1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
|
Delivery-date: Sun, 25 May 2025 04:44:51 -0700
Received: from mail-oa1-f60.google.com ([209.85.160.60])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBAABBJ4FZTAQMGQETN6HT5Q@googlegroups.com>)
id 1uJ9mc-0003Bx-KM
for bitcoindev@gnusha.org; Sun, 25 May 2025 04:44:51 -0700
Received: by mail-oa1-f60.google.com with SMTP id 586e51a60fabf-2d50f1673ddsf1642713fac.3
for <bitcoindev@gnusha.org>; Sun, 25 May 2025 04:44:50 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1748173484; cv=pass;
d=google.com; s=arc-20240605;
b=M73uqWhDpOlM27rpRepmhcYsNaVroS4eB8RCg570NNcPAUZubljW0t2Ga/iUoeNAvh
mY2H8bweHRca44EQeepk/q56Kir1qOihZRICVj3g9jD1nhfp7KElj/tkynflEuTTbMwc
KRK4ns9gBrt2Q1OhCpZjdwxG8iXvu5OwvdxGMyZt7/pUkJd91hd3kWl0NVKG2Oyvi2s8
E52qLQkv9rgSFaFEe9cCeelGrFpaxyWhmlQJGuthqvaNd1YFqMAe1PeFoop5Rg4GkjlY
RFMgY9/7WFaSv+JOucXR2+0udum1L2PBodxaw+mBkMkEndUWaRP8ghbzGFNJcCf4uZC+
R3Yw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:date:message-id:mime-version
:references:in-reply-to:subject:to:from:sender:dkim-signature;
bh=27hlfF1tdXtCKiZD+gUQ3ub1HTtmx7LvJVja67W7hn4=;
fh=MpE9V8OS5t2SV3pHpXlJP/4XxqfcxmYXJzDfAr7L1A8=;
b=gYWcWER5v9Hujq4BNWRDCwx7P3cf5kOL8MquZcSYIGyDZVMwCISZjHmoJf3FwqhSSw
Y7f/6seXGgpzIxNgOOdwRPpucDV3rRBIvxMwTi2Yh4VHvssHxLdBiiFZ3uXzQLCHevg7
f1NWVLUtlkO9NLBG4f58P98tVicPOOpBS+XyNgxH8vaMfEGVQcf4Vrkk9rnn/eX03pQJ
m8KPpx9xWDf8m3bhM/SQIbZ+lp2cfQ/6TglkMAeM7Pd/7Q/zdPr6+gOkVcPXwjnNu1Hs
e4SnGjAFL1t2jKp0YgBP84axgE4ZLSqSXSOmVl5fA3C3Ry1DrCgkF5MNuVupCHDr1L9s
PukQ==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
spf=pass (google.com: domain of pithosian@i2pmail.org designates 91.143.83.7 as permitted sender) smtp.mailfrom=pithosian@i2pmail.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1748173484; x=1748778284; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:date:message-id:mime-version:references
:in-reply-to:subject:to:from:sender:from:to:cc:subject:date
:message-id:reply-to;
bh=27hlfF1tdXtCKiZD+gUQ3ub1HTtmx7LvJVja67W7hn4=;
b=C+p3LH7R4ijoF5iguXPQKyeVA19M7GZ2ieN9vuOwksFwCrwyu0iHvUqVHzp/kWVcuy
ZTyiq5ntgrbT+SobW3YlRTtOWbvT1yceOxmZachJt5GC4P6THz+I5IQBRttUbVJajEPp
AKCjg1KMhNuU5EqGoC7n5m8nTDjL39VmPrMRjy3SR0XdC8+jV7qu1VF652r9E0COFNpi
ZjgFblSwytBp1LNnY6MtcBZIEJkJqMpitlK2N+OdanbUsEOceJvc6DueShSp3SMXN39e
c6hvaTLhpskXF9vnd0d6KOPHtlBtu/4Qb8R4nzOOm+fBQKs2zgKJCqW4Hnr3JpAfdOtF
SWsQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1748173484; x=1748778284;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:date:message-id:mime-version:references
:in-reply-to:subject:to:from:x-beenthere:x-gm-message-state:sender
:from:to:cc:subject:date:message-id:reply-to;
bh=27hlfF1tdXtCKiZD+gUQ3ub1HTtmx7LvJVja67W7hn4=;
b=WH7R8r+0zL9iWf4tdVzAcMMd0mHIyeEjn/+ub2UMN+rb8Lz9XU+bUs6rI9IzPdjJaT
lD9GU1FJLpBBJFFPiI4izr5JoS0hJZNSuwQ8yM8o+IWU1Uu4eQnt42EEWCReEm6LNofm
e/1WIg+cF5aDKT69UqxZiZCEgl6+rS62KJ9zyevZCvOrqUtWz6/COqR+I/RWIUhPnurt
gBJZwccwtGtifEleLoEfNG+MCgUDtNhC0GwCeYnGRmap21o63bs25yLWDscg2+RY/nLJ
8dVrrpIRUITREYQ66lnk5lnZHNBoXNpmNNnqdCNkUzlFb/QvIhooyTMbbNdtNOwBHYR0
TN2g==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCUeHIamUlI68diCeJNEnMl0pDzOmr6Kvoz9Z7lynJFneACuXNvt8Fv5etvzlf1PA8DCu22IQ+gz6jd3@gnusha.org
X-Gm-Message-State: AOJu0YzFn1we4mi9olByq0XcaZy/FQbTjjQY/7UYBrK5kJ1sDlrx9bpn
C7hdPkBuU9xDmWHNj9YWdiYukwssPDKNiqnc23pcJXN2tPCdZ5RA5/qd
X-Google-Smtp-Source: AGHT+IE1lKqYcv+4fPh61g+4I64rvq+FrAdSYnLlPU/TjWQKAKR9NK22J+IO94zmPQzibO4ZA5EGJg==
X-Received: by 2002:a05:6870:7013:b0:2c2:174b:c829 with SMTP id 586e51a60fabf-2e861e74a8emr2869393fac.15.1748173484459;
