summaryrefslogtreecommitdiff
path: root/56/5513d772c57a3790276edd02f1d57327be27e0
blob: 7de8c77cb21dd63c7cb6e1deac04ecdcfc38e316 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <marek@palatinus.cz>) id 1W5O7K-0002Va-6D
	for bitcoin-development@lists.sourceforge.net;
	Mon, 20 Jan 2014 23:18:54 +0000
X-ACL-Warn: 
Received: from mail-vc0-f173.google.com ([209.85.220.173])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1W5O7I-0000YT-Lq
	for bitcoin-development@lists.sourceforge.net;
	Mon, 20 Jan 2014 23:18:54 +0000
Received: by mail-vc0-f173.google.com with SMTP id ld13so3087906vcb.4
	for <bitcoin-development@lists.sourceforge.net>;
	Mon, 20 Jan 2014 15:18:47 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
	:date:message-id:subject:to:cc:content-type;
	bh=fiUVB4qy99xSoT2Xk2Y07E6tzcRlqR54rx8+jF+BvrQ=;
	b=O/zNkdApauuz5byJ3z/0Z5lTd0J2L/eCtZag/MHmIZ9EJ4mmAvPfQOcNo10LdJaeCn
	rrxDEFazzj+T5CC3ZCuE8nrwWCHBncWAjQbdoZyu95QiY7tEzeDqbq+yftGaUfArDB2f
	mF8PrO0RJ3+XoBH996wz0m9Id7Gc4+Fh3t6W4hbAKE9GJPjeNcp+XFdU4xETuGLLmUje
	51TB+go8/JSNAU/lAh9QsEPIPDNITfpaaByHo98H1h0NCKrZqn8PmMuX5onpcQ3Oevce
	Se0c3DOZpJOB2TySTst9mbb+Mpg0IxFLmkoCq6aaB9DD3Zrhjt32MORzuyTiRGLC6Yd6
	xVNA==
X-Gm-Message-State: ALoCoQm8IC/XjTSD8Ne7oCFyCFti5So+aoL3MPcaK6ZE5TfKVklxU4bMvmiwf+cmM8KDzy7tybrv
X-Received: by 10.58.181.71 with SMTP id du7mr63145vec.25.1390259927119; Mon,
	20 Jan 2014 15:18:47 -0800 (PST)
MIME-Version: 1.0
Sender: marek@palatinus.cz
Received: by 10.58.57.234 with HTTP; Mon, 20 Jan 2014 15:18:16 -0800 (PST)
In-Reply-To: <CANOOu=_pVCPiDtbqc3EwToZWzjLw4UqOvpsu2Wrt4eDKC7g_2g@mail.gmail.com>
References: <CAJna-HjGHpru6Lpv_tXUkWR2mX-=fobzojtHYvSRJy6+CMesOA@mail.gmail.com>
	<CANg-TZCrpT-YJ0WV9VY6w-PtCiz2YRMBCMvmjneDz13j2namkw@mail.gmail.com>
	<20140120223502.GA1055@petertodd.org>
	<CANOOu=_pVCPiDtbqc3EwToZWzjLw4UqOvpsu2Wrt4eDKC7g_2g@mail.gmail.com>
From: slush <slush@centrum.cz>
Date: Tue, 21 Jan 2014 00:18:16 +0100
X-Google-Sender-Auth: DfbM0TcNdPi6-9VUq_Fqa0wRtsg
Message-ID: <CAJna-HgStwQQUiNZfJrFS1SduuzEEVrF=qmVe23uqZUNhHkOHA@mail.gmail.com>
To: Christophe Biocca <christophe.biocca@gmail.com>
Content-Type: multipart/alternative; boundary=047d7b8738101a0d1204f06f1d48
X-Spam-Score: 1.0 (+)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(slush[at]centrum.cz)
	1.0 HTML_MESSAGE           BODY: HTML included in message
X-Headers-End: 1W5O7I-0000YT-Lq
Cc: "bitcoin-development@lists.sourceforge.net"
	<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP0039: Final call
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 20 Jan 2014 23:18:54 -0000

--047d7b8738101a0d1204f06f1d48
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Jan 21, 2014 at 12:06 AM, Christophe Biocca <
christophe.biocca@gmail.com> wrote:

> I remember the wordlist choice getting bikeshedded to death a month ago.
>
> I would just include the wordlist as part of the standard (as a
> recommendation) so that fully compliant implementations can correct a
> user's typos regardless of the original generator.
>
>
That's exactly our attitude. We realized that have a community-wide
agreement on the wordlist itself is simply imposible, so to reach at least
some consensus we split the proposal to two parts - one what is essential
to call itself a "bip39 compatible", i.e. converting the mnemonic to bip32
node and second which is optional, including our proposed wordlist, which
has some advanced features like checksums etc. Now it is up to client
developers to decide if they really insist on their superior wordlist or if
they'll implement checksums following the full specification.



> Those who don't like it will have to deal with the compatibility
> concerns themselves, or get an alternate wordlist approved as a BIP.

Odds are no one will go that route.
>
>
At least Trezor and bitcoinj (Multibit) seems to be going in this way,
which is 100% of clients which expressed interest in bip39 :-).

slush


> On Mon, Jan 20, 2014 at 5:35 PM, Peter Todd <pete@petertodd.org> wrote:
> > On Mon, Jan 20, 2014 at 04:05:14PM -0600, Brooks Boyd wrote:
> >> On Mon, Jan 20, 2014 at 11:42 AM, slush <slush@centrum.cz> wrote:
> >>
> >> > Hi all,
> >> >
> >> > during recent months we've reconsidered all comments which we received
> >> > from the community about our BIP39 proposal and we tried to meet all
> >> > requirements for such standard. Specifically the proposal now doesn't
> >> > require any specific wordlist, so every client can use its very own
> list of
> >> > preferred words. Generated mnemonic can be then applied to any other
> >> > BIP39-compatible client. Please follow current draft at
> >> > https://github.com/trezor/bips/blob/master/bip-0039.mediawiki.
> >>
> >> So, because the [mnemonic]->[bip32 root] is just hashing, you've
> >> effectively made your "mnemonic sentence" into a brainwallet? Since
> every
> >> mnemonic sentence can now lead to a bip32 root, and only the client that
> >> created the mnemonic can verify the mnemonic passes its checksum
> (assuming
> >> all clients use different wordlists, the only client that can help you
> if
> >> you fat-finger the sentence is the client that created it)?
> >
> > That issue is more than enough to get a NACK from me on making the
> > current BIP39 draft a standard - I can easily see that leading to users
> > losing a lot of money.
> >
> > Have any wallets implemented BIP39 this way already in released code?
> >
> > --
> > 'peter'[:-1]@petertodd.org
> > 00000000000000009c3092c0b245722363df8b29cfbb86368f4f7303e655983a
> >
> >
> ------------------------------------------------------------------------------
> > CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> > Learn Why More Businesses Are Choosing CenturyLink Cloud For
> > Critical Workloads, Development Environments & Everything In Between.
> > Get a Quote or Start a Free Trial Today.
> >
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
> >
>
>
> ------------------------------------------------------------------------------
> CenturyLink Cloud: The Leader in Enterprise Cloud Services.
> Learn Why More Businesses Are Choosing CenturyLink Cloud For
> Critical Workloads, Development Environments & Everything In Between.
> Get a Quote or Start a Free Trial Today.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=119420431&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>

--047d7b8738101a0d1204f06f1d48
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">=
On Tue, Jan 21, 2014 at 12:06 AM, Christophe Biocca <span dir=3D"ltr">&lt;<=
a href=3D"mailto:christophe.biocca@gmail.com" target=3D"_blank">christophe.=
biocca@gmail.com</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex">I remember the wordlist choice getting bikeshedded to deat=
h a month ago.<br>


<br>
I would just include the wordlist as part of the standard (as a<br>
recommendation) so that fully compliant implementations can correct a<br>
user&#39;s typos regardless of the original generator.<br>
<br></blockquote><div><br></div><div>That&#39;s exactly our attitude. We re=
alized that have a community-wide agreement on the wordlist itself is simpl=
y imposible, so to reach at least some consensus we split the proposal to t=
wo parts - one what is essential to call itself a &quot;bip39 compatible&qu=
ot;, i.e. converting the mnemonic to bip32 node and second which is optiona=
l, including our proposed wordlist, which has some advanced features like c=
hecksums etc. Now it is up to client developers to decide if they really in=
sist on their superior wordlist or if they&#39;ll implement checksums follo=
wing the full specification.</div>

<div><br></div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"mar=
gin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,2=
04);border-left-style:solid;padding-left:1ex">
Those who don&#39;t like it will have to deal with the compatibility<br>
concerns themselves, or get an alternate wordlist approved as a BIP.=A0</bl=
ockquote><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8e=
x;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-styl=
e:solid;padding-left:1ex">


Odds are no one will go that route.<br>
<br></blockquote><div>=A0</div><div>At least Trezor and bitcoinj (Multibit)=
 seems to be going in this way, which is 100% of clients which expressed in=
terest in bip39 :-).</div><div><br></div><div>slush</div><div>=A0</div><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left=
-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;paddi=
ng-left:1ex">

On Mon, Jan 20, 2014 at 5:35 PM, Peter Todd &lt;<a href=3D"mailto:pete@pete=
rtodd.org">pete@petertodd.org</a>&gt; wrote:<br>
<div class=3D"im">&gt; On Mon, Jan 20, 2014 at 04:05:14PM -0600, Brooks Boy=
d wrote:<br>
&gt;&gt; On Mon, Jan 20, 2014 at 11:42 AM, slush &lt;<a href=3D"mailto:slus=
h@centrum.cz">slush@centrum.cz</a>&gt; wrote:<br>
&gt;&gt;<br>
&gt;&gt; &gt; Hi all,<br>
&gt;&gt; &gt;<br>
&gt;&gt; &gt; during recent months we&#39;ve reconsidered all comments whic=
h we received<br>
&gt;&gt; &gt; from the community about our BIP39 proposal and we tried to m=
eet all<br>
&gt;&gt; &gt; requirements for such standard. Specifically the proposal now=
 doesn&#39;t<br>
&gt;&gt; &gt; require any specific wordlist, so every client can use its ve=
ry own list of<br>
&gt;&gt; &gt; preferred words. Generated mnemonic can be then applied to an=
y other<br>
&gt;&gt; &gt; BIP39-compatible client. Please follow current draft at<br>
&gt;&gt; &gt; <a href=3D"https://github.com/trezor/bips/blob/master/bip-003=
9.mediawiki" target=3D"_blank">https://github.com/trezor/bips/blob/master/b=
ip-0039.mediawiki</a>.<br>
&gt;&gt;<br>
</div>&gt;&gt; So, because the [mnemonic]-&gt;[bip32 root] is just hashing,=
 you&#39;ve<br>
&gt;&gt; effectively made your &quot;mnemonic sentence&quot; into a brainwa=
llet? Since every<br>
&gt;&gt; mnemonic sentence can now lead to a bip32 root, and only the clien=
t that<br>
&gt;&gt; created the mnemonic can verify the mnemonic passes its checksum (=
assuming<br>
&gt;&gt; all clients use different wordlists, the only client that can help=
 you if<br>
&gt;&gt; you fat-finger the sentence is the client that created it)?<br>
&gt;<br>
&gt; That issue is more than enough to get a NACK from me on making the<br>
&gt; current BIP39 draft a standard - I can easily see that leading to user=
s<br>
&gt; losing a lot of money.<br>
&gt;<br>
&gt; Have any wallets implemented BIP39 this way already in released code?<=
br>
<span class=3D""><font color=3D"#888888">&gt;<br>
&gt; --<br>
&gt; &#39;peter&#39;[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank=
">petertodd.org</a><br>
&gt; 00000000000000009c3092c0b245722363df8b29cfbb86368f4f7303e655983a<br>
</font></span><div class=3D""><div class=3D"h5">&gt;<br>
&gt; ----------------------------------------------------------------------=
--------<br>
&gt; CenturyLink Cloud: The Leader in Enterprise Cloud Services.<br>
&gt; Learn Why More Businesses Are Choosing CenturyLink Cloud For<br>
&gt; Critical Workloads, Development Environments &amp; Everything In Betwe=
en.<br>
&gt; Get a Quote or Start a Free Trial Today.<br>
&gt; <a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D119420431&a=
mp;iu=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.ne=
t/gampad/clk?id=3D119420431&amp;iu=3D/4140/ostg.clktrk</a><br>
&gt; _______________________________________________<br>
&gt; Bitcoin-development mailing list<br>
&gt; <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-d=
evelopment@lists.sourceforge.net</a><br>
&gt; <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-develo=
pment" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitco=
in-development</a><br>
&gt;<br>
<br>
---------------------------------------------------------------------------=
---<br>
CenturyLink Cloud: The Leader in Enterprise Cloud Services.<br>
Learn Why More Businesses Are Choosing CenturyLink Cloud For<br>
Critical Workloads, Development Environments &amp; Everything In Between.<b=
r>
Get a Quote or Start a Free Trial Today.<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D119420431&amp;iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D119420431&amp;iu=3D/4140/ostg.clktrk</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div></div></blockquote></div><br></div></div>

--047d7b8738101a0d1204f06f1d48--