diff options
| author | BitPLATESĀ® (Chris) <bitplates@marketnetworks.co.uk> | 2021-05-08 16:21:51 +0100 |
|---|---|---|
| committer | bitcoindev <bitcoindev@gnusha.org> | 2021-05-08 15:22:09 +0000 |
| commit | 1091a3dec81de98e713e2bd98d55e27363b285b0 (patch) | |
| tree | 1157c4db45ca17b548f368f8a2a87976e79be012 | |
| parent | c469d47b8be1941ee71486a03ebcf9d9d5f709bc (diff) | |
| download | pi-bitcoindev-1091a3dec81de98e713e2bd98d55e27363b285b0.tar.gz pi-bitcoindev-1091a3dec81de98e713e2bd98d55e27363b285b0.zip | |
[bitcoin-dev] Proposal for an Informational BIP
| -rw-r--r-- | 98/4d9615dff1df3ef6e8d68661d56d0044eb16a4 | 304 |
1 files changed, 304 insertions, 0 deletions
diff --git a/98/4d9615dff1df3ef6e8d68661d56d0044eb16a4 b/98/4d9615dff1df3ef6e8d68661d56d0044eb16a4 new file mode 100644 index 000000000..5e0cf11f3 --- /dev/null +++ b/98/4d9615dff1df3ef6e8d68661d56d0044eb16a4 @@ -0,0 +1,304 @@ +Return-Path: <bitplates@marketnetworks.co.uk> +Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) + by lists.linuxfoundation.org (Postfix) with ESMTP id DA56AC0001 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 8 May 2021 15:22:09 +0000 (UTC) +Received: from localhost (localhost [127.0.0.1]) + by smtp1.osuosl.org (Postfix) with ESMTP id B1DE183D62 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 8 May 2021 15:22:09 +0000 (UTC) +X-Virus-Scanned: amavisd-new at osuosl.org +X-Spam-Flag: NO +X-Spam-Score: 0.112 +X-Spam-Level: +X-Spam-Status: No, score=0.112 tagged_above=-999 required=5 + tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, + RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, + SPF_HELO_PASS=-0.001, T_SPF_PERMERROR=0.01] + autolearn=ham autolearn_force=no +Received: from smtp1.osuosl.org ([127.0.0.1]) + by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id YP74__ZsfIOR + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 8 May 2021 15:22:08 +0000 (UTC) +X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 +Received: from smtp.hosts.co.uk (smtp.hosts.co.uk [85.233.160.19]) + by smtp1.osuosl.org (Postfix) with ESMTPS id 3728883D51 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 8 May 2021 15:22:07 +0000 (UTC) +Received: from mail-lf1-f48.google.com ([209.85.167.48]) + by smtp.hosts.co.uk with esmtpsa (TLS1.3:TLS_AES_256_GCM_SHA384:256) + (Exim) (envelope-from <bitplates@marketnetworks.co.uk>) + id 1lfOmL-00045x-Di + for bitcoin-dev@lists.linuxfoundation.org; Sat, 08 May 2021 16:22:06 +0100 +Received: by mail-lf1-f48.google.com with SMTP id 124so16989763lff.5 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 08 May 2021 08:22:04 -0700 (PDT) +X-Gm-Message-State: AOAM533HP1dmjXFE74EjNNbWmeq5wUIlG7mRASEjUmel1eym9EZlFHAV + 8oyRywGQivozyLd6R96p+TtOLpz2uijN1MYURMY= +X-Google-Smtp-Source: ABdhPJz1tErqTft4+IOhALoWKx3ajzPKz9FonyN98fZdWN6O/K5T/4b7rTZevUCrifUjyvvhyJvmg1uRyo0EETz5Wek= +X-Received: by 2002:a05:6512:104d:: with SMTP id + c13mr10355228lfb.59.1620487324019; + Sat, 08 May 2021 08:22:04 -0700 (PDT) +MIME-Version: 1.0 +From: =?UTF-8?Q?BitPLATES=C2=AE_=28Chris=29?= <bitplates@marketnetworks.co.uk> +Date: Sat, 8 May 2021 16:21:51 +0100 +X-Gmail-Original-Message-ID: <CAAvTZ6546k0Rx2ODQ7EHJWV=F-DU-kQEg=Qh6yK6WNH-dmgv8w@mail.gmail.com> +Message-ID: <CAAvTZ6546k0Rx2ODQ7EHJWV=F-DU-kQEg=Qh6yK6WNH-dmgv8w@mail.gmail.com> +To: bitcoin-dev@lists.linuxfoundation.org +Content-Type: multipart/alternative; boundary="0000000000004fb17b05c1d31bc0" +X-Mailman-Approved-At: Sat, 08 May 2021 15:24:00 +0000 +Subject: [bitcoin-dev] Proposal for an Informational BIP +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.15 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Sat, 08 May 2021 15:22:10 -0000 + +--0000000000004fb17b05c1d31bc0 +Content-Type: text/plain; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +Hi, + +I'd like to submit an idea for review, as a potential informational BIP +(Bitcoin Improvement Proposal), describing an optional method of producing +a BIP39 passphrase, using only BIP39 'mnemonic' seed words. + +The idea specifically refers to a method of introducing two-factor +authentication, to protect a Bitcoin wallet using only 24 seed words, and +therefore, providing plausible deniability about the