Author

Topic: Segwit HD wallet issues (Read 878 times)

hero member
Activity: 692
Merit: 569
September 05, 2017, 09:18:53 AM
#4
Edit: Updated version numbers so that prefix is more readable
hero member
Activity: 692
Merit: 569
September 04, 2017, 12:07:44 AM
#3
It might be useful to check out how Electrum handles your suggestion #2:

http://docs.electrum.org/en/latest/seedphrase.html



Thanks for this, in fact electrum also echoes similar reasoning for abandoning seed words in favour of passphrase

Quote
BIP39 seed phrases do not include a version number. This means that software should always know how to generate keys and addresses. BIP43 suggests that wallet software will try various existing derivation schemes within the BIP32 framework. This is extremely inefficient and rests on the assumption that future wallets will support all previously accepted derivation methods. If, in the future, a wallet developer decides not to implement a particular derivation method because it is deprecated, then the software will not be able to detect that the corresponding seed phrases are not supported, and it will return an empty wallet instead. This threatens users funds.

I propose additional version numbers for BIP32 Serialization format to help segwit xpub/xprv derivation. Below the list of new version bytes, resulting base58 prefix and network type:

0x042393df ,  sxpr ,   segwit mainnet private key
0x04239377 , sxpb , segwit mainnet public key
0x042224cc ,  stpr ,  segwit testnet private key
0x04222463 , stpb ,  segwit testnet public key



Looking forward to hearing your thoughts
legendary
Activity: 4228
Merit: 1313
September 03, 2017, 05:50:04 AM
#2
It might be useful to check out how Electrum handles your suggestion #2:

http://docs.electrum.org/en/latest/seedphrase.html

hero member
Activity: 692
Merit: 569
September 03, 2017, 02:09:15 AM
#1
This thread proposes changes to BIP49 to address segwit compatibility issues

Breaking backwards compatibility
The BIP talks about breaking this, and  but it really doesn't.  I really feel it should completely break this. Here is why

What would happen if you recover a wallet  using seed words ?
  1. Since there is no difference in seed words between segwit/non segwit, the wallet would discover both m/44' and m/49' accounts
  2. Note that we cannot ask the user to choose an account he wants to operate on (Segwit/Non segwit). This is like asking him the HD derivation path and a really bad UI
  3. The wallet now has to constantly monitor both m/44' and m/49' accounts for transactions
  
Basically we are always stuck with keeping compatibility with older seed words or always asking the user if the seed words came from segwit/non segwit wallet !

Here is my suggestion :
1. By default all new wallets will be created as segwit  m/49' without asking user anything. I think you would agree with me that in future we want most wallet to be default segwit (unless user chooses a non segwit from advanced options)!

2. Segwit wallet seed words have a different format which is incompatible with previous wallet seed words. This  encodes the information that this wallet is segwit in the seed words itself. We need to define a structure for this


XPUB Derivation
This is something not addressed in the BIP yet.

1. Right now you can get an xpub balance/transaction history. Now there is no way to know whether an xpub is from m/44' or m/49'

2. This breaks lots of things. Wallets like electrum/armory/mycelium support importing  xpub as a watch only wallet. Also services like blockonomics/blockchain.info use xpub for displaying balance/generating merchant addresses

Looking forward to hearing your thoughts. Please advise and I can create a PR encompassing your suggestions.
Jump to: