Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WT9ke-0004pe-AT for bitcoin-development@lists.sourceforge.net; Thu, 27 Mar 2014 12:49:44 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.214.174 as permitted sender) client-ip=209.85.214.174; envelope-from=mh.in.england@gmail.com; helo=mail-ob0-f174.google.com; Received: from mail-ob0-f174.google.com ([209.85.214.174]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WT9kd-0002fk-2M for bitcoin-development@lists.sourceforge.net; Thu, 27 Mar 2014 12:49:44 +0000 Received: by mail-ob0-f174.google.com with SMTP id wo20so4128167obc.5 for ; Thu, 27 Mar 2014 05:49:37 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.60.134.137 with SMTP id pk9mr1322787oeb.40.1395924577734; Thu, 27 Mar 2014 05:49:37 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.71.231 with HTTP; Thu, 27 Mar 2014 05:49:37 -0700 (PDT) In-Reply-To: References: <53340999.807@gmx.de> <5334144A.9040600@gmx.de> Date: Thu, 27 Mar 2014 13:49:37 +0100 X-Google-Sender-Auth: zacQNuumHm6eXKHKeY5cRAo-jMg Message-ID: From: Mike Hearn To: Thomas Voegtlin Content-Type: multipart/alternative; boundary=047d7b471dfa96d61904f5960418 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WT9kd-0002fk-2M Cc: Bitcoin Development Subject: Re: [Bitcoin-development] New BIP32 structure X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2014 12:49:44 -0000 --047d7b471dfa96d61904f5960418 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Ah, BIP32 allows for a range of entropy sizes and it so happens that they picked 256 bits instead of 128 bits. I'd have thought that there is a right answer for this. 2^128 should not be brute forceable, and longer sizes have a cost in terms of making the seeds harder to write down on paper. So should this be a degree of freedom? On Thu, Mar 27, 2014 at 1:28 PM, Mike Hearn wrote: > By the way, I just noticed that greenaddress.it is creating seeds that > have 24 words instead of 12. Does anyone know what's up with that? They > claim to be using BIP32 wallets so I wanted to see if they were using the > default structure and if so, whether bitcoinj was compatible with it > (before I switch to the one discussed here). But it seems we fall at the > first hurdle ... > > > On Thu, Mar 27, 2014 at 1:06 PM, Thomas Voegtlin wrote: > >> >> >> Le 27/03/2014 12:30, Marek Palatinus a =C3=A9crit : >> > Ah, I forget to two things, which should be into the BIP as well: >> > >> > a) Gap factor for addresses; as Thomas mentioned, although some softwa= re >> > can watch almost unlimited amount of unused addresses, this is serious >> > concern for lightweight or server-based wallets like Electrum or >> > myTREZOR. myTREZOR currently uses gap factor 10, which is (from my >> > experience so far) quite sane for most of users. >> >> >> Yes, I was planning to increase the number of available unused addresses >> to 10 or 20 in the bip32 version of Electrum. >> >> Related to this, here is another idea I would like to submit: >> >> Instead of using a "gap limit" (maximal number of consecutive unused >> addresses), I think we should get rid of the topology, and simply count >> the number of unused addresses since the beginning of the sequence. >> Indeed, the topology of the sequence of addresses is of no interest to >> the user. Users often misinterpret "gap limit" as the "number of unused >> addresses available", so I think we should just give them what they want >> :) This is easier to understand, and it makes things more predictable, >> because the wallet will always display the same number of unused >> addresses (except when it is waiting for confirmations). >> >> >> >> ------------------------------------------------------------------------= ------ >> _______________________________________________ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > --047d7b471dfa96d61904f5960418 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Ah, BIP32 allows for a range of entropy sizes and it so ha= ppens that they picked 256 bits instead of 128 bits.

I&#= 39;d have thought that there is a right answer for this. 2^128 should not b= e brute forceable, and longer sizes have a cost in terms of making the seed= s harder to write down on paper. So should this be a degree of freedom?


On Thu,= Mar 27, 2014 at 1:28 PM, Mike Hearn <mike@plan99.net> wrote:<= br>
By the way, I just noticed that greenaddress.it is creating seeds that have = 24 words instead of 12. Does anyone know what's up with that? They clai= m to be using BIP32 wallets so I wanted to see if they were using the defau= lt structure and if so, whether bitcoinj was compatible with it (before I s= witch to the one discussed here). But it seems we fall at the first hurdle = ...


On Thu, Mar 2= 7, 2014 at 1:06 PM, Thomas Voegtlin <thomasv1@gmx.de> wrote:


Le 27/03/2014 12:30, Marek Palatinus a =C3=A9crit :
> Ah, I forget to two things, which should be into the BIP as well:
>
> a) Gap factor for addresses; as Thomas mentioned, although some softwa= re
> can watch almost unlimited amount of unused addresses, this is serious=
> concern for lightweight or server-based wallets like Electrum or
> myTREZOR. myTREZOR currently uses gap factor 10, which is (from my
> experience so far) quite sane for most of users.


Yes, I was planning to increase the number of available unused addresses to 10 or 20 in the bip32 version of Electrum.

Related to this, here is another idea I would like to submit:

Instead of using a "gap limit" (maximal number of consecutive unu= sed
addresses), I think we should get rid of the topology, and simply count
the number of unused addresses since the beginning of the sequence.
Indeed, the topology of the sequence of addresses is of no interest to
the user. Users often misinterpret "gap limit" as the "numbe= r of unused
addresses available", so I think we should just give them what they wa= nt
:) This is easier to understand, and it makes things more predictable,
because the wallet will always display the same number of unused
addresses (except when it is waiting for confirmations).


---------------------------------------------------------------------------= ---
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


--047d7b471dfa96d61904f5960418--