existence of this +separate 2nd layer passphrase. + +I've suggested the name 'quantum' passphrase to be used casually as a +unique identifier. + +The data stored within a 'quantum' passphrase, is simultaneously the +minimum required data for reproducing a BIP39-compatible 24-word seed +mnemonic... hence, the name 'quantum' seems fitting, to reflect the +multiple simultaneous states of data. + +Abstract... + +This improvement proposal describes the use of twenty four, newly generated +BIP39 seed words, to produce a '25th-word' BIP39-compatible 'quantum' +passphrase. + +Two-factor authentication (2FA) or (2 of 2 multi-signature) can be +implemented with a two-wallet setup: + +The 1st Bitcoin wallet is protected by the seed words of the 2nd Bitcoin +wallet; inversely, the 2nd Bitcoin wallet is protected by the seed words of +the 1st Bitcoin wallet. + +The 'quantum' passphrase offers an exponential increase in the level of +protection, as that offered by the original BIP39 mnemonic seed words +(=E2=89=882048^23 possible combinations). + +ie. A Bitcoin wallet with a 2nd layer 'quantum'passphrase is protected by +2048^23 to the power of 2048^23 possible combinations. + +With existing computer capabilities, this level of protection is far +greater than required; however, this does provide a sufficient level of +protection for each separate layer of a two-factor Bitcoin wallet, should +any one layer be accidentally exposed. + +This method of passphrase generation, consists of two parts: + +1st - generating the BIP39 mnemonic seed words, using a BIP39-compatible +hardware wallet. + +2nd - Converting these seed words into the 'quantum' passphrase, following +four simple rules, which most importantly, do not destroy the integrity of +the initial data. + +Motivation... + +The well established practice of preserving up to 24 seed words for the +purpose of reproduction of a Bitcoin wallet, suffers from a major flaw... +Exposure of these mnemonic seed words can cause catastrophic loss of funds +without adequate multi-factor protection. + +Whilst it is recognised that a number of multi-factor solutions are +available (including the standard BIP39 passphrase, and hardware wallet +multi-signature functionality), this proposal aims to provide an extremely +safe and secure 'low-tech' option, that requires minimal (non-destructive) +adjustments to the seed words. + +Furthermore, the 'quantum' passphrase offers a number advantages over the +existing methods of multi-factor protection: + +Firstly, this method of creating a passphrase leaves no evidence of its +existence on any backup devices, providing plausible deniability in case of +coercion. + +This is because the passphrase is easily created from a genuine 24 seed +word mnemonic; therefore, the physical backup of the passphrase can be +disguised as a simple Bitcoin wallet on a metal backup plate. + +It presents a way of discouraging user-created words or sentences (also +known as 'brain-wallets'), which often provide a drastically reduced level +of passphrase security, unbeknown to many users. + +The large amount of data required to produce a 'quantum' passphrase (up to +96 characters long), encourages the physical backup of the passphrase. + +Furthermore, the use of BIP39-only words provides a higher degree of +standardization, which can help to avoid potential mistakes made by +creating unnecessarily complicated combinations of letters, numbers and +symbols. Increased complication (disorderly, and non-human-friendly), does +not always equal increased complexity (orderly, and more human-friendly), +or increased security. + +As previously mentioned, a two-wallet configuration provides the user an +opportunity to safely split the two factors of protection (equivalent to a +2 of 2 'multi-sig' setup). + +If a BIP39-compatible passphrase is created using a new set of 24 seed +words, it provides 76 degrees of extra complexity (ie. 1 with 76 zeros, or +10=E2=81=B7=E2=81=B6 possible combinations of words). + +The strength of this 2nd factor solution, provides adequate +risk-management, when considering the production of multiple backup +devices, strategically stored in multiple geographical locations. + +Generating