search

SeedSigner / seedsigner

Use an air-gapped Raspberry Pi Zero to sign for Bitcoin transactions! (and do other cool stuff)
MIT License
702 stars 162 forks source link

Feature Request: Load BIP-85 child seeds at creation #354

Open FractalEncrypt opened 1 year ago

FractalEncrypt commented 1 year ago

When creating a BIP-85 child key, after verifying the seed words of an indexed parent key, there is no option to export the seed to QR, or to load the key into memory. Currently the user must manually key in each letter of each word of a child seed, making the process much more cumbersome.

Feature Requests:

  1. Load child keys into memory like the parent seed.
  2. Display child key fingerprint at time of child seed creation
SeedSigner commented 1 year ago

We definitely need to offer the ability to load a child seed instead of requiring the user to record the words, and then re-enter them manually.

jdlcdl commented 1 year ago

Without sharing my thoughts on whether this is a good idea or a bad idea, I'm playing with this foot-gun over here.

It works like so:

more later, maybe.

gpatkinson commented 1 year ago

@jdlcdl is the load_bip85_child branch functional over on your fork?

jdlcdl commented 1 year ago

@jdlcdl is the load_bip85_child branch functional over on your fork?

I believe that it is functional -- for testing, though I doubt anyone has looked at it. I wouldn't ever recommend that anyone run a non-official release for "real". It appears to be 51 commits behind this repo's "dev" branch; I'll get it updated soon. It is just recently up to date with our current "dev" branch, "working" in the manner described above.

gpatkinson commented 1 year ago

@jdlcdl cool. I think this feature will be a great addition to the code base.

bitcoinprecept commented 1 year ago

I didn't see this issue before creating my own (Issue 426). I went ahead and closed mine to defer to this one.

This is a functionality I would personally like to see. With it, BIP-85 becomes attractive to me.

FreeOnlineUser commented 9 months ago

I came here to request this feature, it feels like a critical missing piece not to have this in SS yet. For me bip85 child keys unlock the full potential of a brain wallet. It allows a user to remember only 12words as the master admin, while storing the bip85 child seeds backups as though they were independently generated. Restoring any wallet from memory using only clicks on a seedsigner would be a welcome improvement, thanks guys!

jdlcdl commented 7 months ago

In the telegram group, a user has expressed a use case like "a super seed to derive many online watch-only wallets", within the past hour.

FractalEncrypt commented 6 months ago

Without sharing my thoughts on whether this is a good idea or a bad idea, I'm playing with this foot-gun over here.

It works like so:

* If you've used BIP-85 child to view the child's mnemonic, then you'll be offered the existing choices "Verify" and "Skip" as well as a new choice "Finalize child".

  * If you choose "Verify" and you succeed in verification of the child mnemonic, then "OK" will bring you to the finalize step where you can "Done" or "Add BIP-39 passphrase" to load the new seed.
  * If you choose "Skip", then you'll be brought back to the Seed Options menu for the original parent seed... just as is the current behavior.
  * If you choose "Finalize child", you're brought directly to the finalize step where you can "Done" or "Add BIP-39 passphrase" to load the new seed -- even though you never verified a good backup... because you don't need it because that's what BIP-85 is for... but you best remember which is the parent, if it's 12 or 24 words, and the exact index!!!

* This branch is a minimalist edit to existing views which are widely used whenever creating a new seed or verifying seed

words via backup. However, the above changes SHOULD NOT be offered in these other non-BIP-85 use cases... so we'd need to be careful testing other flows which use these views... before considering to merge this foot-gun.

* I can imagine foot-gun proponents making a strong argument that "viewing the child seed words" is not even necessary, and that "Finalize child" should be offered as soon as inputs: "12-or-24 words" and "index" are known.

more later, maybe.

I have built jdlcdl's branch and have it loaded on a seedsigner device right now.

It works great and loads the BIP-85 keys for use in the device like the parent keys. BOSS!

comments: When I create the child key by selecting the numerical index, it brings me right to a screen with 4 options (but it didn't show the seed at all first) Verify Review Skip Finalize Key

if I click "Verify" - well since I haven't seen the words yet - there is no way I can actually complete this step (and there is no back/exit option) I entered a wrong word, and it did give me the option to review the words now.

If I click "review" - it works great, and I can then verify and finalize the key

If I click "Skip" it does not load the key, it just brings me back to the page for the parent seed. if I go back to look at my in-memory keys, the new key does not display. So from your description, this sounds like it is working as expected.

"Finalize Key" also works exactly as described.

Bravo this is super cool AF.

jdlcdl commented 6 months ago

Thank you for reviewing my branch.

You bring up an important point that is most likely due to my laziness it not storing the fact that "Review" had been previously selected and simply offering enough buttons (in this case too many) to get the job done -- the dirty way.

Please feel free to leave a pointer in the telegram group, from time to time, to see if there is interest for other users and devs. Also, please understand that in the end, the current maintainers (SeedSigner and Nick) as well as others need to make the best (often most prudent) decision about new features -- for the long term best interests of all users and the project itself, even if some users really-really want a particular foot-gun.

Thanks again FractalEncrypt! I'm grateful for your review.

FractalEncrypt commented 6 months ago

My pleasure, thanks for doing the hard work! I'm embarrassed it took me this long to get around to actually testing out the very thing I asked for.

My plan to attract interest is to do a Twitter thread showing people what this is and why I think it is cool. Then we'll see if anyone agrees or if this is just me being weird, which is always a distinct possibility.

jdlcdl commented 6 months ago

@FractalEncrypt While you're working on a twitter thread, I invite you to see one my recent posts in the seedsigner telegram group, where I try to describe the hazards of a bip85 puzzle. That tg post is https://t.me/c/1469623205/51772

FreeOnlineUser commented 6 months ago

I have built my first OS from the seedsigner manual installation instructions, and implemented this bip-85 branch on a pi zero w. Thankyou for the work that has been done. I'm very impressed with the functionality, it was definitely the missing piece in my security model. I'd say it's perfectly usable now. Management of the active child keys could become the next challenge, I imagine an index next to each child fingerprint could assist c0 c1 etc but not at all necessary. fwiw I did the build in qemu emulator on win11, and wrote the image to sd with balena.

jdlcdl commented 6 months ago

In the telegram group this morning, a past-contributor has asked about this feature.

bonitoman commented 1 month ago

In my opinion, this is a very useful feature and I have been waiting for it for some time.

Unfortunately, this issue has not made it into the current release v0.8.0.

What is the best way to support this issue so that it can be implemented? My knowledge of Python is still very limited.

jdlcdl commented 2 weeks ago

A request for similar functionality was requested in the main telegram group yesterday afternoon.

Meisterzunge commented 2 weeks ago

Hey devs, I would love to see this feature on main branch! In my opinion this will definitely ease the handling of BIP-85.