Add seed generation options

Question

Add seed generation options

Closed this issue 4 years ago · 5 comments

It would also be useful if there was a way to generate seeds from dice rolls or other sources of entropy. For one, potentially to check the work of a coldcard seed generation.

Technically I could just choose 23 words from the wordlist, and this would find the 24th word and make a valid mnemonic, but that potentially would have bad entropy.

Answer 1 · 2020-11-26T05:55:37.000Z

I made something simple!

import secrets

with open('english.txt','r') as f:
	words = f.read()

word_list = words.rstrip('\n').split('\n')

assert len(word_list) == 2048

phrase = []
for i in range(1,24):
	word = secrets.choice(word_list)
	phrase.append(word)
	print(f"{i}:{word}")

wordstring = " ".join(phrase)

print(f"Enter this phrase into multiwallet.py:\n{wordstring}")

Answer 2 · 2020-11-26T21:29:54.000Z

Seedpicker (you choosing the 23 words) is strictly superior IMO:
https://twitter.com/mflaxman/status/1310717398597668864

For dice rolling, I think this rolls.py script is becoming the defacto algo to copy:
https://coldcardwallet.com/docs/verifying-dice-roll-math

We could put a nice python3 dice-rolling version in buidl. Since buidl is targeted towards advanced users (you have to write code), and so perhaps with some warnings that'd be OK.

As for your secrets implementation, it's very cool but unnecessarily dangerous as-is. At a minimum if you're going to trust the computer's RNG you should allow the user to supply additional entropy. It's likely not practical to verify the entropy, but the threat model for the caller is that the software is good and the RNG implementation is bad. Does that make sense?

Answer 3 · 2020-11-28T05:19:20.000Z

I redid my seed with seedpicker, is it true that even with humans poor randomness, manually choosing 31 words is the best way to go, vs a 'secure' OS RNG + (w/ or w/o Dice Rolls)?

However I did put some coins on mainnet from my algorithm and it survived the night. I understand you though, my goal was to integrate dice rolls, and not use that sort-of opaque choice function from secrets module.

I also get your seedpicker setup keeps the seed offline too, so maybe its best not to add it to your app?

Answer 4 · 2020-11-29T14:13:36.000Z

I redid my seed with seedpicker, is it true that even with humans poor randomness, manually choosing 31 words is the best way to go, vs a 'secure' OS RNG + (w/ or w/o Dice Rolls)?

Sorry, I don't understand what this means? The BIP39 spec recommends a max of 24 words. This library should throw an error if you attempt more.

A secure RNG is a great choice if it is working correctly, unfortunately that is impossible to verify. The only way I'd be comfortable relying on an RNG is if you XOR user entropy as a defense. It's not a hypothetical, this happened in 2013.

Answer 5 · 2021-02-07T21:25:11.000Z

Closing due to inactivity