Mnemonic to Seed - confused

CashMeOutside · 26 November 2018 15:28

Can someone clarify how you get from the Mnemonic to the Seed in Yoroi and Daedalus, because it seems to be different.

But can it be different? Because that would mnemonics on one program can not be recovered on the other program - is that right?

Daedalus here

Seems to use blake2b (sorry to not post the Haskell but I can’t understand that language, but this python code does work)

def hash_serialized(s):
    return hashlib.blake2b(s, digest_size=32).digest()

Yoroi is based on the rust code I believe: here

This is using PBKDF2 with sha512 as the function.

pub fn from_mnemonic_string(mnemonics: &MnemonicString, password: &[u8]) -> Self {
    let mut salt = Vec::from("mnemonic".as_bytes());
    salt.extend_from_slice(password);
    let mut mac = Hmac::new(Sha512::new(), mnemonics.0.as_bytes());
    let mut result = [0;SEED_SIZE];
    pbkdf2(&mut mac, &salt, 2048, &mut result);
    Self::from_bytes(result)
}

Steve · 27 November 2018 01:37

I found this and this.

So it seems rust-cardano follows the BIP39 standard of generating a seed with a password, whereas cardano-sl doesn’t so they use a faster hash function (blake2b) instead of PBKDF2.

CashMeOutside · 27 November 2018 11:58

That makes the wallets incompatible right?

You can’t restore a Yoroi mnemonic on Daedalus and vice versa.

CashMeOutside · 27 November 2018 11:59

Why would you want a faster hash function? Wouldn’t you want a SLOW hash function for this? LOL. I get what they are saying in that post about “pointless” but still, not really a selling point.

CashMeOutside · 27 November 2018 12:08

@vantuz-subhuman

Is Yoroi/Rust fully BIP39 + BIP44 compatible?

Is this the standard going forward? I’m assuming someone building a wallet would want to copy Yoroi not Daedalus.

Steve · 27 November 2018 12:20

That makes the wallets incompatible right?

Right, Yoroi and Daedalus mnemonics are incompatible. Yoroi is 15 words and Daedalus is 12 words.

Why would you want a faster hash function? Wouldn’t you want a SLOW hash function for this?

Yeah as they said in the second link, slower hash functions were used to prevent fast brute forcing, since user provided passwords could be bad entropy, but since Daedalus doesn’t generate a seed with a password they used something faster just because they could I guess?

vantuz-subhuman · 27 November 2018 16:01

Supposed to be fully compatible, afaik, yes.

mmahut · 17 October 2019 12:19

But in doing so they become incompatible with what is now a pretty industry wide standard? Very lame.

Topic		Replies	Views
Scripting with cardano-cli and writing to stdin Misc Dev Talk	11	1003	21 December 2021
Yoroi - Restoring two wallets Community Technical Support	12	1272	12 January 2022
New Ledger \| Move ADA from Daedalus to Yoroi - Question Community Technical Support daedalus , yoroi , ledger	3	2086	4 October 2020
Trying to restore my yoroi wallet with ledger Community Technical Support translation , yoroi	6	1410	29 December 2021
Yoroi 12-word seed (again!) General Discussions cardano , yoroi	5	2957	15 November 2024

Mnemonic to Seed - confused

Related topics