Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WSule-0001sQ-1w for bitcoin-development@lists.sourceforge.net; Wed, 26 Mar 2014 20:49:46 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.52 as permitted sender) client-ip=209.85.219.52; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f52.google.com; Received: from mail-oa0-f52.google.com ([209.85.219.52]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WSuld-0007Y5-4d for bitcoin-development@lists.sourceforge.net; Wed, 26 Mar 2014 20:49:46 +0000 Received: by mail-oa0-f52.google.com with SMTP id l6so3197993oag.25 for ; Wed, 26 Mar 2014 13:49:39 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.60.76.38 with SMTP id h6mr195901oew.79.1395866979741; Wed, 26 Mar 2014 13:49:39 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.71.231 with HTTP; Wed, 26 Mar 2014 13:49:39 -0700 (PDT) Date: Wed, 26 Mar 2014 21:49:39 +0100 X-Google-Sender-Auth: FG4-hbQ5dz-ZiqakPflY-_tTfDI Message-ID: From: Mike Hearn To: Bitcoin Dev Content-Type: multipart/alternative; boundary=047d7b33d4fe7b398f04f5889b65 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WSuld-0007Y5-4d Subject: [Bitcoin-development] New BIP32 structure X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2014 20:49:46 -0000 --047d7b33d4fe7b398f04f5889b65 Content-Type: text/plain; charset=UTF-8 Myself, Thomas V (Electrum) and Marek (Trezor) got together to make sure our BIP32 wallet structures would be compatible - and I discovered that only I was planning to use the default structure. Because I'm hopeful that we can get a lot of interoperability between wallets with regards to importing 12-words paper wallets, we brainstormed to find a structure acceptable to everyone and ended up with: /m/cointype/reserved'/account'/change/n The extra levels require some explanation: - cointype: This is zero for Bitcoin. This is here to support two things, one is supporting alt coins based off the same root seed. Right now nobody seemed very bothered about alt coins but sometimes feature requests do come in for this. Arguably there is no need and alt coins could just use the same keys as Bitcoin, but it may help avoid confusion if they don't. More usefully, cointype can distinguish between keys intended for things like multisig outputs, e.g. for watchdog services. This means if your wallet does not know about the extra protocol layers involved in this, it can still import the "raw" money and it will just ignore/not see the keys used in more complex transactions. - reserved is for "other stuff". I actually don't recall why we ended up with this. It may have been intended to split out multisig outputs etc from cointype. Marek, Thomas? - account is for keeping essentially wallets-within-a-wallet to avoid mixing of coins. If you want that. - change is 0 for receiving addresses, 1 for change addresses. - n is the actual key index For bitcoinj we're targeting a deliberately limited feature set for hdw v1 so I would just set the first three values all to zero and that is a perfectly fine way to be compatible. The goal here is that the same seed can be written down once, and meet all the users needs, whilst still allowing some drift between what wallets support. Pieter made the I think valid point that you can't really encode how keys are meant to be used into just an HDW hierarchy and normally you'd need some metadata as well. However, I feel interop between wallets is more important than arriving at the most perfect possible arrangement, which feels a little like bikeshedding, so I'm happy to just go with the flow on this one. --047d7b33d4fe7b398f04f5889b65 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Myself, Thomas V (Electrum) and Marek (Trezor) got togethe= r to make sure our BIP32 wallet structures would be compatible - and I disc= overed that only I was planning to use the default structure.

Because I'm hopeful that we can get a lot of interoperability betw= een wallets with regards to importing 12-words paper wallets, we brainstorm= ed to find a structure acceptable to everyone and ended up with:

= =C2=A0 /m/cointype/reserved'/account'/change/n

The extra levels require some explanation:
  • cointype: =C2=A0This is zero for Bitcoin. This= is here to support two things, one is supporting alt coins based off the s= ame root seed. Right now nobody seemed very bothered about alt coins but so= metimes feature requests do come in for this. Arguably there is no need and= alt coins could just use the same keys as Bitcoin, but it may help avoid c= onfusion if they don't.

    More usefully, cointype can distinguish between keys intended for thing= s like multisig outputs, e.g. for watchdog services. This means if your wal= let does not know about the extra protocol layers involved in this, it can = still import the "raw" money and it will just ignore/not see the = keys used in more complex transactions.

  • reserved is for "= other stuff". I actually don't recall why we ended up with this. I= t may have been intended to split out multisig outputs etc from cointype. M= arek, Thomas?

  • account is for keeping= essentially wallets-within-a-wallet to avoid mixing of coins. If you want = that.

  • change is 0 f= or receiving addresses, 1 for change addresses.

  • n is the actual key in= dex
For bitcoinj we&#= 39;re targeting a deliberately limited feature set for hdw v1 so I would ju= st set the first three values all to zero and that is a perfectly fine way = to be compatible.

The goal here is that the same seed can be written = down once, and meet all the users needs, whilst still allowing some drift b= etween what wallets support.

Pieter made the I think valid point that you can't re= ally encode how keys are meant to be used into just an HDW hierarchy and no= rmally you'd need some metadata as well. However, I feel interop betwee= n wallets is more important than arriving at the most perfect possible arra= ngement, which feels a little like bikeshedding, so I'm happy to just g= o with the flow on this one.

--047d7b33d4fe7b398f04f5889b65--