Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make Seedpicker compatible with Coldcard's Seed XOR #50

Closed
BoGitter opened this issue Mar 6, 2022 · 10 comments
Closed

Make Seedpicker compatible with Coldcard's Seed XOR #50

BoGitter opened this issue Mar 6, 2022 · 10 comments

Comments

@BoGitter
Copy link

BoGitter commented Mar 6, 2022

See Coldcard's Seed XOR. Scroll to Resulting Seed Phrase.

If you input the Resulting Seed Phrase silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary in Seedpicker, the 24th word is "all". The output of ColdCard's 24th word is "indoor". This is confusing for users who try to verify their seed.

Suggestion
At this moment Seedpicker automatically picks the alphabetically 1st outcome as discussed here and here and here which is the most user friendly and error avoiding way.
But for SEED XOR users it might be confusing, because (1) you'll have to find out that there more checksums possible and (2) that Seedpicker always picks the first. Suggestions:

  • Let users select from all possible checksums where you label the first option as "default" or "recommended by Seedpicker" and after selection generate the xpub page.
  • Explicitly state on homepage that there are more possible checksum values and that Seedpicker picks 1st.
  • Output the other Alternative checksums in the "advanced section" where you make the checksums clickable so that if a user clicks it, it generates the xpub page.
  • Provide a separate file with which advanced users can generate all checksums.
@merland
Copy link
Owner

merland commented Mar 8, 2022

Thanks for this suggestion @BoGitter !
I tried to familiarize myself a little bit with the "Seed XOR" method, I haven't used it myself.
A first clarifying question: Why don't you want to use the 24th word calculated by ColdCard? Both ColdCard and SeedPicker generate valid results, we just pick the checksum a bit differently. Involving SeedPicker in the Seed XOR method seems redundant and a bit confusing for the user.

@merland
Copy link
Owner

merland commented Mar 8, 2022

Also, SeedPicker does mention that there are multiple valid words, admittedly could be made more clear. Hover over the little question mark next the the resulting word, and you will see a tooltip text.

@BoGitter
Copy link
Author

BoGitter commented Mar 8, 2022

My goal was to verify the result of ColdCard's 24th word without depending on ColdCard. If ColdCard quits or all devices are gone, this would deal with my dependence on a ColdCard device when restoring.

@merland
Copy link
Owner

merland commented Mar 8, 2022

Ok, I see. However: Once you successfully import your seed phrase once in any kind of wallet, you can know for sure that the 24th word is valid and you never need to re-verify the seed phrase.

When I first created SeedPicker, no hardware solutions existed for calculating the 24th word, in fact this was the only reason for creating it. Now that ColdCard and other hardware wallets have implemented this feature, they are the preferred way of doing it if you already bought one. SeedPicker in offline mode on a secure machine is perfectly safe (and free!), but a dedicated single-purpose computer is - of course - much more convenient.

If you still want a browser tool to verify an existing seed phrase, I highly recommend https://iancoleman.io/bip39/. Offline mode on a secure machine, needless to say!

There is also another related issue - #16 - that we have not mentioned yet. Still unimplemented but I believe that would work for your situation as well. Please comment on that issue if you want it to happen.

@BoGitter
Copy link
Author

BoGitter commented Mar 8, 2022

The thing with XOR is that if you combine 2 seeds (e.g. your steel backup) to create your Resulting Seed Phrase, the 24th word is always missing. If there is no access to a ColdCard wallet, then you can't verify the seed phrase. That's why I was looking for an alternative to find the right 24th word of the Resulting Seed Phrase...

Thanks for help! Much appreciated!

@merland
Copy link
Owner

merland commented Mar 9, 2022

Ok, that's a bit odd... But what I said above is still valid: When you have done it once, you will never have to re-validate the 24th word.
The Seed XOR scheme is something quite ColdCard specific and 'non-standard'. So you should probably not expect anyone outside ColdCard to build any supporting tools for it. Personally, I think Seed XOR seems more confusing than helpful, most of its benefits can be achieved by using a good passphrase (or several), a more standardized method.

@BoGitter
Copy link
Author

BoGitter commented Mar 9, 2022

Some extra clarification, maybe you already saw it. After XORing seeds there is already a hint for the 24th word.
XOR = 643 71C 450 544 12E 0C0 7B3 4C6 706 7EF 4DD 08C 4BC 2B5 2BD 604 0A8 070 0B1 7B1 7ED 57E 555 3xx

It must start with the indicated digit 3 meaning the final word is between gas [300] - lend [3FF] and therefore the correct final word is indoor [398].

What you could do is an input text box for advanced XOR users where you ask for the first alphanumeric character of the 24th word of the Resulting Seed Phrase and then calculate the checksum. But I also understand it might be confusing for new users how to know what is meant by the first alphanumeric character.

A different approach could be to check if someone wants to check a "Raffle Checksum" or a "XOR Checksum" or you could even provide two completely different calculators with independent files. Or you can leave it all together of course...

@BoGitter
Copy link
Author

BoGitter commented Mar 9, 2022

Ok, that's a bit odd... But what I said above is still valid: When you have done it once, you will never have to re-validate the 24th word.
The Seed XOR scheme is something quite ColdCard specific and 'non-standard'. So you should probably not expect anyone outside ColdCard to build any supporting tools for it. Personally, I think Seed XOR seems more confusing than helpful, most of its benefits can be achieved by using a good passphrase (or several), a more standardized method.

True, but this assumes you have it. My situation is where the Colcard is lost and you want to restore a backup which you have secured by using XOR. You end up with an incomplete backup of 23 words + 1 digit. That's why they recommend to save the 24th word somewhere, but I think it would be better if there is an alternative way to find the right checksum, for example via Seedpicker.

@merland
Copy link
Owner

merland commented Mar 9, 2022

I really appreciate your interest and your suggestion but I don't think this is a suitable feature for SeedPicker. Mainly because I want SeedPicker to be as simple as possible.
Another reason is that I would probably not recommend anyone to use a non-standard security scheme such as Seed XOR. Obfuscation can easily backfire...

@BoGitter
Copy link
Author

BoGitter commented Mar 9, 2022

Ok fair enough. Thanks for your help!

For others who want to manually find the right 24th word after XORing two or more seeds BIP39-Dice might be an option. Adjust rolls.txt and run python 24thword.py and pick the right one. No guarantees!

@BoGitter BoGitter closed this as completed Mar 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants