Closed dzid26 closed 12 months ago
Yes, unfortunately SLIP-39 and BIP-39 are fundamentally incompatible, and generate different HD wallet derivations.
However, there is a method by which you can backup an existing BIP-39 Mnemonic phrase using SLIP-39. This is what I have implemented.
It means that your existing BIP-39 hardware wallet doesn't need to know anything about SLIP-39.
We simply use SLIP-39 to store (and recover) the original 128-bit or 256-bit "Entropy", from which your BIP-39 Mnemonic phrase is derived. You store the SLIP-39 Mnemonics, and (after setting up your Hardware wallet using BIP-39) -- you DESTROY your BIP-39 Mnemonic phrase!
Later, when you need to initialize a new BIP-39 Hardware wallet -- you use the SLIP-39 App or this python-slip39 module to enter your SLIP-39 recovery phrases.
As always, this (standard) SLIP-39 process recovers the original 128-bit or 256-bit Entropy. Normal SLIP-39 uses this Entropy, directly, to derive your standard SLIP-39 HD wallets.
But, we don't use it to derive your wallets, in this case: we use it to REGENERATE YOUR BIP-39 Mnemonic phrase!
Then, you use that BIP-39 Mnemonic to initialize your BIP-39 Hardware Wallet, and recover your original BIP-39 derived accounts.
So, yes -- SLIP-39 and BIP-39 are incompatible; but, you can use SLIP-39 to recover your BIP-39, and then use that as you normally would. In the mean time, your BIP-39 Mnemonic phrase does not exist, anywhere, to get accidentally revealed or stolen, which is a VERY high risk, since it is a SINGLE POINT OF FAILURE.
I was surprised to find that generating SLIP-39 shares for my BIP-39, then doing a SLIP-39 recovery in Electrum, produces a different wallet than the wallet generated in Electrum with BIP-39.
Without understanding too much behind the reasoning, I'd argue that the slip39 tool must accentuate the fact that SLIP-39 shares it generates will generate a different wallet than the one generated with the BIP-39 seed used to produce the SLIP-39 shards and, hence, the way to go is to use this tool to recover the initial BIP-39, NOT to use the SLIP-39 shards it produces to recover the wallet (in Electrum).
Issue analogs to this one: https://github.com/BlockchainCommons/lethekit/issues/38
I think it should be made more clear that there is an incompatibility between bip39 and slip39 standards.