-
-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SLIP39 + BIP39 + SSKR secret sizes #64
Comments
You will see from @ksedgwic example with dog tags you don’t need all the words to recover. I know you can drop the first two words as they are always |
@ChristopherA Thanks! This example with dog tags is great. It seems like there are only 12 words in each tag. That's great. (And Sorry for using an issue for a discussion/question again) Maybe seedtool SSKR, SLIP39, and BIP39 also use different dictionaries? It might just be a matter of using another encoding to get to 20 words only. It looks like the shares are using byte words (they are 4 chars each) while SLIP39 shares use other mnemonics. Actually, it looks like SLIP39 uses yet another wordlist with 1024 words instead of the BIP39 2048 word lists. So it might be even less than 20 words in BIP39 encoding. This might sound silly, but engraving <20 words is a lot easier than engraving 29 words. By the way, if you guys think there's something useful from this discussion we could implement, I can help implement any of these things. I just wouldn't open a PR out of nowhere. 😆 There's probably even room for opening another SLIP if you'd like. Creating conventions is very important for that kind of stuff, to ensure other people will be able to recover these seeds. On another issue related to the example with dog tags; This might seem silly, but I'm a little worried about the interface, especially if adjusting some words here and there, like in the example. I mean, there's some chance someone else will need to recover the original seed (if using the secrets for an inheritance, for example) and this might be a problem if there are lots of ways to do that through the interface. For instance, for a 2of3 secret seedtool gives me:
and we need
So the final BIP39 mnemonic is right there. I know this might seem very silly and I don't care about it myself at all. But I'm worried other people might not be able to recover the seed if they ever need to, which is a common use case of SSKR. |
Sorry. I just noticed it's two tags per share. So 24 words per share. |
On second thought, I just realized that most of this issue amounts to separating the concept of sskr secrets from its encoding. A command like |
The important thing about storing things in permanent media like metal is to make them as self-describing as possible. I think effort to engrave should be a secondary consideration. SSKR shares stored as ByteWords are actually just a form encoding where each 4-character word represents 8 bits. There are only 256 possible words so the number of possible words is relatively small. They include various forms of error detection and correction so they are hard to mis-transcribe. They also encode CBOR (sort of like binary JSON) that gives their content structure, including tagging that makes them self-describing. I think one needs to consider giving up all of these benefits before choosing alternate methods, including messing with the actual sequence of ByteWords in each canonical SSKR share. |
I've also been investigating commissioning someone to create engraved plates where the initial common "self-describing" words are etched in advance, requiring you to only engrave the remainder yourself. Thus I believe we can get a single SSKR share down to 24 or 25 words (@wolfmcnally ?) |
The only three words you could reliably pre-etch would be the first three |
Given that many (but not all) pre-existing metal templates support 25 words (24 words plus BIP-38 passphrase), and |
Thanks a lot guys! |
Thank you for this great project.
This is not really an issue so I'm sorry if there's a better place for questions and I missed it.
I implemented this small variation of SLIP39 that would use BIP39 mnemonics directly instead of SLIP39 master keys that are incompatible with BIP39 and, by consequence, most wallets.
But I noticed the SLIP39/BIP39 secrets it generates are 20 words long and the secrets seedtool generates are 29 words long. Why is that? It might seem like a small difference, but this is a practical issue because capsules and steel plates often don't support 29 words.
The text was updated successfully, but these errors were encountered: