search

keybase / warpwallet

A brain wallet generator that uses scrypt.
BSD 3-Clause "New" or "Revised" License
187 stars 61 forks source link

Question regarding test vectors #6

Closed jcalvinowens closed 10 years ago

jcalvinowens commented 10 years ago

Hello,

I really like your method for generating addresses: I've attempted to throw together your algorithm in C to have a nice CLI utility to generate addresses, but for some reason the test vectors never seem to match... and I'm at a loss as to why. The "seed" outputs of scrypt and PBKDF2 don't match either.

I've checked the scrypt and PBKDF2-SHA256 implementations I'm using against test vectors online, and I get the right answers, so that's not the problem AFAICS.

The "seeds" listed in your test vector JSON file are the outputs of scrypt, pdkdf2, and XORing of the two respectively, right? Or am I misunderstanding?

I assumed the "||" notation in "key=(passphrase||0x1)" means that it should default to 0x1 if no password is specified - am I misunderstanding that as well?

TL;DR Scrypt and PBKDF2 match test vectors but I don't get the same output as you, and I'm wondering if the JS implementations you're using are doing something funny with the input or output.

Hopefully I'm not missing something terribly obvious here...

My implementation: https://github.com/jcalvinowens/miscellaneous/blob/master/fun-hacks/warpwallet

img

maxtaco commented 10 years ago

You're not adding the 0x1 and 0x2 bytes to the password and seed, as we say in the "spec".

On Thu, Nov 28, 2013 at 5:56 PM, Calvin Owens notifications@github.comwrote:

Hello,

I really like your method for generating addresses: I've attempted to throw together your algorithm in C to have a nice CLI utility to generate addresses, but for some reason the test vectors never seem to match... and I'm at a loss as to why. The "seed" outputs of scrypt and PBKDF2 don't match either.

I've checked the scrypt and PBKDF2-SHA256 implementations I'm using against test vectors online, and I get the right answers, so that's not the problem AFAICS.

The "seeds" listed in your test vector JSON file are the outputs of scrypt, pdkdf2, and XORing of the two respectively, right? Or am I misunderstanding?

TL;DR Scrypt and PBKDF2 match test vectors but I don't get the same output as you, and I'm wondering if the JS implementations you're using are doing something funny with the input or output.

Hopefully I'm not missing something terribly obvious here...

My implementation: https://github.com/jcalvinowens/miscellaneous/blob/master/fun-hacks/warpwallet

[image: img]https://f.cloud.github.com/assets/2568217/1642390/1a1cc9b0-5880-11e3-8f70-4988b366f9c7.png

— Reply to this email directly or view it on GitHubhttps://github.com/keybase/warpwallet/issues/6 .

jcalvinowens commented 10 years ago

Ah, I've not seen that notation before. Fixed, thanks!

ghost commented 8 years ago

Hi guys, can you explain what adding the '0x1' and '0x2' bytes to the password and salt means? Are we simply appending those characters as a string to the password and salt, or do we convert pass & salt to hex first then mathmatically add 1 for scrypt and 2 for the pbkdf2 to the hexidecimal number? Thank you! - Nick

maxtaco commented 8 years ago

No just adding them as raw bytes. The byte '1' and the byte '2' respectively.

On Tuesday, February 16, 2016, sulkair notifications@github.com wrote:

Hi guys, can you explain what adding the '0x1' and '0x2' bytes to the password and salt means? Are we simply adding those characters as a string to the password and salt, or do we convert pass & salt to hex first then add 1 for scrypt and 2 for the pbkdf2 to the hexidecimal number? Thank you!

  • Nick

— Reply to this email directly or view it on GitHub https://github.com/keybase/warpwallet/issues/6#issuecomment-185001665.

ghost commented 8 years ago

Max, thank you for the reply! Sorry it took me so long to acknowledge.