|
Title: Features of the formation of BIP39 in electrum above version 2.0 Post by: Sanka555 on September 21, 2021, 05:58:31 AM I have a simple Javacode to create bip39 standard:
https://github.com/NovaCrypto/BIP39/blob/master/src/main/java/io/github/novacrypto/bip39/MnemonicGenerator.java But it does not create what electrum needs above version 2 Having dug up the documents, it was found out that: Quote Electrum 2.0 derives keys and addresses from a hash of the UTF8 normalized seed phrase with no dependency on a fixed wordlist. This means that the wordlist can differ between wallets while the seed remains portable, and that future wallet implementations will not need today’s wordlists in order to be able to decode the seeds created today. This reduces the cost of forward compatibility. https://electrum.readthedocs.io/en/latest/seedphrase.html#version-numberyou just need to add the version number while calculating the phrase. it should be very simple. But how? How exactly do I need to change 'this code to get a new kind of seeds? I will be very grateful for any help. Title: Re: Features of the formation of BIP39 in electrum above version 2.0 Post by: pooya87 on September 21, 2021, 07:00:23 AM Start by looking at the open source code here: https://github.com/spesmilo/electrum/blob/master/electrum/mnemonic.py
The differences between BIP39 and Electrum mnemonic algorithm from the top of my head are: 1. String normalization BIP39 uses a very simple normalization while Electrum significantly modifies the mnemonic (and passphrases) before converting them to bytes to be hashed. 2. Checksum BIP39 computes SHA256 hash of the entropy and appends enough bits as padding to make the entropy divisible by 11. Electrum uses a bigger entropy (132 bits by default but it can be anything which will affect the word length and can use different word-lists of any length) and computes its HMACSHA512 and checks if the starting bits are what the wallet type demands. 3. Conversion of words to BIP32 seed BIP39 uses PBKDF2 with the word "mnemonic" added before passphrase but Electrum uses the same PBKDF2 using the word "electrum" added before passphrase. Title: Re: Features of the formation of BIP39 in electrum above version 2.0 Post by: NotATether on September 22, 2021, 07:37:56 AM you just need to add the version number while calculating the phrase. it should be very simple. But how? How exactly do I need to change 'this code to get a new kind of seeds? BIP39 seeds don't have a version number, so you shouldn't be trying to generate both kinds of phrases in the same class/method. The first "nibble" (groups of 4 bits) of an Electrum version, plus 2, tells you how many nibbles are in the version hex. i.e. 0x01 version is (0+2) nibbles long = 8 bits, and 0x100 version is (1+2) nibbles long = 12 bits (same as 0x101). Title: Re: Features of the formation of BIP39 in electrum above version 2.0 Post by: o_e_l_e_o on September 22, 2021, 09:00:34 AM If you are using that script to generate a mnemonic, then you can import it in to Electrum and check the box labelled "BIP39 seed" under "Options" on the page you enter the seed phrase. Electrum will then generate the same addresses (given the same derivation path) as your script.
BIP39 uses PBKDF2 with the word "mnemonic" appended to passphrase but Electrum uses the same PBKDF2 using the word "electrum" appended to the passphrase. The passphrase (or an empty string) is appended to "mnemonic"/"electrum", not the other way around.The first bit of an Electrum version The first four bits. |