Closed whoabuddy closed 1 year ago
Website: https://bluewallet.io/
Example: BlueWallet to Xverse https://blockstream.info/tx/0a26f11f632914b54c80b962e1a777527b26b4ba3475cad5829c558fa42bdb5e?output:1 https://www.blockchain.com/btc/tx/45413a00e18150f4828df6fc8b1ed2509a11ed4609a8ed8c5aa3614969fd0ff3
bc1q5jew9l6yaw5p7sq3mh2200tut8z8g3j3y2f064
3B6vfHowNkQsKbik3QtvmRicivfSfTfupu
(unspent)bc1q8rp5wzh5rhpaem895yr7r8l9c9payv7p3p003g
(spent)Example: BlueWallet to Exodus https://blockstream.info/tx/c08e9a896a6ab02d5f77eeecd36025491d60b062dbae9b683e01244c19e75ed6 https://www.blockchain.com/btc/tx/c08e9a896a6ab02d5f77eeecd36025491d60b062dbae9b683e01244c19e75ed6
bc1q8rp5wzh5rhpaem895yr7r8l9c9payv7p3p003g
bc1q962j6tf9hyxeuhj9e3u0zhgn6dqjcrlz9cljmr
(spent)bc1qeaq8095k0084y2w9v4xykmhu3vexac94s946gw
(unspent)How would this user know what address/NFT they are minting?
Website: https://wallet.mycelium.com/
Example: Mycellium to Xverse https://blockstream.info/tx/b74db438890db3ec5e65ab1d816113ec11feff49daa392808adccbbf90e0960d https://www.blockchain.com/btc/tx/b74db438890db3ec5e65ab1d816113ec11feff49daa392808adccbbf90e0960d
inputs:
3HGhbh6o1jwrhLUzpvB8i3bc5s7reCUBQA
bc1q929rdffzupkktwt2dqwvz758pdl478c2707evp
outputs:
3Ey5VEFNjyqfPjV2ybvh5MiJ3siMBgp5wj
(unspent)3B6vfHowNkQsKbik3QtvmRicivfSfTfupu
(unspent)Website: https://www.exodus.com/
Example: Exodus to Mycellium (legacy segwit) https://blockstream.info/tx/b5d34edbffd202fcaa6df157e0ad2f0c1ac79cc567660f778b6c0b72640789b3 https://www.blockchain.com/btc/tx/b5d34edbffd202fcaa6df157e0ad2f0c1ac79cc567660f778b6c0b72640789b3
inputs:
bc1q962j6tf9hyxeuhj9e3u0zhgn6dqjcrlz9cljmr
outputs:
3HGhbh6o1jwrhLUzpvB8i3bc5s7reCUBQA
(spent)Example: Exodus to Mycellium (native segwit) https://blockstream.info/tx/ba9bb7aa4a34acb9196dbf5bc44b64f5ab17be34d82521091898fef91c463940 https://www.blockchain.com/btc/tx/ba9bb7aa4a34acb9196dbf5bc44b64f5ab17be34d82521091898fef91c463940
inputs:
bc1q962j6tf9hyxeuhj9e3u0zhgn6dqjcrlz9cljmr
bc1q962j6tf9hyxeuhj9e3u0zhgn6dqjcrlz9cljmr
outputs:
bc1q929rdffzupkktwt2dqwvz758pdl478c2707evp
(spent)bc1q962j6tf9hyxeuhj9e3u0zhgn6dqjcrlz9cljmr
(spent)Website: https://www.xverse.app/
(no screenshot - security policy)
Example: Xverse to Ledger (Native Segwit) https://blockstream.info/tx/27d4578f928078f20c402698adeede6769c1c26d4d4af6272bfb04bf270606f4 https://www.blockchain.com/btc/tx/27d4578f928078f20c402698adeede6769c1c26d4d4af6272bfb04bf270606f4
inputs:
3B6vfHowNkQsKbik3QtvmRicivfSfTfupu
3B6vfHowNkQsKbik3QtvmRicivfSfTfupu
outputs:
bc1q7ja3e945yhq3hhe96meg04rvth36g09287pkzt
(unspent)3B6vfHowNkQsKbik3QtvmRicivfSfTfupu
(unspent)Website: https://www.ledger.com/
Example: Ledger to Trezor (native segwit) https://blockstream.info/tx/eff49035861980f9c5a2d81bc1f394d9be84cd98097875e22a2afd45f0302877 https://www.blockchain.com/btc/tx/eff49035861980f9c5a2d81bc1f394d9be84cd98097875e22a2afd45f0302877
inputs:
bc1q7ja3e945yhq3hhe96meg04rvth36g09287pkzt
outputs:
bc1qrfdvyle2erxsarjwsty6y265vv65kj20yfwhzq
(unspent)Website: https://trezor.io/
Example: Trezor to Bluewallet (native segwit) https://blockstream.info/tx/cc47d78bad23f8cb3eb0a2393c48681b00c83b8afbfa743e5ee25922a317df7e https://www.blockchain.com/btc/tx/cc47d78bad23f8cb3eb0a2393c48681b00c83b8afbfa743e5ee25922a317df7e
inputs:
bc1qrfdvyle2erxsarjwsty6y265vv65kj20yfwhzq
outputs:
bc1qlrm2fhjva5gwxkaql9ujrs4e3ssm0f5sgdellx
(unspent)In the context of the wallets above:
If the wallet doesn't show what address your sending from (or offer coin control), then how would someone know what address to reveal before they send Bitcoin to mint the same NFT that was generated?
