new release

[jemshit]

Hi,

It seems latest version is 0.20 which uses os.urandom to generate initial entropy, which is not suited for this.

Latest commits containing usage of secure module is not released, can anybody make a quick release, using secure module to generate real random entropy is important.

[matejcik]

1. You shouldn't be using this to generate serious secrets anyway. Use a dedicated hardware device to generate mnemonics securely.
2. This is merely an API change, currently existing versions of Python actually use literally os.urandom to implement secret.bytes.
3. Nothing stopping you from generating the entropy yourself and passing it into Mnemonic.to_mnemonic()

all that said, there's a couple small improvements in the pipeline that probably make it worth a new release

[jemshit]

1- Why? Mnemonic generation algorithm is same, why is it different on hardware? All non custodial mobile/desktop/browser wallets generate using software

2- I dont know about 'os.urandom' under the hood, but what i know is relying on default random generator of programming language, which is not designed for cryptographic operations, is a bad idea

3- Yes, i might use this

[matejcik]

relying on default random generator of programming language, which is not designed for cryptographic operations, is a bad idea

This is true, but version 0.20 is using os.urandom, which is not the default generator. In fact, it was the recommended source for cryptographic secrets before secrets module was introduced. (and, as I point out, at this moment secrets is implemented in terms of os.urandom)

Mnemonic generation algorithm is same, why is it different on hardware? All non custodial mobile/desktop/browser wallets generate using software

Given the above, further worrying about quality of random numbers is pointless, especially given that the rest of the implementation is not memory-hardened and malware stealing secrets from memory is a much likelier risk.

[jemshit]

OK, so main difference between software-based and hardware-based is it stays on "memory" on software side 👍

[jemshit]

@matejcik Can you direct me for reliable 'hd-wallet' generator (bip44) (written in python), if any? The ones i found are maintained by single dev

[matejcik]

If you mean BIP-32, i.e., deriving the key hierarchy from seed, the implementation is simple enough to fit in a single file and auditable in an evening. A good strategy, if you don't trust single-maintainer packages, is to collect the functions into a single file and include a copy in your project, without involving dependencies. A function to convert the key into an address is also on the order of 10 lines, you can take one from here

Unfortunately, from my experience, the ecosystem around Bitcoin cryptography is really poor. I am actually writing my own library, but it is in draft state and it's also single-maintainer at the moment so 🤷‍♀️

If you actually mean BIP-44, as in full P2PKH wallet functionality, best I can recommend is using Electrum as a library.