Peter Todd [ARCHIVE] on Nostr: 📅 Original date posted:2014-01-20 📝 Original message:On Mon, Jan 20, 2014 at ...
📅 Original date posted:2014-01-20
📝 Original message:On Mon, Jan 20, 2014 at 04:05:14PM -0600, Brooks Boyd wrote:
> On Mon, Jan 20, 2014 at 11:42 AM, slush <slush at centrum.cz> wrote:
>
> > Hi all,
> >
> > during recent months we've reconsidered all comments which we received
> > from the community about our BIP39 proposal and we tried to meet all
> > requirements for such standard. Specifically the proposal now doesn't
> > require any specific wordlist, so every client can use its very own list of
> > preferred words. Generated mnemonic can be then applied to any other
> > BIP39-compatible client. Please follow current draft at
> > https://github.com/trezor/bips/blob/master/bip-0039.mediawiki.
>
> So, because the [mnemonic]->[bip32 root] is just hashing, you've
> effectively made your "mnemonic sentence" into a brainwallet? Since every
> mnemonic sentence can now lead to a bip32 root, and only the client that
> created the mnemonic can verify the mnemonic passes its checksum (assuming
> all clients use different wordlists, the only client that can help you if
> you fat-finger the sentence is the client that created it)?
That issue is more than enough to get a NACK from me on making the
current BIP39 draft a standard - I can easily see that leading to users
losing a lot of money.
Have any wallets implemented BIP39 this way already in released code?
--
'peter'[:-1]@petertodd.org
00000000000000009c3092c0b245722363df8b29cfbb86368f4f7303e655983a
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140120/c30a540b/attachment.sig>
📝 Original message:On Mon, Jan 20, 2014 at 04:05:14PM -0600, Brooks Boyd wrote:
> On Mon, Jan 20, 2014 at 11:42 AM, slush <slush at centrum.cz> wrote:
>
> > Hi all,
> >
> > during recent months we've reconsidered all comments which we received
> > from the community about our BIP39 proposal and we tried to meet all
> > requirements for such standard. Specifically the proposal now doesn't
> > require any specific wordlist, so every client can use its very own list of
> > preferred words. Generated mnemonic can be then applied to any other
> > BIP39-compatible client. Please follow current draft at
> > https://github.com/trezor/bips/blob/master/bip-0039.mediawiki.
>
> So, because the [mnemonic]->[bip32 root] is just hashing, you've
> effectively made your "mnemonic sentence" into a brainwallet? Since every
> mnemonic sentence can now lead to a bip32 root, and only the client that
> created the mnemonic can verify the mnemonic passes its checksum (assuming
> all clients use different wordlists, the only client that can help you if
> you fat-finger the sentence is the client that created it)?
That issue is more than enough to get a NACK from me on making the
current BIP39 draft a standard - I can easily see that leading to users
losing a lot of money.
Have any wallets implemented BIP39 this way already in released code?
--
'peter'[:-1]@petertodd.org
00000000000000009c3092c0b245722363df8b29cfbb86368f4f7303e655983a
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140120/c30a540b/attachment.sig>