mirror of
https://github.com/bitcoin/bips.git
synced 2025-03-04 03:03:53 +01:00
grammar correction
This commit is contained in:
Aaron Voisine
parent
92819e0df3
commit
e50256edb5
1 changed files with 20 additions and 20 deletions
|
|
@ -26,14 +26,14 @@ A mnenomic code or sentence is superior for human interaction compared to the
|
|||
handling of raw binary or hexidecimal representations of a wallet seed. The
|
||||
sentence could be written on paper or spoken over the telephone.
|
||||
|
||||
This guide meant to be as a way to transport computer-generated randomnes over
|
||||
human readable transcription. It's not a way how to process user-created
|
||||
sentences (also known as brainwallet) to wallet seed.
|
||||
This guide is meant to be a way to transport computer-generated randomness with
|
||||
a human readable transcription. It's not a way to convert a user created
|
||||
sentence (also known as brainwallet) to a wallet seed.
|
||||
|
||||
==Generating the mnemonic==
|
||||
|
||||
The mnemonic must encode entropy in any multiple of 32 bits. With larger entropy
|
||||
security is improved but the sentence length increases. We can refer to the
|
||||
The mnemonic must encode entropy in any multiple of 32 bits. With more entropy,
|
||||
security is improved but the sentence length increases. We refer to the
|
||||
initial entropy length as ENT. The recommended size of ENT is 128-256 bits.
|
||||
|
||||
First, an initial entropy of ENT bits is generated. A checksum is generated by
|
||||
|
|
@ -43,8 +43,8 @@ are split into groups of 11 bits, each encoding a number from 0-2047, serving
|
|||
as an index to a wordlist. Later, we will convert these numbers into words and
|
||||
use the joined words as a mnemonic sentence.
|
||||
|
||||
The following table describes the relation between the initial entropy
|
||||
length (ENT), the checksum length (CS) and length of the generated mnemonic
|
||||
The following table describes the relationship between the initial entropy
|
||||
length (ENT), the checksum length (CS) and the length of the generated mnemonic
|
||||
sentence (MS) in words.
|
||||
|
||||
<pre>
|
||||
|
|
@ -65,7 +65,7 @@ MS = (ENT + CS) / 11
|
|||
An ideal wordlist has the following characteristics:
|
||||
|
||||
a) smart selection of words
|
||||
- wordlist is created in such way that it's enough to type the first four
|
||||
- the wordlist is created in such way that it's enough to type the first four
|
||||
letters to unambiguously identify the word
|
||||
|
||||
b) similar words avoided
|
||||
|
|
@ -74,8 +74,8 @@ b) similar words avoided
|
|||
prone and more difficult to guess
|
||||
|
||||
c) sorted wordlists
|
||||
- wordlist is sorted which allows for more efficient lookup of the code words
|
||||
(i.e. implementation can use binary search instead of linear search)
|
||||
- the wordlist is sorted which allows for more efficient lookup of the code words
|
||||
(i.e. implementations can use binary search instead of linear search)
|
||||
- this also allows trie (prefix tree) to be used, e.g. for better compression
|
||||
|
||||
The wordlist can contain native characters, but they have to be encoded in UTF-8
|
||||
|
|
@ -83,30 +83,30 @@ using Normalization Form Compatibility Decomposition (NFKD).
|
|||
|
||||
==From mnemonic to seed==
|
||||
|
||||
A user may decide to protect their mnemonic by passphrase. If a passphrase is not
|
||||
A user may decide to protect their mnemonic with a passphrase. If a passphrase is not
|
||||
present, an empty string "" is used instead.
|
||||
|
||||
To create a binary seed from the mnemonic, we use PBKDF2 function with a mnemonic
|
||||
To create a binary seed from the mnemonic, we use the PBKDF2 function with a mnemonic
|
||||
sentence (in UTF-8 NFKD) used as a password and string "mnemonic" + passphrase (again
|
||||
in UTF-8 NFKD) used as a salt. Iteration count is set to 2048 and HMAC-SHA512 is used as
|
||||
a pseudo-random function. Desired length of the derived key is 512 bits (= 64 bytes).
|
||||
the pseudo-random function. Desired length of the derived key is 512 bits (= 64 bytes).
|
||||
|
||||
This seed can be later used to generate deterministic wallets using BIP-0032 or
|
||||
This seed can be used later to generate deterministic wallets using BIP-0032 or
|
||||
similar methods.
|
||||
|
||||
The conversion of the mnemonic sentence to binary seed is completely independent
|
||||
The conversion of the mnemonic sentence to a binary seed is completely independent
|
||||
from generating the sentence. This results in rather simple code; there are no
|
||||
constraints on sentence structure and clients are free to implement their own
|
||||
wordlists or even whole sentence generators, allowing for flexibility in wordlists
|
||||
for typo detection or other purposes.
|
||||
|
||||
Although using mnemonic not generated by algorithm described in "Generating the
|
||||
mnemonic" section is possible, this is not advised and software must compute
|
||||
checksum of the mnemonic sentence using wordlist and issue a warning if it is
|
||||
Although using a mnemonic not generated by the algorithm described in "Generating the
|
||||
mnemonic" section is possible, this is not advised and software must compute the
|
||||
checksum of the mnemonic sentence using a wordlist and issue a warning if it is
|
||||
invalid.
|
||||
|
||||
Described method also provides plausible deniability, because every passphrase
|
||||
generates a valid seed (and thus deterministic wallet) but only the correct one
|
||||
The described method also provides plausible deniability, because every passphrase
|
||||
generates a valid seed (and thus a deterministic wallet) but only the correct one
|
||||
will make the desired wallet available.
|
||||
|
||||
==Wordlists==
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue