1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
|
Return-Path: <keagan.mcclelland@gmail.com>
Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])
by lists.linuxfoundation.org (Postfix) with ESMTP id C828AC002A
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 19 May 2023 21:25:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp1.osuosl.org (Postfix) with ESMTP id A996182F49
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 19 May 2023 21:25:01 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org A996182F49
Authentication-Results: smtp1.osuosl.org;
dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
header.a=rsa-sha256 header.s=20221208 header.b=o9zyIJ/V
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -0.199
X-Spam-Level:
X-Spam-Status: No, score=-0.199 tagged_above=-999 required=5
tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from smtp1.osuosl.org ([127.0.0.1])
by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id be8eUBNa0LuZ
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 19 May 2023 21:24:59 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 4ACA781FF6
Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com
[IPv6:2a00:1450:4864:20::436])
by smtp1.osuosl.org (Postfix) with ESMTPS id 4ACA781FF6
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 19 May 2023 21:24:59 +0000 (UTC)
Received: by mail-wr1-x436.google.com with SMTP id
ffacd0b85a97d-30644c18072so2461720f8f.2
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 19 May 2023 14:24:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20221208; t=1684531497; x=1687123497;
h=to:subject:message-id:date:from:in-reply-to:references:mime-version
:from:to:cc:subject:date:message-id:reply-to;
bh=MiXTuAvBXNV4JDHIRvLGw5g3ALLj9ARXfm03A0bV93g=;
b=o9zyIJ/VNY4WUYM0srOq0V0LJba7J1GwkXMLTQvtlNsZjIxAYMdEKV1v8LD17BQdrW
7A1LijWyBdek9OLN7yepkTSg3mEIDxaovvCrLSmmk5fCx8IoIg1CNjy4fdZh1OELXdAh
IFQ2HITdtM8MHICRf5pHnvaUfXatZP7CiDkZMIk35dvhOLMOGmahqqErFGImsjevCzhn
nuSC8NI8IKU4npSlpCipK44Bdd8i1b7/xWjERIonINpK+O3gd6p5cqYB2fFSVQ0IpxYw
USg+8cufYexLYtzS5gFsalfdUsBfjL+lusA3SFKfszbmIWRnMje8SiFACxz0AcBL0Y2D
sAQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20221208; t=1684531497; x=1687123497;
h=to:subject:message-id:date:from:in-reply-to:references:mime-version
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=MiXTuAvBXNV4JDHIRvLGw5g3ALLj9ARXfm03A0bV93g=;
b=XTiUDGxrcRkVRmw/r0cbXRUaiU/a14hATtUNzdUlGDCpxsQqJ0AFTAz5pA42wtA3vm
WD6V/ZOTIznFAK39TTRuQSxTz2QF4/EQjFpwwRk398e1/fonqlzmIOxtedw6RYQdA7p9
mNIfczCSOZumRQu9TFdOyN8ItUzRCKeKCxaPpmT3hsM/nCYQYPYnUika7EECqD23KMWL
B2RXXhPTANsSQJfKX/CytbGSpWNNC+OkX9E91Dlp4dLMxNiT9IY6twej744QvdSDy1sR
QE+uqkKrFawgA97dpzkNMOLtgUUGgz9SG9XBxFFEmk9gnpgdEO6aBKy3X5toYiFp53r+
cXxQ==
X-Gm-Message-State: AC+VfDys7QiU/PEfz6u5umgt6MaoRZwutit2oz8xMxAD7AQI26bh7wY+
oClSdEgmp3La+Ly5qAJ4W4KBMlcdBBGAhKPiPnA=
X-Google-Smtp-Source: ACHHUZ66BfyFqOJuec5WKUd99KO1wQFD3LhTD8rd41wxZL0cwH044LtqGoz2AeLrln6ERc1VXnkGxV45MDRa2D6BOgc=
X-Received: by 2002:a5d:490b:0:b0:306:32fa:6737 with SMTP id
x11-20020a5d490b000000b0030632fa6737mr2588610wrq.8.1684531496886; Fri, 19 May
2023 14:24:56 -0700 (PDT)
MIME-Version: 1.0
References: <jQqInjh7VTC5byefTzENidJjigvRqf5Y7UvbrWjKPJykvhdlLETeglGE3zoAiVAxUyAXU8uWHsHEjJ0MHqqPTy4prgaIhgMyIrD9c6ZUuE0=@pm.me>
In-Reply-To: <jQqInjh7VTC5byefTzENidJjigvRqf5Y7UvbrWjKPJykvhdlLETeglGE3zoAiVAxUyAXU8uWHsHEjJ0MHqqPTy4prgaIhgMyIrD9c6ZUuE0=@pm.me>
From: Keagan McClelland <keagan.mcclelland@gmail.com>
Date: Fri, 19 May 2023 15:24:45 -0600
Message-ID: <CALeFGL3ywc3YiZ-JnaShGPyaKRjDyG4gs7N3SiV4OJudFAwYcg@mail.gmail.com>
To: yurisvb@pm.me,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="0000000000007c257405fc128d93"
X-Mailman-Approved-At: Fri, 19 May 2023 23:23:50 +0000
Subject: Re: [bitcoin-dev] Formosa --- proposed improvement upon BIP39
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2023 21:25:01 -0000
--0000000000007c257405fc128d93
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Good day Yuri,
This is a very cool idea. After reviewing the repository it seems that
there lacks a BIP style specification for this, so it is possible that some
of my takeaways may not be correct but I figured I'd comment with some
observations anyway. Feel free to correct me where I've made a mistake.
I think to make an idea like this work it would be necessary for it to
"extend" BIP39 rather than "replace" it. What I mean by this is that BIP39
is heavily entrenched in the ecosystem and so in order for you to sidestep
the need to get everyone in the ecosystem to adopt a new standard, you'd
want this process to be able to output a standard BIP39 seed sequence. This
becomes even more important when you allow these different "themes" that
are mentioned later in the document. The notion of themes practically
precludes the standardization of the technique since customization really
is the antithesis of standardization.
The largest value proposition of these schemes is that it allows
significant wallet interoperability. This is achieved if process for
translating these phrases to the underlying wallet seed is deterministic.
Themes may prove to make this harder to solve. I also do not believe that
themes meaningfully increase the ability to remember the phrase: the fact
that the phrase has a valid semantic at all is a massive step up from an
undifferentiated sequence of words that is the current state of BIP39. The
benefits afforded by the themes here are little by comparison.
Overall, I think exploring this idea further is a good idea. However, there
may be concerns about whether the increased memorability is a good thing.
It would certainly make $5 wrench attacks more viable, not less. I can't
help but ask myself the question whether more Bitcoin is lost because of
seed phrases not being memorized, or because of social engineering
exercises used to scrape these phrases from the brains of users. I have a
hunch that loss is a larger problem than theft, but it is a very real
possibility that a wide deployment of this type of tech could change that.
Stay Inspired,
Keags
On Tue, May 2, 2023 at 6:05=E2=80=AFAM Yuri S VB via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Dear colleagues,
>
> The following is a password format that improves upon BIP39 by allowing
> meaningful, themed sentences with a regular grammatical structure instead
> of semantically disconnected words, while keeping the same entropy/checks=
um
> and total bits/non-repeating leading digits ratios (of 32/1 and 11/4
> respectively).
>
> https://github.com/Yuri-SVB/formosa
>
> Anecdotal experiments suggest that less than one hour of moderate
> concentration is enough for long term memorization of 128 + 4 bits
> (equivalent to the 12 words standard of BIP39) if a theme of interest is
> employed.
>
> I hereby offer it to your scrutiny as a Bitcoin Improvement Proposal.
> Please don't hesitate to ask whatever issue about the project there might
> be.
>
> Faithfully yours, Yuri S VB.
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--0000000000007c257405fc128d93
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div>Good day Yuri,</div><div><br></div>This is a very coo=
l idea. After reviewing the repository it seems that there lacks a BIP styl=
e specification for this, so it is possible that some of my takeaways may n=
ot be correct but I figured I'd comment with some observations anyway. =
Feel free to correct me where I've made a mistake.<div><br></div><div>I=
think to make an idea like this work it would be necessary for it to "=
;extend" BIP39 rather than "replace" it. What I mean by this=
is that BIP39 is heavily entrenched in the ecosystem and so in order for y=
ou to sidestep the need to get everyone in the ecosystem to adopt a new sta=
ndard, you'd want this process to be able to output a standard BIP39 se=
ed sequence. This becomes even more important when you allow these differen=
t "themes" that are mentioned later in the document. The notion o=
f themes practically precludes the standardization of the technique since c=
ustomization really is the antithesis of standardization.</div><div><br></d=
iv><div>The largest value proposition of these schemes is that it allows si=
gnificant wallet interoperability. This is achieved if process for translat=
ing these phrases to the underlying wallet seed is deterministic. Themes ma=
y prove to make this harder to solve. I also do not believe that themes mea=
ningfully increase the ability to remember the phrase: the fact that the ph=
rase has a valid semantic at all is a massive step up from an undifferentia=
ted sequence of words that is the current state of BIP39. The benefits affo=
rded by the themes here are little by comparison.</div><div><br></div><div>=
Overall, I think exploring this idea further is a good idea. However, there=
may be concerns about whether the increased memorability is a good thing. =
It would certainly make $5 wrench attacks more viable, not less. I can'=
t help but ask myself the question whether more Bitcoin is lost because of =
seed phrases not being memorized, or because of social engineering exercise=
s used to scrape these phrases from the brains of users. I have a hunch tha=
t loss is a larger problem than theft, but it is a very real possibility th=
at a wide deployment of this type of tech could change that.</div><div><br>=
</div><div>Stay Inspired,</div><div>Keags</div></div><br><div class=3D"gmai=
l_quote"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, May 2, 2023 at 6:05=
=E2=80=AFAM Yuri S VB via bitcoin-dev <<a href=3D"mailto:bitcoin-dev@lis=
ts.linuxfoundation.org">bitcoin-dev@lists.linuxfoundation.org</a>> wrote=
:<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.=
8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div style=3D"=
font-family:Arial,sans-serif;font-size:14px"><span style=3D"line-height:1.5=
">Dear colleagues,</span><div style=3D"line-height:1.5"><br></div><div styl=
e=3D"line-height:1.5"><div><div><span>The following is a password format th=
at improves upon BIP39 by allowing meaningful, themed sentences with a regu=
lar grammatical structure instead of semantically disconnected words, while=
keeping the same entropy/checksum and total bits/non-repeating leading dig=
its ratios (of 32/1 and 11/4 respectively).<br><br><span><a href=3D"https:/=
/github.com/Yuri-SVB/formosa" rel=3D"noreferrer nofollow noopener" style=3D=
"text-decoration:underline" target=3D"_blank">https://github.com/Yuri-SVB/f=
ormosa</a></span><br><br>Anecdotal experiments suggest that less than one h=
our of moderate concentration is enough for long term memorization of 128 +=
4 bits (equivalent to the 12 words standard of BIP39) if a theme of intere=
st is employed.<br><br>I hereby offer it to your scrutiny as a Bitcoin Impr=
ovement Proposal. Please don't hesitate to ask whatever issue about the=
project there might be.<br><br>Faithfully yours, Yuri S VB.</span></div></=
div></div><br></div><div style=3D"font-family:Arial,sans-serif;font-size:14=
px">
</div>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div>
--0000000000007c257405fc128d93--
|
