While working on
getting rid of the 66 hex characters in order to encrypt/sign easily, I though of what you just presented too. But I don't know if that could work in action. I mean, sure, this is clearly easier to write than a base58 encoded string, but I don't know if it'd be useful for the average user.
Since you've written your paper explaining it and no one has yet implemented it, I'd be interested to do it as an address converter.
Edit:
Convert base-58 / base-32 (bech32) to binary. This would produce 160 bits of the address. Above address in bits -
160 bits is the RIPEMD-160 hash. But an address isn't just an encoding of the hash. There is a prefix in front of the hash which is also encoded too, which means that the final result won't be 160 bits. Correct me if I'm wrong.
Great. We can definitely move to the implementation once we have acceptance from the broader community around its usability.
Here is my feedback:
I didn't get what problem are you trying to solve by representing addresses as human-readable words? I mean, BIP-39 mnemonic is essentially an efficient way of representing binary numbers, which allows humans to interact with sensitive information without risking making errors while interacting with it. Interaction with sensitive keys implies storing, making backups, importing, memorizing in some cases. In other words, a set of words is better than a set of numbers when it comes to humans and their ability to read and memorize things. It is important to manage your private keys carefully and if they are represented in a convenient format, it will make managing less painful. I keep saying "sensitive" and "private" for some reason. Bitcoin addresses are not sensitive and private, they are public and should remain so. More importantly, users should not be encouraged to memorize their addresses because in an ideal situation you use your address only once when receiving a payment. You don't need to reuse your address, once you received a payment, just forget about it and generate another one. You don't need to make backups of or store your address either. We need none of the things that we do with our mnemonics when dealing with the bitcoin address. Your proposal will make things too complicated for the average user because the user may start doing things he shouldn't do. For example, he may mistakenly send the sensitive mnemonic instead of his address or he may confuse backups and accidentally delete his private keys instead of "temporary" bitcoin address. It will create more problems than it will solve, an inexperienced user may lose all their funds due to new standards and the hassle of distinguishing between mnemonic phrases and bitcoin addresses.
You are right to some degree. The area where we believe it adds the most value is comparing the address just before doing the digital signature. This is especially important when you are operating a hardware wallet. This is a first hand experience from a hardware wallet manufacturer ourselves where the users complain of comparing the addresses between the desktop app and the hardware wallet. And I do not blame them because comparing characters is in fact a tedious process. And what we know from BIP39 is out of all of the advantages it offers, the verification of the correct private key while entering it cannot be understated. And mind you, verification is always going to involve a human doing it, whether you are using QR or just copy pasting an address.
Coming to the point in confusion between the Mnemonic phrases and these address mnemonics, I would say this is not a new problem. If you consider a WIF address and private keys, no normal user will be able to tell a difference between the WIF address and the WIF private key just by looking at it. And so even if we want to make this easier, we can easily append specific words like BitcoinAddress to the prefix to eliminate it in the first place.