practically a lecture sized topic.

   3. MultiBit did support multiple wallets for a long time (just by
   creating multiple wallet files and using the support in bitcoinj for
   running them in parallel), but they decided to remove this feature in
   MultiBit HD because it caused support headaches. People would stash money
   in one wallet or the other, close the wallet and then forget and think they
   had lost it, etc. It may be that TREZOR type subwallets don't suffer this
   confusion because they can't be moved around or "closed" in the same way a
   file can be, but still, this is a data point against multiple simultaneous
   wallets. At least for products targeting entry level consumers.

Whilst I can well believe there are TREZOR users who are asking for this
feature today, currently the costs feel a bit higher than the benefits.

It would be rather nice to be able to type in a mnemonic code that myTREZOR
was initialised with and duplicate that wallet into a bitcoinj based wallet
app. But if I have to implement subwallets and expose this in the API, and
if all wallet authors that want to be able to share a wallet with myTREZOR
have to expose subwallets in their GUIs too, even though the concept may
prove confusing and hard to explain, then it might be more tempting to just
tell users that want to switch wallet apps to send the money via the block
chain instead.


On Thu, Apr 24, 2014 at 9:10 AM, Pieter Wuille <pieter.wuille@gmail.com>wrote:

> On Thu, Apr 24, 2014 at 8:54 AM, Thomas Voegtlin <thomasv1@gmx.de> wrote:
> >> Why do clients need to use the features in BIP 64? If Electrum doesn't
> want to
> >> use accounts, [...]
> >
> > To clarify:
> > Electrum plans to have bip32 accounts; Multibit will not, afaik.
>
> To clarify:
> BIP64 has a much stricter definition for accounts than BIP32.
>
> In BIP32, it is not well specified what accounts are used for. They
> can be used for "subwallets", "receive accounts" (as in bitcoind's
> account feature), "recurring payments", part of a chain used as
> multisig addresses, ... determined individually for each index.
>
> In BIP64, they are strictly used for subwallets, and can't be used by
> anything else.
>
> --
> Pieter
>
>
> ------------------------------------------------------------------------------
> Start Your Social Network Today - Download eXo Platform
> Build your Enterprise Intranet with eXo Platform Software
> Java Based Open Source Intranet - Social, Extensible, Cloud Ready
> Get Started Now And Turn Your Intranet Into A Collaboration Platform
> http://p.sf.net/sfu/ExoPlatform
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>

--001a113356c624e6ee04f7c55ea6
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Right. So part of this is my fault, I&#39;m afraid, becaus=
e I do not intend to implement any kind of subwallet/account support in bit=
coinj. My reasons are:<div><ol><li>The bitcoinj API already lets you create=
 and use multiple wallets. What&#39;s more, because of the desire to do key=
 rotation (think rotating a previously unencrypted wallet to an encrypted o=
ne that is stored on SSD&#39;s that cannot reliably erase data), a bitcoinj=
 wallet can actually contain multiple BIP32 seeds and hierarchies at once, =
although only the last one will be used for vending addresses. So adding su=
bwallet support onto this makes it even more complicated.<br>
<br></li><li>If there was a much better user experience to be enabled by th=
is, it may be worth it, but I believe many people will find subwallets rath=
er confusing. They don&#39;t match the analogy of bank accounts in several =
ways. For instance, transferring money across them leaks private data and c=
osts miners fees, neither of which are true with banks.=C2=A0<br>
<br>Also it differs in a more important way. People have different bank acc=
ounts because those accounts implement different policies. Current accounts=
 may pay a lower interest rate than savings accounts, but have different fe=
atures, and accounts can be used as security boundaries i.e. no card withdr=
awals from savings. But &quot;subwallets&quot; are not like this. The only =
justification for their existence is to avoid outputs being merged together=
 to make payments - a subtle technical detail of the protocol that users ar=
e ill equipped to understand. If someone asked me &quot;why should I create=
 a second account&quot; I would be unable to give them a satisfying answer =
without first teaching them about how the Bitcoin protocol works and the pr=
ivacy implications of that, which is practically a lecture sized topic.<br>
<br></li><li>MultiBit did support multiple wallets for a long time (just by=
 creating multiple wallet files and using the support in bitcoinj for runni=
ng them in parallel), but they decided to remove this feature in MultiBit H=
D because it caused support headaches. People would stash money in one wall=
et or the other, close the wallet and then forget and think they had lost i=
t, etc. It may be that TREZOR type subwallets don&#39;t suffer this confusi=
on because they can&#39;t be moved around or &quot;closed&quot; in the same=
 way a file can be, but still, this is a data point against multiple simult=
aneous wallets. At least for products targeting entry level consumers.</li>
</ol><div>Whilst I can well believe there are TREZOR users who are asking f=
or this feature today, currently the costs feel a bit higher than the benef=
its.</div></div><div><br></div><div>It would be rather nice to be able to t=
ype in a mnemonic code that myTREZOR was initialised with and duplicate tha=
t wallet into a bitcoinj based wallet app. But if I have to implement subwa=
llets and expose this in the API, and if all wallet authors that want to be=
 able to share a wallet with myTREZOR have to expose subwallets in their GU=
Is too, even though the concept may prove confusing and hard to explain, th=
en it might be more tempting to just tell users that want to switch wallet =
apps to send the money via the block chain instead.</div>
<div><br></div><div><br></div></div><div class=3D"gmail_extra"><br><br><div=
 class=3D"gmail_quote">On Thu, Apr 24, 2014 at 9:10 AM, Pieter Wuille <span=
 dir=3D"ltr">&lt;<a href=3D"mailto:pieter.wuille@gmail.com" target=3D"_blan=
k">pieter.wuille@gmail.com</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"">On Thu, Apr 24, 2014 at 8:54=
 AM, Thomas Voegtlin &lt;<a href=3D"mailto:thomasv1@gmx.de">thomasv1@gmx.de=
</a>&gt; wrote:<br>

&gt;&gt; Why do clients need to use the features in BIP 64? If Electrum doe=
sn&#39;t want to<br>
&gt;&gt; use accounts, [...]<br>
&gt;<br>
&gt; To clarify:<br>
&gt; Electrum plans to have bip32 accounts; Multibit will not, afaik.<br>
<br>
</div>To clarify:<br>
BIP64 has a much stricter definition for accounts than BIP32.<br>
<br>
In BIP32, it is not well specified what accounts are used for. They<br>
can be used for &quot;subwallets&quot;, &quot;receive accounts&quot; (as in=
 bitcoind&#39;s<br>
account feature), &quot;recurring payments&quot;, part of a chain used as<b=
r>
multisig addresses, ... determined individually for each index.<br>
<br>
In BIP64, they are strictly used for subwallets, and can&#39;t be used by<b=
r>
anything else.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
Pieter<br>
</font></span><div class=3D"HOEnZb"><div class=3D"h5"><br>
---------------------------------------------------------------------------=
---<br>
Start Your Social Network Today - Download eXo Platform<br>
Build your Enterprise Intranet with eXo Platform Software<br>
Java Based Open Source Intranet - Social, Extensible, Cloud Ready<br>
Get Started Now And Turn Your Intranet Into A Collaboration Platform<br>
<a href=3D"http://p.sf.net/sfu/ExoPlatform" target=3D"_blank">http://p.sf.n=
et/sfu/ExoPlatform</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div></div></blockquote></div><br></div>

--001a113356c624e6ee04f7c55ea6--