Closed indolering closed 9 years ago
128 bits actually requires 21 words (I remembered wrong). You get 64 bits for 9 words.
If being used as key material, key stretching with scrypt using a high work factor is necessary.
See http://www.keylength.com/en/3/ for an overview of security levels.
@indolering Please move this to https://github.com/BitShares/web_wallet/issues.
Brain wallet generation is done by the backend, I believe. This should be in bitshares/issues, no?
We do have basic brain seed support in the backend, but I assumed this was a JS implementation that would be specific to a frontend. If that's the case it can go in web_wallet
and @valzav can decide if he needs backend support. I'm not sure I think we should even deal with brain seeds in the backed, but if this is not about integrating an existing web implementation as I had assumed, it can go in https://github.com/BitShares/bitshares/issues.
This is a little off-topic, but somewhere we need to write down some guidelines for new contributors about what repos we have, and where various sorts of bugs should be filed.
Also, while the existing code is in JS, I'm wondering if we might not need to put it in C++. @indolering quotes @ryancdotorg who rightly notes we can should use scrypt or another designed-to-be-slow/memory-hard hash algorithm to derive the new key.
FWIW, I also have a python implementation of the same thing. I don't think a C++ version would be difficult.
A few enhancements would make the brainwallet/mnemonic wallet backup generation more usable:
Thankfully, @ryancdotorg has already worked out such a system and kindly posted a demo that is entirely client-side JS, it has everything including the wordlist.
Paraphrasing Ryan,
Visually group words into tiplets, the encoding is designed so that each group of three words is a "thing" (verb, adjetive, noun) and 3 happens to be a cognitive sweet spot.