andrewkozlik
commented
1 month ago https://github.com/trezor/python-shamir-mnemonic/pull/46/commits/a1cb726876dfafdedf8e27d3460dbf57632e7c91 Updated a comment.
The customization string shamir_extendable is not used in the PBKDF2 salt. We wanted to completely decouple the decryption method from the sharing method and the share representation, i.e. not use the customization string from the checksums in decryption, and I believe avoiding the mention of shamir in the PBKDF2 salt is right, because it allows us to cleanly update backups even to different secret sharing schemes in the future if we want.
matejcik
Related to spec update https://github.com/satoshilabs/slips/pull/1724.
Note that we need to get this merged and released in order for the firmware device tests to pass on the corresponding firmware branch https://github.com/trezor/trezor-firmware/compare/andrewkozlik/slip39.