moneromooo-monero
commented
7 years ago That's the point, yes. It is a deterministic derivation system.
Closed skironDotNet closed 7 years ago
moneromooo-monero
commented
7 years ago That's the point, yes. It is a deterministic derivation system.
skironDotNet
commented
7 years ago OK, but you should give a warning on the page about minimum length etc. Calling it "custom entropy" is wrong. "In computing, entropy is the randomness collected by an operating system or application for use in cryptography or other uses that require random data. This randomness is often collected from hardware sources, either pre-existing ones such as mouse movements or specially provided randomness generators."
You just derive 25 words from even "a" letter, the idea of using 25 words by Monero is that it's unbreakable by generating all possible combinations.
Now, I'm not here to lecture you, it's your design, do what you want, but If I understood the purpose of "Custom entropy" wrong, then some day some user will complain about this page and his money stolen.
Feel free to close this "issue". Thank you.
ghost
commented
7 years ago No, no don't close it. These are good questions. I really like the idea of a determinist option, and want to use it, but I also agree with skironDotNet, that some kind of warning to pick a long secure password might be in order. I really like ... https://keybase.io/warp ... (Warpwallet)'s approach to this for bitcoin.
Hey moneromoo - where do I find the process, the "cryptological formula" if you will, that generates the mnemonic seed from what's entered into the 'custom entropy' field? Incase I remember my password (custom entropy field entry) but forget my mnemonic seed and moneroaddress ceases to exist someday.
moneromooo-monero
commented
7 years ago Maybe "entropy" is not really the right word, and a warning is a fair request, I will add that.
moneromooo-monero
commented
7 years ago Do you think this addresses the concerns about the user not actually putting in enough entropy ?
As for the derivation, it's 10k rounds of Keccak. However, you can keep the HTML you used to generate your wallet, so you're certain to not lose the particular derivation.
ghost
commented
7 years ago Thankyou moneromoo! For answering my questions - and yes I think that warning is fine.
jonathancross
commented
7 years ago Seems this can be closed now?
moneromooo-monero
commented
7 years ago Yes. There is a warning now when there's not much entropy. That should be enough to give the user a hint that when we want 256 bits of entropy, we do mean it.
"Custom entropy" is not a randomization seed (but maybe should be), it's the actual seed, so output wallet is always same for same "Custom entropy", this means if someone uses "abcd" as custom entropy, the 25 menmonic words are useless, anybody can restore the wallet with "abcd"