Private key, wallet - question

We now have got paper wallets and this is very good, but in my opinion there are better solutions to store you funds.
I will tell on what I’m thinking and please correct me if you don’t agree…
First of all I will give to user opportunity to create his private key by himself. On example one sentence from his favorite song. And this will be private key. Via hash function he transfer this sentence in binary word - your private key. In his wallet there will be button and text field in which he input sentence and via button it will be transfer in Private key. When you got private key via correspond functions you can get you address in second.

In this solution you haven’t got any paper on what you must care…

So if I have same song/phrase as you selected to be used as seed for restoring wallet, I have access to your funds? :smile:

Yes…try all songs…:))

The list of words that can be used is limited to 2k, the chances of the phrase you want using only them is quite small. Also…

Passphrases that come from pop culture, facts about your life, or anything that comes directly from your mind are much weaker than passphrases that are imbued with actual entropy, collected from nature.

https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/

In principle you could use a variant of the Diceware technique described on that page, for a 2k list, but because the word order is random, the resulting phrase would not be any easier to remember than the ones we’re currently using.

2 Likes

Ok…but it is not the point. The point is to give user choice. If he wants his private key then responsibility is on him. Like pass on Windows or Linux. If you chose 1234 its your problem.

And this is not problem to implement. This is few line of code…

1 Like

Where so much is at stake I believe security is more important, it would be irresponsible to offer choice of this sort.

I agree and disagree. I’d like the opportunity to generate a complete private key with 16 sided dice. This is for those of us who have above average paranoia.

Lol, I’m reminded of a game I used to play when I was in my younger days wanting to up my vocab skills.
Id play the dictionary game. Open the dictionary to any page. Then blindly choose a word to start with. Read the definition. Then make note of the 4th word in said definition and define that. Rinse and repeat.

Too bad encyclopedia Britannica no longer has updated printed sets.
I guess the old vintage sets are cooler to have in ones study or office.

(It’s great to be back)

1 Like

I used to do something very like that to generate random letter sequences for passwords. Now I have a password manager to do it for me. It’s like using the existing facility in crypto wallets to generate private keys – the tech does a much much better job than I ever could. :smile:

Were you away? :rofl:

I believe that the ability to use create and use tools to better us individually and as a whole is what set our ancestors apart from other species and made it capable to be the dominant species on the planet. Well, in our eyes and minds anyway. That and walking upright.

Yes. I had taken some time away from all that is crypto -except for my favorite channels on YouTube every now and then- to take care of my parents as they are aging and not in the best health.

I’m an open person so I don’t mind saying this, but it is kind of a sucky situation… I know it happens to everyone, and I’m already married and in my early 30’s but when my mom and step dad pass. I will be an orphan. It kind of scare me…

3 Likes

It’s one of the worst things we have to go through. My heart goes out to you my friend!

3 Likes

Thank you Bambino. You are absolutely correct and are appreciated for your warmth.
Looking back in my to the years before my 30’s I feel like I had noticed that birthdays were frequently being brought to my attention. Now it feels like I hear more about a person’s passing.

Honestly, I hope I live long enough to witness this countries tricentennial in full sound body and mind.
(History will always be in my heart. Just think, in 7 years when Cardano is doing peachy keen and the platform behaving swimmingly. We can look back and say “I remember when”. Lol.
Ahem… my fault. Getting sentimental in my old age lol

1 Like

Ha! I remember the Bicentennial! I think I took second in the potato sack race and third in the egg toss. I miss the 70s.

Yoroi currently supports migrating funds stored in a Daedalus wallets using the private key directly. In the future we plan to add import+export Yoroi wallet options for this reason

You can read more about it in our blog post on this topic: https://emurgo.io/#/en/blog/master-key-import-in-yoroi

2 Likes

The word list is just a way of representing some random bytes - the entropy. It’s a way of presenting the entropy so that a human can understand it better - ie. a mnemonic. It is only a representation, we could use others. The words are not the randomness, they are only a representation of the randomness that was already generated.

But what this guy is saying is totally different. He is saying the phrase itself should be the private key.

You are correct, it would be very easy to switch out the entropy that is currently used and substitute that with a hash of some user input. I could be wrong, but I believe some of the early Bitcoin wallets did it this way. The PK was based on a list that the user created by choosing words, rather than entropy…

The problem of course is that if the PK is based on data that is not absolutely random, it can be worked. Are you familiar with rainbow tables? That is one method by which weak passwords are easily broken. Take a look, you will find it interesting.

Do wallets check to see if a pass phrase has already been used as they are being created? Or do we simply rely on randomness that it is unique. Especially interested in ledger Nano, if anyone knows.
Thanks

I think you understand me totally…
What I try to say is that I give user opportunity to chose.
If I chose that (for my pass) I will salt my passphrase with some numbers. You cannot find that in rainbow tables.
I write on begin “sentence” of your song. This is not very good if sentence is short. But if you salt it or use bigger sentence you don’t be afraid…
The advantage of that is that pass is only in your head

That’s a false distinction. There is a one-to-one correspondence between phrases and keys. They are equally random. In effect, the phrase is the key.

You said “The list of words that can be used is limited to 2k” – this is wrong. It could be represented in English, French, using icons or pieces of pizza.