Sun, 25 May 2025 04:44:44 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AVT/gBEdjph6vn53BlpFKS/SwTsGwPSsxDJFTfOHUnL1CmNnrA==
Received: by 2002:a05:6871:6302:b0:2c1:8546:7864 with SMTP id
586e51a60fabf-2e85fc2cdc7ls1599830fac.2.-pod-prod-07-us; Sun, 25 May 2025
04:44:39 -0700 (PDT)
X-Received: by 2002:a05:6808:8514:b0:401:e8a2:76f1 with SMTP id 5614622812f47-40646811218mr2758087b6e.8.1748173479616;
Sun, 25 May 2025 04:44:39 -0700 (PDT)
Received: by 2002:a05:600c:c7:b0:442:dc76:9493 with SMTP id 5b1f17b1804b1-442fe658211ms5e9;
Sat, 24 May 2025 23:15:10 -0700 (PDT)
X-Received: by 2002:a05:600c:4ecc:b0:43c:ec28:d31b with SMTP id 5b1f17b1804b1-44c941880cbmr51752955e9.10.1748153708475;
Sat, 24 May 2025 23:15:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1748153708; cv=none;
d=google.com; s=arc-20240605;
b=DTP4qyATlby+tmszfh/pkCiLU0I6JNVvdbKYB4Sx2QtQdYaZttHac4sVkLgxbl/J6r
pFr9mAVbkSwLwAETZERJQ8vQmheCGECrLdp4XrXMaF4AM5LEDsKJm2sfTLozd6shr5IJ
7PmXAeynoVWvCc2PtAnKqWb7h7viM8c7hIP6XLK9mKet07Dnyj+tMxn4Nksa4EosXXAu
KK6WjlMVgFTiMrE1qrX4vR77F4oIVyBPjOrDHgSCPkYBl2IE/qmz0yDRAgf7cRSdoAJD
zNX7BLOdGR/tp9s23juccsQaPY2cvxNJRFM+nbZz68RvJHahkfTrwBZ7VkRCiNzIiDPY
rFRA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=date:message-id:content-transfer-encoding:mime-version:references
:in-reply-to:subject:to:from;
bh=f6uU3ousH2WZFDL2u0SqzkQ/n0B/+zuvKruknYI+5fE=;
fh=VcGcg+Zjs9gw1uDcHbxsAILhBAcecnbJzZRdxgKVDIc=;
b=VVQfmBRrtXSMGYDlpdXKT/GC/UZpWit8y3NDEY7wcK0Be/YH5nCNJpqF0I7HGUHloU
sbe47D8ITUObe/qocYkEw3lGl45YGXNGYF4yMNdpbgpNDg/RSlEy7SkYWP7wHlyaPo5T
XbeRhC5BO5KylBAVGueotwYPFW4HReoGbbl71PtOWjTWt4CX0K4B3B+I4sdGAHr8FYlT
d5+m5rR3UjlUwya8TO9fYpBs4YsAi06HaSwKjNN79r03B4YglgIiCTBP3zSYMFJRk28q
RaByid2LC7G6N4bGBBYOocRhdZRDy1NR0AQIxQ8BmLlspiVHKgKYT9m0bM7shqhsQDUn
Fr5g==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
spf=pass (google.com: domain of pithosian@i2pmail.org designates 91.143.83.7 as permitted sender) smtp.mailfrom=pithosian@i2pmail.org
Received: from mail.i2pproject.net (mail.i2pproject.net. [91.143.83.7])
by gmr-mx.google.com with ESMTPS id 5b1f17b1804b1-447f298913asi25845e9.1.2025.05.24.23.15.08
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Sat, 24 May 2025 23:15:08 -0700 (PDT)
Received-SPF: pass (google.com: domain of pithosian@i2pmail.org designates 91.143.83.7 as permitted sender) client-ip=91.143.83.7;
Received: from i2prouter.i2p.net ([81.7.8.99] helo=smtp.postman.i2p)
by mail.i2pproject.net with esmtp (Exim 4.96)
(envelope-from <pithosian@i2pmail.org>)
id 1uJ4dW-00HEHr-2j
for bitcoindev@googlegroups.com;
Sun, 25 May 2025 08:15:08 +0200
X-Mailer: smtp.postman.i2p - Official I2P Mailer
From: pithosian <pithosian@i2pmail.org>
To: bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] BIP39 Extension for Manual Seed Phrase Creation
In-Reply-To: <20250523131541.1521C7C0DB0@smtp.postman.i2p>
References: <20250523131541.1521C7C0DB0@smtp.postman.i2p>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Virus-Scanned: clamav-milter 0.103.X on milter.postman.i2p
Message-Id: <20250524205608.D723F7C1191@smtp.postman.i2p>
Date: Sat, 24 May 2025 20:56:08 +0000 (UTC)
X-Spam-Score: -2.9 (--)
X-Original-Sender: pithosian@i2pmail.org
X-Original-Authentication-Results: gmr-mx.google.com; spf=pass
(google.com: domain of pithosian@i2pmail.org designates 91.143.83.7 as
permitted sender) smtp.mailfrom=pithosian@i2pmail.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: 0.9 (/)
BIP39 works fine with entropy generated without a computer. I
