search

harmony-one / go-sdk

Go-SDK & CLI tool to interact with the Harmony Blockchain
https://docs.harmony.one/
43 stars 45 forks source link

24 words mnemonic phrases can derive 2 other accounts with the first 12 and 21 #210

Closed sophoah closed 4 years ago

sophoah commented 4 years ago

Credit goes to our community member @C7Stake who discovered the issue. I was able to replicate here successfully:

24 words

./hmy keys add test
Important write this seed phrase in a safe place, it is the only way to recover your account if you ever forget your password

amazing course social type device doll guess accuse hint pupil couple horse million laugh purity frozen script identify response auto card urge infant crowd
ONE Address: one1gg49c2wa3ctt3phrcz5ldcn3vpwhhdk6u7dxss

21 words

./hmy keys recover-from-mnemonic test1
Enter mnemonic to recover keys from
amazing course social type device doll guess accuse hint pupil couple horse million laugh purity frozen script identify response auto card
Successfully recovered account from mnemonic!
ONE Address: one1p5uhxujhmzvdn5t8snkk8psz89r9gav7c0a5wh

11 words

./hmy keys recover-from-mnemonic test2
Enter mnemonic to recover keys from
amazing course social type device doll guess accuse hint pupil couple horse
Successfully recovered account from mnemonic!
ONE Address: one1whzafvl8e03evvlswjyjvtwwfgldad4fqwn9cs

is that expected ?

sophoah commented 4 years ago

So I'll document here answers from the dev:

mnemonic words is just the seed used to derive the private key. It should be 12, 15, 18, 21 or 24 . The more words, the more entropy, at the wallet level, we only check : 1) each word is a valid word in mnemonic words dictionary 2) size is 12, 15, 18, 21 or 24 if the check passes, then the wallet just use the mnemonic words as a whole string "xx xx xx ... xx" and hash it, do some transformation to derive the private key, so you will get different keys if you don't input mnemonic words correctly

not only that, even if you input difference number of spaces between mnemonic words, you will get different keys, as the mnemonic string is used, instead of individual words.

mnemonic words is just a way for users to better memorize the password, it is up to the user to make sure the 24 words are correctly input (with only 1 space between them).

if some words are removed, the wallet (hmy cli) will derive different keys...

there's a BIP39 standard for this the code is here https://github.com/harmony-one/go-sdk/blob/25f55e739cec589c098a16bbb575ec467b4018e4/pkg/keys/mnemonic.go#L15

So, it seems it is an expected behavior