[Enhancement] support SeedXOR in krux

[htprww]

Currently the ColdCard supports SeedXOR https://seedxor.com/. I would like to see it in krux, so we could generate and restore seedxor backups, and cross-check with the coldcard's implementation.

[tadeubas]

Nice, the SeedXOR would be useful to create a new mnemonic using two different sources of entropy. Generating a mnemonic via camera and via dice then combining both to be your new mnemonic.

As Stepan said in this article: "generating the private keys on a compromised device is a bad idea, so we should use our own source of entropy instead. We can use dices, coins or any other source of entropy. The best way is to use multiple entropy sources and XOR their outputs"

[jdlcdl]

I'm wondering which other software and hardware wallets support SeedXOR. As far as I know, it's only cold-card presently (though I've seen requests for SeedXOR elsewhere in general).

Besides using it for setting up new wallets, SeedXOR is also a solution for separating an existing seed backup into more than one secret, while the seed backup has not yet been leaked, so that users can destroy the original backup before it's leaked. Krux already has a solution for this, it is the encrypted mnemonic backup available as a qr-code, saved to flash or sdcard via seeds.json, and also as an accompanying cli script.

As devil's advocate, I'd like to raise the possibility that maybe coldcard could support krux's encrypted mnemonic backup (to peer-review it and/or improve it). Arguing against that is that SeedXOR is very easy to do mostly by hand needing only a standard hww or secure bip39 tool to calculate the final words; XOR is a very simple and well-understood operator in this domain. Having an implementation in more hww wallets does seem natural IF this solution takes off and is wanted by more users.

[GregTonoski]

There is the software BIP39-XOR: https://github.com/GregTonoski/BIP39-XOR