the 'quantum' passphrase... + +Following just four (non-destructive) BIP39-compatible rules, the 24 seed +words can also function as a 'quantum' passphrase: + +1 . Only BIP39 words +(Standard list of 2048 English words - other languages should be compatible= +) + +2 . Only the first four letters of each word +(BIP39 words require only this data for reproduction) + +3 . Only upper case letters +(All alphabet references use this standard format) + +4 . No spaces between words +(Spaces represent an additional unit of data, that is not recorded) + +In essence, the 'quantum' passphrase is simply a single string of all 24 +seed words, set out using the above rules. + +I welcome a productive technical discussion. + +Thanks, + +Chris Johnston + +--0000000000004fb17b05c1d31bc0 +Content-Type: text/html; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"auto">Hi,<div dir=3D"auto"><br></div><div dir=3D"auto">I'd = +like to submit an idea for review, as a potential informational BIP (Bitcoi= +n Improvement Proposal), describing an optional method of producing a BIP39= + passphrase, using only BIP39 'mnemonic' seed words.</div><div dir= +=3D"auto"><br></div><div dir=3D"auto">The idea specifically refers to a met= +hod of introducing two-factor authentication, to protect a Bitcoin wallet u= +sing only 24 seed words, and therefore, providing plausible deniability abo= +ut the existence of this separate 2nd layer passphrase.</div><div dir=3D"au= +to"><br></div><div dir=3D"auto">I've suggested the name 'quantum= +9; passphrase to be used casually as a unique identifier.</div><div dir=3D"= +auto"><br></div><div dir=3D"auto">The data stored within a 'quantum'= +; passphrase, is simultaneously the minimum required data for reproducing a= + BIP39-compatible 24-word seed mnemonic... hence, the name 'quantum'= +; seems fitting, to reflect the multiple simultaneous states of data.</div>= +<div dir=3D"auto"><div dir=3D"auto"><br></div><div dir=3D"auto">Abstract...= +</div><div dir=3D"auto"><br></div><div dir=3D"auto">This improvement propos= +al describes the use of twenty four, newly generated BIP39 seed words, to p= +roduce a '25th-word' BIP39-compatible 'quantum' passphrase.= +</div><div dir=3D"auto"><br></div><div dir=3D"auto">Two-factor authenticati= +on (2FA) or (2 of 2 multi-signature) can be implemented with a two-wallet s= +etup:</div><div dir=3D"auto"><br></div><div dir=3D"auto">The 1st Bitcoin wa= +llet is protected by the seed words of the 2nd Bitcoin wallet; inversely, t= +he 2nd Bitcoin wallet is protected by the seed words of the 1st Bitcoin wal= +let.</div><div dir=3D"auto"><br></div><div dir=3D"auto">The 'quantum= +9; passphrase offers an exponential increase in the level of protection, as= + that offered by the original BIP39 mnemonic seed words (=E2=89=882048^23 p= +ossible combinations).</div><div dir=3D"auto"><br></div><div dir=3D"auto">i= +e. A Bitcoin wallet with a 2nd layer 'quantum'passphrase is protect= +ed by 2048^23 to the power of 2048^23 possible combinations.</div><div dir= +=3D"auto"><br></div><div dir=3D"auto">With existing computer capabilities, = +this level of protection is far greater than required; however, this does p= +rovide a sufficient level of protection for each separate layer of a two-fa= +ctor Bitcoin wallet, should any one layer be accidentally exposed.</div><di= +v dir=3D"auto"><br></div><div dir=3D"auto">This method of passphrase genera= +tion, consists of two parts:</div><div dir=3D"auto"><br></div><div dir=3D"a= +uto">1st - generating the BIP39 mnemonic seed words, using a BIP39-compatib= +le hardware wallet.</div><div dir=3D"auto"><br></div><div dir=3D"auto">2nd = +- Converting these seed words into the 'quantum' passphrase, follow= +ing four simple rules, which most importantly, do not destroy the integrity= + of the initial data.</div><div dir=3D"auto"><br></div><div dir=3D"auto">Mo= +tivation...</div><div dir=3D"auto"><br></div><div dir=3D"auto">The well est= +ablished practice of preserving up to 24 seed words for the purpose of repr= +oduction of a Bitcoin wallet, suffers from a major flaw... Exposure of thes= +e mnemonic seed words can cause catastrophic loss of funds without adequate= + multi-factor protection.