skaht
commented
4 years ago SLIP 10 already handles secp256k1, ed25519, nistp256.
Closed skaht closed 4 years ago
skaht
commented
4 years ago SLIP 10 already handles secp256k1, ed25519, nistp256.
skaht
commented
4 years ago The application of BIPs 32, 39 and SLIPs 10, 13, and 17 are adequate to address the comments above. Only tweaks need to be made to SLIPs 13 and 17.
The scope of URI fields for SLIPs 13 and 17 could be extended to accommodate points 4, 5 and 7 made above plus supporting protocols that came into existence prior to URI formalization, e.g. SSH. For example, if the URI string could be replaced with strings such as the ones below to provide a greater context purpose for a synthesized key:
"OPENPGP^master^certify:timestamping^grandmaster@integrikey.io" "OPENPGP^subkey^sign^satoshi@integrikey.io" "OPENPGP^subkey^encrypt communications^satoshi@integrikey.io" "OPENPGP^subkey^authentication^satoshi@integrikey.io" "X509^digitalSignature^ssh satoshi@integrikey.io -p 2222"
The working OPENPGP example below has traceability to all eight points made above.
1. Root Seed Synthesis Example:
% echo "My Brain Wallet" | ./argon2i -s "hello not" -o 100000 -m 1000000
249760bab0a095be39cb48fbab59803fee8f936e81c8410028d58645a32d69a5900e5a01
2. BIP 39 Root Seed Word Synthesis Example (27 seed words):
% echo 249760bab0a095be39cb48fbab59803fee8f936e81c8410028d58645a32d69a5900e5a01 | ./mnemonic-new
cause roast concert genuine announce tenant transfer harbor wing food gas lemon trophy situate ring decorate donate access cube arrive focus note pledge rare atom source filter
3. Contextual PGP Encryption curve25519 Private Subkey Synthesis:
% echo "cause roast concert genuine announce tenant transfer harbor wing food gas lemon trophy situate ring decorate donate access cube arrive focus note pledge rare atom source filter" | ./mnemonic-to-seed -p "Not Yours" | ./slip10 --ed25519 | ./slip -13 -i 0 "OPENPGP^master^certify:timestamping^grandmaster@integrikey.io" | ./slip -17 -i 0 "OPENPGP^subkey^encrypt communications^satoshi@integrikey.io" | cut -c 1-64
4b4f99f19f09937401c0d15d5625ed31abf6d2f58571d7b6fd165a2ca42ad4db
4. Associated Encryption curve25519 Public Subkey Synthesis
% echo 4b4f99f19f09937401c0d15d5625ed31abf6d2f58571d7b6fd165a2ca42ad4db | ./25519 --curve25519
786c4a217a4605ece34751b0d0e18af5258273a0c2f1da55bc8f4b0f534a7556
For the example above, it is important to distinguish the SLIP path used for key synthesis from the keys used to certify/sign the the certificates that utilize the synthesized keys.
5. For BIP 39 seed words above, the "Not Yours" BIP 39 passphrase above, and i = 0 and j = 0:
m/slip10 ed25519/slip13( "OPENPGP^master^certify:timestamping^grandmaster@integrikey.io", i ) /slip17( "OPENPGP^subkey^encrypt communications^satoshi@integrikey.io", j ) = 4b4f99f19f09937401c0d15d5625ed31abf6d2f58571d7b6fd165a2ca42ad4db
M/slip10 ed25519/slip13( "OPENPGP^master^certify:timestamping^grandmaster@integrikey.io", i ) /slip17( "OPENPGP^subkey^encrypt communications^satoshi@integrikey.io", j ) = 786c4a217a4605ece34751b0d0e18af5258273a0c2f1da55bc8f4b0f534a7556
Not sure precisely where to share this idea, but it is closely related to SLIP 13 (signature/authentication related keys) and SLIP 17(DH encryption related keys).
SLIPs 13 and 17 could be extended to accommodate decentralized lifecycle management of public private key pairs that may need to be rotated for whatever reasons:
The index of the key can be incremented when the previous key is revoked or no longer used/needed.Not specifying how these SLIPs should be modified, but the 8 sets of parameters identified above could influence the creation of essentially unique keys. There may be rationale for having other parameters to influence synthesis results. The intent here is to spark discussions.