82/b541e3722d76d112e05efe4ae6e98c2be0ebf2


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184

Delivery-date: Thu, 04 Sep 2025 02:27:35 -0700
Received: from mail-oa1-f60.google.com ([209.85.160.60])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBAABB7NW4XCQMGQE6LGUEMQ@googlegroups.com>)
	id 1uu6Fj-0001TU-5r
	for bitcoindev@gnusha.org; Thu, 04 Sep 2025 02:27:35 -0700
Received: by mail-oa1-f60.google.com with SMTP id 586e51a60fabf-31bdc4b5315sf285416fac.0
        for <bitcoindev@gnusha.org>; Thu, 04 Sep 2025 02:27:34 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1756978048; cv=pass;
        d=google.com; s=arc-20240605;
        b=TBxB8++Go1OxnnC826NxikxfIsztvVblVLloFoDC3yjYzXpVq9iRk/KcDzqyLDcRaE
         cUS+1LjG/wAizF1NJIBYZ70tdRkocmKbgYaNmkS3Z+kWUj/Ybu/pjLvjatoJoCT3+gMH
         Auoz4RKSg7aS1oToXvrH0Fsh+rWAcEQUs8+1djsDwAUIUPWsiQ9zSgrBNNhV7UxiOyA0
         OYSMbhYhdtGB6VhS1oX9k2U08r9iW1vjyqrMqY1Sg0UE8GFK+bLbkhJA5hz0BWV3nEGZ
         lL8hzEerUsendewmfeXp5nHJdkqSfcHEijM7OAJIitsActAmECcsHIwVewjQ4LkfgJE5
         NUag==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:user-agent
         :content-transfer-encoding:date:to:from:subject:message-id:sender
         :dkim-signature;
        bh=H0q21HtgcgEgc/yWDlU4jRslzCxiyFxY/qa+RvqSo6g=;
        fh=2CtjyV/6esXk1u8TpzZPbgEpZZkYTWpGDCPHXqzM5oc=;
        b=U5leODpQE1tkTuTmQhRQgEDaNj8Jlqfin7u4aAPCE55nSYcT3x9jt/q7gu0EGZoQA9
         911l46wVbRYd/8YtUf+OAmuOFJtc4/v8RF/B9KZkyp1HpAqhogKuow0mWEtIYNVNFIRv
         bJlCUbxWU3E/tnEWO0hz9GJXNJVyKrSaVvIN/8G2YMsWX0jzzkzPYGipPQ8jfx13RBeR
         mS8Tbymzza8zH8KC5s5JrqxyCBxZCPBuu3j51QNJSpvgyG1R6RfrC7P8i1MhKkU3Ja8S
         1vVfw4mGQbDsVIZ/shdo9VlNDno/l9NBg0fnZWYoSz840q+sbbP+td+cebLq9fxJVYFF
         HHiQ==;
        darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@pythcoiner.dev header.s=dkim header.b=ImHx1mTo;
       spf=pass (google.com: domain of pyth@pythcoiner.dev designates 89.116.26.244 as permitted sender) smtp.mailfrom=pyth@pythcoiner.dev;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=pythcoiner.dev
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1756978048; x=1757582848; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:user-agent:content-transfer-encoding
         :date:to:from:subject:message-id:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=H0q21HtgcgEgc/yWDlU4jRslzCxiyFxY/qa+RvqSo6g=;
        b=DmhOkfFkRlzjErMw8qkqNoQ5FNi9w9s+Ooh52FdK2MnzHmQhUcp5HSaip/mUg4ore8
         ybpmcpazQatgF4cu7sUnCuQO8ZdklUIf7nVCuqFLiVumwcccjgWoSFlLYpth6iA9Jzl8
         4eM4+giwuRnl9A4JoAhD3Uk5jY10C8J7/zZoUWzY5JTplOGso+8S/ICMkfM3d7dqvQVp
         Gq66923ux7rQ5feBvF+OUhpEdWoyBKankgghYYmSXLbZeAWoZwcgLVkDPWCVrGsq0MHp
         4QB2A4bPBkqMBpfndaYVs219G8muLlWSSM6z7E2MHW51ppx8PHjcL+0KJHJeQkDKtQC3
         dBsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1756978048; x=1757582848;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:user-agent:content-transfer-encoding
         :date:to:from:subject:message-id:x-beenthere:x-gm-message-state
         :sender:from:to:cc:subject:date:message-id:reply-to;
        bh=H0q21HtgcgEgc/yWDlU4jRslzCxiyFxY/qa+RvqSo6g=;
        b=PA80m33Dw8Rx0lhS4Cz7x9PlELLr7/l/yT9CNJ8MMVd2vL5e/IDMn1moRZLbEV1FpJ
         PcKhCCbtCW9HazKrPMcSIrVRAfqqy+hSoHE2FLSkOEdCznwRMOUVYJwIlo1amFLTniLA
         EMHNHzKVeflXQEtEo1B/7nNqM6TFcaBAL+Cvqc7l/ZPLyshkkEBOE2HZy/j8p79curnL
         nOSZiRzA+v01HYOlpy4wUqa7imnVwSPqui/4lhjZ35Y7JkLNXAqXUlCrQEyeQigx5TFI
         1kiE2GpAGZE4wlpRrlxA0arCNEEEyWNsfYLyvJ/4BEWBxc4a036n9DQt55kAkxQthKiO
         92Iw==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCXP3uxfqWu4d2CuROyKOupMlnf1xX2xySieg5lI2KVcCkKwlwWLW/I2bS6esKWLdC2rMJ5y/MBpjz63@gnusha.org
X-Gm-Message-State: AOJu0YyLDEvdkvlcjkHXfwkR/gAEdyFUDTNl3RIQUuQuIoqlss3lbDpY
	4EU/ZcVRces7n1hRSaxcLrO2iUPNylV0QbNTELija5F+oMRwT0GCJ76d
