birthday bits longevity

[chaserene]

per the readme.md:

The wallet birthday has a resolution of 2629746 seconds (1/12 of the average Gregorian year). All dates between November 2021 and February 2107 can be represented.

I see Monero as important enough to suppose it will be meaningful beyond 2107. I also think that decentralized system design should aim for ossification and the easing of the burden that the old design will later become. i.e. let's try to get it right as early as possible, such that it probably won't need to be changed ever.

this here is a guaranteed year 2038 problem, only a bit later.

do you see a way to considerably extend the time span? other than drastically reducing the resolution, that is.

could the scheme be modified such that the word count could expand at larger dates?

[tevador]

Monero currently uses an elliptic curve and a hash function at the 128-bit security level. Even the most optimistic estimates don't expect this to be secure beyond the year 2100, so Monero will have to change its cryptographic algorithms at least once in the next 80 years. This will have to also include a new seed format.

Therefore I don't think it makes much sense to increase the timespan of the birthday field. Additionally, Polyseed will not stop working in 2107, the birthday will simply roll over back to year 2021, so the wallets will just take longer to sync, but it's a relatively graceful failure.

[chaserene]

fair points, and the graceful failure is great.

does this forebode a schedule where the reference point of the birthday bits is reset every ~100 years? I find it probable that in 2100 people will see ways how the cryptographic standards of that time may be broken by 2200.

if so, just wondering, would it make sense to encode in the seed which "era" the seed was created in? it would be an ordinal index, the exact dates would be contained in the client code.