</div><div dir=3D"auto"><br></div><div dir=3D"auto= +">Whilst it is recognised that a number of multi-factor solutions are avail= +able (including the standard BIP39 passphrase, and hardware wallet multi-si= +gnature functionality), this proposal aims to provide an extremely safe and= + secure 'low-tech' option, that requires minimal (non-destructive) = +adjustments to the seed words.</div><div dir=3D"auto"><br></div><div dir=3D= +"auto">Furthermore, the 'quantum' passphrase offers a number advant= +ages over the existing methods of multi-factor protection:</div><div dir=3D= +"auto"><br></div><div dir=3D"auto">Firstly, this method of creating a passp= +hrase leaves no evidence of its existence on any backup devices, providing = +plausible deniability in case of coercion.</div><div dir=3D"auto"><br></div= +><div dir=3D"auto">This is because the passphrase is easily created from a = +genuine 24 seed word mnemonic; therefore, the physical backup of the passph= +rase can be disguised as a simple Bitcoin wallet on a metal backup plate.</= +div><div dir=3D"auto"><br></div><div dir=3D"auto">It presents a way of disc= +ouraging user-created words or sentences (also known as 'brain-wallets&= +#39;), which often provide a drastically reduced level of passphrase securi= +ty, unbeknown to many users.</div><div dir=3D"auto"><br></div><div dir=3D"a= +uto">The large amount of data required to produce a 'quantum' passp= +hrase (up to 96 characters long), encourages the physical backup of the pas= +sphrase.</div><div dir=3D"auto"><br></div><div dir=3D"auto">Furthermore, th= +e use of BIP39-only words provides a higher degree of standardization, whic= +h can help to avoid potential mistakes made by creating unnecessarily compl= +icated combinations of letters, numbers and symbols. Increased complication= + (disorderly, and non-human-friendly), does not always equal increased comp= +lexity (orderly, and more human-friendly), or increased security.</div><div= + dir=3D"auto"><br></div><div dir=3D"auto">As previously mentioned, a two-wa= +llet configuration provides the user an opportunity to safely split the two= + factors of protection (equivalent to a 2 of 2 'multi-sig' setup).<= +/div><div dir=3D"auto"><br></div><div dir=3D"auto">If a BIP39-compatible pa= +ssphrase is created using a new set of 24 seed words, it provides 76 degree= +s of extra complexity (ie. 1 with 76 zeros, or 10=E2=81=B7=E2=81=B6 possibl= +e combinations of words).</div><div dir=3D"auto"><br></div><div dir=3D"auto= +">The strength of this 2nd factor solution, provides adequate risk-manageme= +nt, when considering the production of multiple backup devices, strategical= +ly stored in multiple geographical locations.</div><div dir=3D"auto"><br></= +div><div dir=3D"auto">Generating the 'quantum' passphrase...</div><= +div dir=3D"auto"><br></div><div dir=3D"auto">Following just four (non-destr= +uctive) BIP39-compatible rules, the 24 seed words can also function as a &#= +39;quantum' passphrase:</div><div dir=3D"auto"><br></div><div dir=3D"au= +to">1 . Only BIP39 words</div><div dir=3D"auto">(Standard list of 2048 Engl= +ish words - other languages should be compatible)</div><div dir=3D"auto"><b= +r></div><div dir=3D"auto">2 . Only the first four letters of each word</div= +><div dir=3D"auto">(BIP39 words require only this data for reproduction)</d= +iv><div dir=3D"auto"><br></div><div dir=3D"auto">3 . Only upper case letter= +s</div><div dir=3D"auto">(All alphabet references use this standard format)= +</div><div dir=3D"auto"><br></div><div dir=3D"auto">4 . No spaces between w= +ords</div><div dir=3D"auto">(Spaces represent an additional unit of data, t= +hat is not recorded)</div><div dir=3D"auto"><br></div><div dir=3D"auto">In = +essence, the 'quantum' passphrase is simply a single string of all = +24 seed words, set out using the above rules.</div><div dir=3D"auto"><br></= +div><div dir=3D"auto">I welcome a productive technical discussion.</div><di= +v dir=3D"auto"><br></div><div dir=3D"auto">Thanks,</div><div dir=3D"auto"><= +br></div><div dir=3D"auto">Chris Johnston</div><div dir=3D"auto"><br></div>= +<div dir=3D"auto"><br></div></div></div> + +--0000000000004fb17b05c1d31bc0-- + |