personally recommend using coinflips with Von Neumann skew correction.
Yes, you need to perform a SHA256 hash to calculate the checksum word.
You need to use SHA512 HMAC as the next step, and EC point
multiplication along with a host of other steps which are unrealistic
to expect a human to perform by hand to actually get child keys and
addresses out the other end, too.
I have a bootable UEFI application for generating a mnemonic with
skew-corrected coinflips (among other things), designed for airgapped
operation, lying around in my archive somewhere. I plan on
re-implementing it as part of a much larger, long-running project but
if there's interest I can go find it, clean it up and publish the
old version in the meantime.
The spec doesn't need to change; there's really no benefit to
generating a mnemonic without the SHA256 hash step, because again, you
can't do anything with that mnemonic without hashing.
As for encoding derivation paths in the mnemonic, Electrum's Seed
Version System achieves roughly the same thing, but descriptors are a
better solution for managing non-entropy metadata for wallets.
For those who really don't want to put in the small amount of additional
effort required to use descriptors, replying on the standard derivation
paths is sufficient, as long as they're made aware of their existence.
Educating your users is a better solution than attempting to abstract
away (aka hide) critical information from them.
On Fri, 23 May 2025 13:15:41 +0000 (UTC)
Eric Kvam <nerdyrugbyguy@gmail.com> wrote:
> *Motivation*
> Make it easy for users to manually create their seed phrase so that
> they don't have to trust a "black box" and allow for encoding
> derivation path in seed phrase to simplify recovery
>
> *How*
> Use every eighth word from the wordlist to generate 16 word phrases
> with 128 bits of entropy (no checksum). The most significant eight
> bits of each word are used as entropy. The least significant three
> bits of each word specify the derivation path.
>
> - *000* Derivation Path Not Specified
> - *001* m/44'/0'/0'
> - *010* m/49'/0'/0'
> - *011* m/84'/0'/0'
> - *100* m/48'/0'/0'/2'
> - *101* m/86'/0'/0'
>
> Up to seven derivation paths can be specified if all words have the
> same least significant bits. If the least significant bits of each
> word vary, there are 48 bits that can be used to encode meta-data.
> As long as meta-data is limited to certain allowable values, this
> provides a mechanism for error detection, similar to a checksum.
>
> *Benefits of Suggested Implementation*
>
> - The word length determines how the seed phrase should be
> interpreted. User only needs to know how many words they have and how
> many words the wallet supports to check for compatibility with this
> extension
> - Uses same wordlist to represent the same entropy as a 12 word
> phrase (could be a revision to BIP39 instead of a new BIP)
> - Manual procedure is very simple, each derivation path can use a
> shortened 256 word list which enjoys improved alphabetical
> separation of words
> - May prevent naive word selections which aren't limited to every
> eighth word (similar to what checksum does)
> - Can be extended further. For example, a 32 word phrase with the
> same entropy as a 24 word phrase could also be added. We can keep
> adding formats with unique word length and keep adding uses for the
> meta data as needed.
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/20250524205608.D723F7C1191%40smtp.postman.i2p.
|
