goodatdrowning
commented
3 years ago Changed the text to mention BIP39 and use the wordings you suggested.
https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/906
Open keblek opened 3 years ago
goodatdrowning
commented
3 years ago Changed the text to mention BIP39 and use the wordings you suggested.
https://github.com/JoinMarket-Org/joinmarket-clientserver/pull/906
chris-belcher
commented
3 years ago "Passphrase" just means the secret input is made up of a phrase of words rather than one word. Many other non-bitcoin softwares use the term "passphrase", such as gpg or openssl.
There seems to be some mistaken impression that "passphrase" implies the mnemonic extension word and "password" implies the wallet file encryption key? That would be really confusing if so, because the words are pretty synonymous in other usages. JoinMarket (and other bitcoin softwares like electrum) intentionally make a distinction between the two to improve user friendlyness. Password or passphrase is used to mean the wallet file encryption key, and "extension" or "13th word" used to mean the seed phrase encryption key.
Adding documentation that the seed phrase is bip39 format is a good idea though. It wouldn't be a bad idea to print bip number corresponding to the wallet derivation path (for example, bip84 for native segwit addresses)
keblek
commented
3 years ago There seems to be some mistaken impression that "passphrase" implies the mnemonic extension word and "password" implies the wallet file encryption key?
I agree that this is confusing, but I don't know a better way to add clarity to the user experience. The user must know what the purpose of the secret word is, otherwise they might lose their funds.
I am taking this terminology from the BIB39 standard;
"A user may decide to protect their mnemonic with a passphrase. If a passphrase is not present, an empty string "" is used instead."
https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#from-mnemonic-to-seed
I personally think it's important to disambiguate the difference between a secret that results in loss of funds if lost or one that results in loss of time. That this usage of the terms conflicts with existing usage is really too bad and would obviously be better if we could avoid it.
@chris-belcher do you think the terminology from BIP39 should be updated? I don't like the term "passphrase" either but I think everybody using their own term may be worse.
To add to the confusion some popular wallets (like samurai wallet) use the extension word to encrypt the wallet data on the device, so in that case the extension is dual purpose.
chris-belcher
commented
3 years ago To add to the confusion some popular wallets (like samurai wallet) use the extension word to encrypt the wallet data on the device, so in that case the extension is dual purpose.
I did not know about this. Naming things is hard. Maybe using the extension for the wallet file encryption is actually a smart idea though.
FWIW I got the terminology from Electrum which uses the words "seed phrase" and "extension".
I suppose the name doesn't matter unless users know what is meant.
Perhaps the best thing to do is to explain whichever name is used. Add a bit more text that explains the purpose of each thing. For example Input the seed phrase extension, this is an encryption key used to encrypt the seed. Both the seed phrase and extension are needed to recover the money of this wallet. And the other one being something like Input wallet passphrase, this is the encryption key used to encrypt the wallet file on disk.
goodatdrowning
commented
3 years ago Perhaps the best thing to do is to explain whichever name is used. Add a bit more text that explains the purpose of each thing. For example
Input the seed phrase extension, this is an encryption key used to encrypt the seed. Both the seed phrase and extension are needed to recover the money of this wallet. And the other one being something likeInput wallet passphrase, this is the encryption key used to encrypt the wallet file on disk.
I agree with this suggestion. I stumbled across this issue when I was setting up Joinmarket and agreed with the opener that the current wording is confusing. Making a clear distinction between the extension and the wallet passphrase would be helpful IMO.
change
recovery phrasetopassphraseso its more consistent with other wallets.Also let the user know that its a BIP39 wallet so they have an intuition of which other wallets they can use to recover the wallet.
change
passphrasetopasswordsince this doesn't have anything to do with recovering the wallet, its for securing against a hack.Also would be nice if you printed a table of all the words that are needed at the end.
for example
BIP39 Recovery Phrase