Re: [Bitcoin-development] Request For Discussion / BIP number - Multi-Currency Hierarchy For Use In Multisignature Deterministic Wallets
William, I believe the reasoning for this is stated in the Coin Type section. Public derivation is used so that cosigners need only know one of each other's public keys, rather than needing to distribute public keys for each coin. BIP44 has a coin level, but it's a private derived level, so cosigners would not be able to generate multiple crypto currencies of each others' without giving each other n xpubs where n is the number of currencies shared. This new proposal basically sticks coin type on the public derivation side of things so that I could generate litecoin or darkcoin multisigs without your permission... Kefkius, This BIP seems like a good fit for multi-currency wallets based on multisig. So kudos for putting it in writing. However, I don't know if this is really a BIP thing. It's not improving Bitcoin (Bitcoin Improvement Proposal... remember?), in fact, by definition it is improving altcoin usability. For that reason alone I will say I disagree for a BIP for this. - Jona 2015-04-08 16:46 GMT+09:00 William Swanson swanson...@gmail.com: It's not really clear why this is better than BIP 44 as it already stands. You have the same fields, but they are just in a different order. Couldn't you just use the existing BIP 44 hierarchy, but add the convention that wallet/account N is the same wallet in each supported currency? For example, if I have a wallet called business expenses, which happens to be wallet m / 44' / 0' / 5', for Bitcoin, then the same wallet would be m / 44' / 3' / 5' for Dogecoin, and m / 44' / 2' / 5' for Litecoin. I am trying to think of examples where your proposal is better than BIP 44, but I can't think of any. Even backup recovery works fine. I assume that your idea is to continue iterating over the different wallet indices as long as you are finding funds in *any* currency. Well, you can still do that with BIP 44. The fields are in a different order, but that doesn't affect the algorithm in any way. Maybe you have some deeper insight I'm not seeing, but if so, you need to clearly explain that in your motivation section. The current explanation, This limits the possible implementations of multi-currency, multisignature wallets, is pretty vauge. Also, there is nothing in this spec that addresses the multisignature use-case. The BIP 45 spec does a lot of extra work to make multisignature work smoothly. I'm not trying to criticize your proposal. I'm just trying to understand what it's trying to accomplish. -William Swanson On Wed, Apr 8, 2015 at 12:05 AM, Kefkius kefk...@maza.club wrote: I have a potential BIP, Multi-Currency Hierarchy For Use In Multisignature Deterministic Wallets. I'm requesting discussion on it, and possibly assignment of a BIP number. It's located in this github gist: https://gist.github.com/Kefkius/1aa02945e532f8739023 -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15utm_medium=emailutm_campaign=VA_SF ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- -BEGIN PGP PUBLIC KEY BLOCK- Comment: http://openpgpjs.org xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3 x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa 02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr
Re: [Bitcoin-development] Request for a new BIP number (and discussion): Improved HD wallet generation.
Hello Bob, And compromise of that longer key still compromises the entire wallet. No, in fact I could give you any node (derived extended private key) or key (derived normal bitcoin address private key) AND any node's extended public key above them, and as long as the keys are generated within my specifications, you can not derive the associated extended private key to the ancestor extended public key. If you think it still compromises the entire wallet, please show me in pseudo code / explanation. Under what circumstances would anyone ever be passing around private keys without your a,b? I just added a Motivation section showing one example called Reality Keys. They send bitcoins to Yes/No bet addresses and the result of the bet's private key is revealed to award the winners via special P2SH scripts. So they would need to give out smaller keys (aka normal private keys) and it would be better to manage them hierarchically instead of just generating millions of keys ahead of time and storing them on USBs or something. Thanks, Jona 2015-02-21 22:57 GMT+09:00 Bob Mcelrath b...@mcelrath.org: But this just makes the private HD key longer, effectively. And compromise of that longer key still compromises the entire wallet. Under what circumstances would anyone ever be passing around private keys without your a,b? The longer privkey is a wallet backup and has a reason to be copied. I can't think of a scenario where anyone would use or compromise the shorter privkey. On February 21, 2015 8:32:30 AM EST, 木ノ下じょな kinoshitaj...@gmail.com wrote: Yes. That is similar to an idea at FC15 ( http://fc15.ifca.ai/preproceedings/paper_15.pdf) but instead of increasing the number of keys needed up to m, and protecting against m-1 leaks. (so if you have to give keys out to 10 departments you must store 11 keys, or 363 bytes, I have decided to leave it at 2 keys protecting 1 leak, and then using convention to prevent calculating the master private key by requiring all private keys AND all extended private keys (aka nodes in my proposal) to be derived alone under their respective parents. In theory this will prevent leakage of private keys from destroying the entire HD wallet entirely. Services like Reality Keys could be a perfect use case (he must release private keys relating to the outcome, so he has decided against using BIP32 to generate addresses for! the bets. Any Cryptographers that would like to take a look at the math and see if it's sound, I think I am properly breaking any linear relationships between keys... but I would like a second opinion. Thank you for your reply, Jona 2015-02-21 22:23 GMT+09:00 Adam Back a...@cypherspace.org: Whats the objective? Is it to require accidental disclosure of two private keys to compute the master private key? Adam On 21 February 2015 at 13:20, 木ノ下じょな kinoshitaj...@gmail.com wrote: Hello All, I have put together a proposal for a new generation methodology of HD wallets. The method is a modification of BIP32, so if something is unclear or not explicit, please assume it follows BIP32. I am looking forward to any and all criticism and help with writing / making the BIP more secure. If some of my pseudo code / English is off I apologize, I am not good with words. If this is deemed worthy enough to be drafted into a BIP, I would appreciate if someone could tell me what the overall step by step flow would be. Thank you, I will paste the link to the proposal below. Jona https://gist.github.com/dabura667/875bb2c159b219c18885 -- -BEGIN PGP PUBLIC KEY BLOCK- Comment: http://openpgpjs.org xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3 x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa 02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ9EBCACu Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf
Re: [Bitcoin-development] Request for a new BIP number (and discussion): Improved HD wallet generation.
Thank you for your feedback. I have written the Abstract and Motivation. If my English is poor please let me know. Also let me know any other comments or criticism you may have. Thank you, Jona 2015-02-21 22:34 GMT+09:00 Pavol Rusnak st...@gk2.sk: On 21/02/15 14:20, 木ノ下じょな wrote: I have put together a proposal for a new generation methodology of HD wallets. Your proposal is missing Abstract and Motivation sections. Abstract tells us WHAT are trying to achieve, Motivation tells WHY. It's not worth to dig into technical details of your implementation until these two questions are answered. -- Best Regards / S pozdravom, Pavol Rusnak st...@gk2.sk -- -BEGIN PGP PUBLIC KEY BLOCK- Comment: http://openpgpjs.org xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3 x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa 02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ9EBCACu Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf/Ulu5JAk4fXgH0DtkMmdkFiKEFdkW 0Wkw7Vhd5eZ4NzeP9kOkD01OGweT9hqzwhfT2CNXCGxh4UnvEM1ZMFypIKdq 0XpLLJMrDOQO021UjAa56vHZPAVmAM01z5VzHJ7ekjgwrgMLmVkm0jWKEKaO n/MW7CyphG7QcZ6cJX2f6uJcekBlZRw9TNYRnojMjkutlOVhYJ3J78nc/k0p kcgV63GB6D7wHRF4TVe4xIBqKpbBhhN+ISwFN1z+gx3lfyRMSmiTSrGdKEQe XSIQKG8XZQZUDhLNkqPS+7EMV1g7+lOfT4GhLL68dUXDa1e9YxGH6zkpVECw Spe3vsHZr6CqFg== =/vUJ -END PGP PUBLIC KEY BLOCK- -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg.clktrk___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Request for a new BIP number (and discussion): Improved HD wallet generation.
Yes. That is similar to an idea at FC15 ( http://fc15.ifca.ai/preproceedings/paper_15.pdf) but instead of increasing the number of keys needed up to m, and protecting against m-1 leaks. (so if you have to give keys out to 10 departments you must store 11 keys, or 363 bytes, I have decided to leave it at 2 keys protecting 1 leak, and then using convention to prevent calculating the master private key by requiring all private keys AND all extended private keys (aka nodes in my proposal) to be derived alone under their respective parents. In theory this will prevent leakage of private keys from destroying the entire HD wallet entirely. Services like Reality Keys could be a perfect use case (he must release private keys relating to the outcome, so he has decided against using BIP32 to generate addresses for the bets. Any Cryptographers that would like to take a look at the math and see if it's sound, I think I am properly breaking any linear relationships between keys... but I would like a second opinion. Thank you for your reply, Jona 2015-02-21 22:23 GMT+09:00 Adam Back a...@cypherspace.org: Whats the objective? Is it to require accidental disclosure of two private keys to compute the master private key? Adam On 21 February 2015 at 13:20, 木ノ下じょな kinoshitaj...@gmail.com wrote: Hello All, I have put together a proposal for a new generation methodology of HD wallets. The method is a modification of BIP32, so if something is unclear or not explicit, please assume it follows BIP32. I am looking forward to any and all criticism and help with writing / making the BIP more secure. If some of my pseudo code / English is off I apologize, I am not good with words. If this is deemed worthy enough to be drafted into a BIP, I would appreciate if someone could tell me what the overall step by step flow would be. Thank you, I will paste the link to the proposal below. Jona https://gist.github.com/dabura667/875bb2c159b219c18885 -- -BEGIN PGP PUBLIC KEY BLOCK- Comment: http://openpgpjs.org xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3 x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB CAAmBQJU5ifRBgsJCAcDAgkQRB9iZ30dlisEFQgCCgMWAgECGwMCHgEAAC6Z B/9otobf0ASHYdlUBeIPXdDopyjQhR2RiZGYaS0VZ5zzHYLDDMW6ZIYm5CjO Fc09ETLGKFxH2RcCOK2dzwz+KRU4xqOrt/l5gyd50cFE1nOhUN9+/XaPgrou WhyT9xLeGit7Xqhht93z2+VanTtJAG6lWbAZLIZAMGMuLX6sJDCO0GiO5zxa 02Q2D3kh5GL57A5+oVOna12JBRaIA5eBGKVCp3KToT/z48pxBe3WAmLo0zXr hEgTSzssfb2zTwtB3Ogoedj+cU2bHJvJ8upS/jMr3TcdguySmxJlGpocVC/e qxq12Njv+LiETOrD8atGmXCnA+nFNljBkz+l6ADl93jHzsBNBFTmJ9EBCACu Qq9ZnP+aLU/Rt6clAfiHfTFBsJvLKsdIKeE6qHzsU1E7A7bGQKTtLEnhCCQE W+OQP+sgbOWowIdH9PpwLJ3Op+NhvLlMxRvbT36LwCmBL0yD7bMqxxmmVj8n vlMMRSe4wDSIG19Oy7701imnHZPm/pnPlneg/Meu/UffpcDWYBbAFX8nrXPY vkVULcI/qTcCxW/+S9fwoXjQhWHaiJJ6y3cYOSitN31W9zgcMvLwLX3JgDxE flkwq/M+ZkfCYnS3GAPEt8GkVKy2eHtCJuNkGFlCAmKMX0yWzHRAkqOMN5KP LFbkKY2GQl13ztWp82QYJZpj5af6dmyUosurn6AZABEBAAHCwF8EGAEIABMF AlTmJ9QJEEQfYmd9HZYrAhsMAABKbgf/Ulu5JAk4fXgH0DtkMmdkFiKEFdkW 0Wkw7Vhd5eZ4NzeP9kOkD01OGweT9hqzwhfT2CNXCGxh4UnvEM1ZMFypIKdq 0XpLLJMrDOQO021UjAa56vHZPAVmAM01z5VzHJ7ekjgwrgMLmVkm0jWKEKaO n/MW7CyphG7QcZ6cJX2f6uJcekBlZRw9TNYRnojMjkutlOVhYJ3J78nc/k0p kcgV63GB6D7wHRF4TVe4xIBqKpbBhhN+ISwFN1z+gx3lfyRMSmiTSrGdKEQe XSIQKG8XZQZUDhLNkqPS+7EMV1g7+lOfT4GhLL68dUXDa1e9YxGH6zkpVECw Spe3vsHZr6CqFg== =/vUJ -END PGP PUBLIC KEY BLOCK- -- Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=190641631iu=/4140/ostg.clktrk ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development -- -BEGIN PGP PUBLIC KEY BLOCK- Comment: http://openpgpjs.org xsBNBFTmJ8oBB/9rd+7XLxZG/x/KnhkVK2WBG8ySx91fs+qQfHIK1JrakSV3 x6x0cK3XLClASLLDomm7Od3Q/fMFzdwCEqj6z60T8wgKxsjWYSGL3mq8ucdv iBjC3wGauk5dQKtT7tkCFyQQbX/uMsBM4ccGBICoDmIJlwJIj7fAZVqGxGOM bO1RhYb4dbQA2qxYP7wSsHJ6/ZNAXyEphOj6blUzdqO0exAbCOZWWF+E/1SC EuKO4RmL7Imdep7uc2Qze1UpJCZx7ASHl2IZ4UD0G3Qr3pI6/jvNlaqCTa3U 3/YeJwEubFsd0AVy0zs809RcKKgX3W1q+hVDTeWinem9RiOG/vT+Eec/ABEB AAHNI2tpbm9zaGl0YSA8a2lub3NoaXRham9uYUBnbWFpbC5jb20+wsByBBAB