I am working on a replacement for BIP39 and noticed that the password section mandates a Unicode normalization pass but does not prohibit unassigned character points.
I believe that this is problematic as newer drafts of Unicode alter the output of normalization passes. So if a user assigned a password using a wallet that linked to Unicode 9 but input a code point reserved in Unicode 10, updating the wallet to Unicode 10 could incorrectly remap that code point [0]. Thank you, -Zach Lym P.S. The relevant RFC on this subject specifies a different normalization procedure [1] [BIP39]: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki [0]: http://unicode.org/reports/tr15/#Stabilized_Strings [1]: https://tools.ietf.org/html/rfc7564
_______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
