[Question] BIP85

[aido]

Hi,

BIP85 offers, amongst many other things, the ability to derive a deterministic password from a BIP32 master root key using a fully hardened derivation path. This seems to be a similar but not identical function to what this app provides.

The README states that "This release is an early alpha" . Is this still the case? If still in Alpha are there any plans to more closely follow the BIP85 standard? This would then open up the possibility of expanding the app to create much more than just passwords but to also offer some of the other applications that BIP85 standardises.

@lpascal-ledger I'm a big fan of this app and your other apps btw :-)

[lpascal-ledger]

Hey @aido :wave:

Thanks for the kudos; however I'm neither author nor main contributor to those apps, I merely just clean/update them a little. Credits should rather go to my predecessors @TamtamHero @btchip @oto-ledger @Saltari and more.

As for your question, I'll answer generally then specifically:

• We would love to spend more time on these non-cryptocurrency apps and plan to do so, however in term of priority they do not compete with big cryptocurrency apps, swap, SDK management or our capacity to deploy applications fast, so our effort on apps such as Passwords tends to be spread and slow. For instance like you mentioned, this app is flagged as "early alpha" and contains many bugs while existing for 7 years. We're working on it but I can't guaranty it will born again that soon.
• I'm no crypto savvy so I do not know the implications of BIP85, but I'm opened to this suggestion and will surely bring it to the table when discussing about fix/features on this app with my team.

[aido]

Hi @lpascal-ledger,

We would love to spend more time on these non-cryptocurrency apps and plan to do so, however in term of priority they do not compete with big cryptocurrency apps, swap, SDK management or our capacity to deploy applications fast

I can understand why this is so but at the same time think that some more priority should be given to applications like password, recovery check etc.; apps that relate closely to a Ledger devices' reason to exist, the seed. I think Ledger produce the most secure devices for keeping a seed safe but competing devices have better tools for managing that seed and using the seed to generate things like passwords, Shamir's Secret Shares and other backup method.

But, back to this password app and my request ... I would just like to add that a Ledger competitor Coldcard already offers the ability to create passwords from a seed using the BIP85 standard: https://coldcard.com/docs/bip85/ Having a single standard across different devices is important and something for the team to consider when discussing fixes and features.

[lpascal-ledger]

Noted, thanks for the reference!

[lpascal-ledger]

Investigated the BIP85 a bit, my thoughts is that it's pretty interesting and technically not that hard to do ; however I don't see it integrated into this passwords application: it already is a bit clustered in terms of options, and BIP85 functional behavior really is different. The resulting app would be very confusing and full of weird code paths. And frankly I would prefer starting afresh for this.

Not sure how I could push this though.

[aido]

Yes, that is fair enough.

I plan on integrating BIP85 (or a subset of it) into my app-seed-tool app, I can use app-passwords for inspiration when implementing it; combining app-passwords UI with BIP85 functionality.

The idea is that the more capacity a device has the more BIP85 options it may offer. For example, Nano S probably won't fit BIP85 at all. Maybe at best it could just generate BIP85 passwords. Nano S Plus and Nano X, maybe generate passwords, BIP39 and xprv from BIP85. Then Stax may provide the full BIP85 gamut.

[lpascal-ledger]

Alright then if you plan on implementing it I don't see the benefit of Ledger competitioning your app with its own equivalent. I guess I'll close this issue.

You're confident about merging it all these features in a single app? I tend to favor small, focused apps, mainly because Nano UI makes it real hard to have clear and fluid options. You won't have such issues with Stax though.