Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This is not slip-39 #4

Closed
dzid26 opened this issue May 23, 2023 · 2 comments
Closed

This is not slip-39 #4

dzid26 opened this issue May 23, 2023 · 2 comments

Comments

@dzid26
Copy link

dzid26 commented May 23, 2023
edited
Loading

Issue analogs to this one: BlockchainCommons/lethekit#38

I think it should be made more clear that there is an incompatibility between bip39 and slip39 standards.

image
@pjkundert
Copy link
Owner

Yes, unfortunately SLIP-39 and BIP-39 are fundamentally incompatible, and generate different HD wallet derivations.

However, there is a method by which you can backup an existing BIP-39 Mnemonic phrase using SLIP-39. This is what I have implemented.

It means that your existing BIP-39 hardware wallet doesn't need to know anything about SLIP-39.

We simply use SLIP-39 to store (and recover) the original 128-bit or 256-bit "Entropy", from which your BIP-39 Mnemonic phrase is derived. You store the SLIP-39 Mnemonics, and (after setting up your Hardware wallet using BIP-39) -- you DESTROY your BIP-39 Mnemonic phrase!

Later, when you need to initialize a new BIP-39 Hardware wallet -- you use the SLIP-39 App or this python-slip39 module to enter your SLIP-39 recovery phrases.

As always, this (standard) SLIP-39 process recovers the original 128-bit or 256-bit Entropy. Normal SLIP-39 uses this Entropy, directly, to derive your standard SLIP-39 HD wallets.

But, we don't use it to derive your wallets, in this case: we use it to REGENERATE YOUR BIP-39 Mnemonic phrase!

Then, you use that BIP-39 Mnemonic to initialize your BIP-39 Hardware Wallet, and recover your original BIP-39 derived accounts.

So, yes -- SLIP-39 and BIP-39 are incompatible; but, you can use SLIP-39 to recover your BIP-39, and then use that as you normally would. In the mean time, your BIP-39 Mnemonic phrase does not exist, anywhere, to get accidentally revealed or stolen, which is a VERY high risk, since it is a SINGLE POINT OF FAILURE.

@petre-c petre-c mentioned this issue Jun 4, 2024
Closed
@petre-c
Copy link

petre-c commented Jun 4, 2024
edited
Loading

I was surprised to find that generating SLIP-39 shares for my BIP-39, then doing a SLIP-39 recovery in Electrum, produces a different wallet than the wallet generated in Electrum with BIP-39.

Without understanding too much behind the reasoning, I'd argue that the slip39 tool must accentuate the fact that SLIP-39 shares it generates will generate a different wallet than the one generated with the BIP-39 seed used to produce the SLIP-39 shards and, hence, the way to go is to use this tool to recover the initial BIP-39, NOT to use the SLIP-39 shards it produces to recover the wallet (in Electrum).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pjkundert @dzid26 @petre-c