X-Google-Smtp-Source: AGHT+IFNH7P74XqXYi9Wi1AB3OuYLEtD2VgPYdJtc+TesYqnFDENLJb79Ot/36YlYoRgmeum2dBxBg==
X-Received: by 2002:a05:6871:4b8a:b0:30b:85e1:d3ea with SMTP id 586e51a60fabf-31963183f91mr8631977fac.21.1756978048164;
        Thu, 04 Sep 2025 02:27:28 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZcEBJO13T/HIwgSUkMqPxu5dJ6BDBVew5WcdsS3xpz/EA==
Received: by 2002:a05:687c:2058:20b0:31d:779e:bfab with SMTP id
 586e51a60fabf-31d779ec2d1ls211149fac.1.-pod-prod-04-us; Thu, 04 Sep 2025
 02:27:25 -0700 (PDT)
X-Received: by 2002:a05:6808:1525:b0:438:434c:79a8 with SMTP id 5614622812f47-438434c7bbdmr262601b6e.13.1756978044879;
        Thu, 04 Sep 2025 02:27:24 -0700 (PDT)
Received: by 2002:ab3:5a13:0:b0:2c3:d086:1a03 with SMTP id a1c4a302cd1d6-2c3e31cfdd4msc7a;
        Wed, 3 Sep 2025 23:59:38 -0700 (PDT)
X-Received: by 2002:ac2:5f72:0:b0:55f:552c:f731 with SMTP id 2adb3069b0e04-55f6f6b4c11mr3940474e87.7.1756969176573;
        Wed, 03 Sep 2025 23:59:36 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1756969176; cv=none;
        d=google.com; s=arc-20240605;
        b=EGUvyiDmv/P/Ni87HID56cjeUtufzFKI60r/Xeu7J9kMwq9iGEJPtmra3yOU3K6PdL
         qdB07V2XxtjJ2KXNvQNOYVjtiIoGM6Un/FF5FxnQlH9Xg0BPILUxCA3eVsM3YjE5MO5K
         RuOsgEdmvMmXagruHeh8f1SXx0owEwTBzQ4CzoQEnNiXUkj9mn3KMPiWPN2SSo6lSgTi
         2ZI07xH5qXfGrtK9yV8YGuJH2J5D9CMnD4TD83d5F9A188p1aMfK5q8kzMDXVAtltUwy
         gVOA+3wQtBZfHK1esmdDsk8bG1Fw4fUV2Kc1EOZGB8Aa/TEZ/PpgPauOOGQSZWLUpXDa
         9lOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=mime-version:user-agent:content-transfer-encoding:date:to:from
         :subject:message-id:dkim-signature;
        bh=cXqzuKA2Lonk6dSdowt7Osg62wgGv1pJQxIYxb3bVnY=;
        fh=VcGcg+Zjs9gw1uDcHbxsAILhBAcecnbJzZRdxgKVDIc=;
        b=fqgcqopxU4bBrRYb5zqYYzKL3CZicuD/6fszigIPQQQrPRkEDJ0C7o9SdlmlU41tW+
         41tNf7qqYBIbrA/FV/KN1XKHFIIL0b/QzgGJ7EIG7NMLE0P8xhP0L1QwZUbp6cKh6hp3
         IlL+Z3vt17vaiNTUzm6/+2R0Q+1gvYvmxENY4OwrpI5hIBPzRNe3SGtHQFmwZ3V9kTvT
         z5h/gPuxt0HfRUtHWcKf3b8OxYgr0KfDQNkkqXegyQlL2X63W7C/2/kgnirM1RHREY1S
         Ye4MUB4XDe/47UwfYD4Mi1g3c5+bXMsNUtzYYcQrpmAkcgzRmxGDAwhKbYnbSxXGjoYi
         wRkg==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@pythcoiner.dev header.s=dkim header.b=ImHx1mTo;
       spf=pass (google.com: domain of pyth@pythcoiner.dev designates 89.116.26.244 as permitted sender) smtp.mailfrom=pyth@pythcoiner.dev;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=pythcoiner.dev
Received: from mail.axus-automation.fr (vmi2256994.contaboserver.net. [89.116.26.244])
        by gmr-mx.google.com with ESMTPS id 2adb3069b0e04-5608ac6726csi82384e87.4.2025.09.03.23.59.36
        for <bitcoindev@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 03 Sep 2025 23:59:36 -0700 (PDT)
Received-SPF: pass (google.com: domain of pyth@pythcoiner.dev designates 89.116.26.244 as permitted sender) client-ip=89.116.26.244;
Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id DB03E1BC0A20
	for <bitcoindev@googlegroups.com>; Thu,  4 Sep 2025 08:59:30 +0200 (CEST)
Message-ID: <e0b1a14c74645e34c1b2e1d5bb1b60ea69dd6437.camel@pythcoiner.dev>
Subject: [bitcoindev] [BIP Draft] Bitcoin Encrypted Backup
From: pyth <pyth@pythcoiner.dev>
To: bitcoindev@googlegroups.com
Date: Thu, 04 Sep 2025 08:58:57 +0200
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
User-Agent: Evolution 3.56.2
MIME-Version: 1.0
X-Last-TLS-Session-Version: TLSv1.3
X-Original-Sender: pyth@pythcoiner.dev
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@pythcoiner.dev header.s=dkim header.b=ImHx1mTo;       spf=pass
 (google.com: domain of pyth@pythcoiner.dev designates 89.116.26.244 as
 permitted sender) smtp.mailfrom=pyth@pythcoiner.dev;       dmarc=pass (p=NONE
 sp=NONE dis=NONE) header.from=pythcoiner.dev
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)

Hi all,

At WizardSardine (where we=E2=80=99re building Liana wallet) we have been
discussing an encryption scheme for descriptors for at least two years.

A few months ago Salvatore Ingala published on delvingbitcoin a clear
scheme that matches our requirements. =20
I have been working on implementing this scheme over the past few weeks
and would like to share a draft implementations & BIP in order to
collect feedback, remarks, and reviews.

Draft BIP: https://github.com/bitcoin/bips/pull/1951
Rust implementation + CLI:
https://github.com/pythcoiner/encrypted_backup
A simple GUI using rust implem: https://github.com/pythcoiner/bed
Salvatore delving post:
https://delvingbitcoin.org/t/a-simple-backup-scheme-for-wallet-accounts

**Open questions**

- **Deterministic nonce:** Currently the nonce is generated randomly.
Is it safe to produce a deterministic nonce, e.g. `hash("NONCE" ||
plaintext || key_1 || =E2=80=A6 || key_n)`, or are there known security
concerns with this approach? =20
- **Cipher choice:** I arbitrarily chose AES=E2=80=91GCM=E2=80=91256. Is th=
is the best
choice for this use case, or would another construction be preferable?
- **Byte order:** All fields are defined to be encoded in big=E2=80=91endia=
n.
Is there any reason to consider a different endianness?

Any thoughts, suggestions, or references are welcome.

Thanks, =20
pyth =20

--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/=
e0b1a14c74645e34c1b2e1d5bb1b60ea69dd6437.camel%40pythcoiner.dev.