Addressed in mint flow - random first, advanced mode: use a certain address (UTXO).
Are there any ways a QR code can specify certain inputs for the tx in any of these wallets?
Should we also test exchange transactions in the same way?
This should be a call to action for people to manage their own keys.
Adding some additional analysis in table format as well as a basic description of each address type in more detail. Figure we can move this to a more relevant location later and planning to add some images in Miro next.
Address Type Name | Abbreviation | Standard | Encoding | Address Format | Derivation Path |
---|---|---|---|---|---|
Pubkey hash (Legacy) | P2PKH | BIP 44 | Base58Check | Starts with 1 |
m/44’/0’/0’/0/0 |
Script hash (e.g. multisig) | P2SH | BIP 49 | Base58Check | Starts with 3 |
m/49’/0’/0’/0/0 |
Wrapped Segwit | P2SH-P2WSH | BIP 49 | Base58Check | Starts with 3 |
m/49’/0’/0’/0/0 |
Wrapped Segwit | P2SH-P2WPKH | BIP 49 | Base58Check | Starts with 3 |
m/49’/0’/0’/0/0 |
Native Segwit | P2WSH | BIP 84 | Bech32 | Starts with bc1q |
m/84’/0’/0’/0/0 |
Native Segwit | P2WPKH | BIP 84 | Bech32 | Starts with bc1q |
m/84’/0’/0’/0/0 |
Taproot | P2TR | BIP 86 | Bech32m | Starts with bc1p |
m/86’/0’/0’/0/0 |
Transfer | Inputs | Input Type | Outputs | Output Type | Change | Change Type |
---|---|---|---|---|---|---|
Blue Wallet to Xverse | 1 | P2WPKH | 2 | P2SH-P2WPKH | no | P2WPKH |
Blue Wallet to Exodus | 1 | P2WPKH | 2 | P2WPKH | yes | P2WPKH |
Mycelium to Xverse | 2 | P2WPKH + P2SH-P2WPKH | 2 | P2SH-P2WPKH | yes | P2SH-P2WPKH |
Exodus to Mycelium | 1 | P2WPKH | 1 | P2SH-P2WPKH | no | (none) |
Exodus to Mycelium 2 | 2 | P2WPKH | 2 | P2WPKH | no | P2WPKH |
Xverse to Ledger | 2 | P2SH-P2WPKH | 2 | P2WPKH | yes | P2SH-P2WPKH |
Ledger to Trezor | 1 | P2WPKH | 1 | P2WPKH | no | (none) |
Trezor to Bluewallet | 1 | P2WPKH | 1 | P2WPKH | no | (none) |
Here are some screenshots based on the transactions, the first showing the transactions made per wallet with inputs/outputs, and the second showing the overall flow of Bitcoin UTXOs including unspent change outputs.
In this image each wallet's inputs and outputs are listed, matching the analysis table above.
In this image each transfer is mapped out starting with the wallet that performed the action, followed by the inputs, outputs, and any change addresses (marked in purple).
The conclusion is that a normal wallet user will not know what address (inputs) they are sending from without using an advanced setting, commonly labeled "coin control", that allows the user to select the transaction inputs.
Higher-res versions of these images are available on the shared Miro board in this frame.
Closing this one out since the research led us to the flow of onboarding into a new wallet like Xverse, reducing the number of variables and complexity. A manual process will still be possible using the correct constraints, and further support could be added for things like native segwit in future iterations.
If we imagine the user will be sending the BTC from any wallet, then it'd be worth testing out a few of the more popular wallets to identify what transaction data we're working with.
Note: for the project structure we're talking about, the inputs will be interesting to evaluate as a user may or may not know what Bitcoin address they are sending from.
You'll see two links for each example, Blockstream.info was easier to read/digest but Blockchain.com lists out the inputs/outputs in much more detail.
Still to be tested:
BlueWalletMyceliumExodusXverseLedgerTrezorAny others that should be on this list?