Electrum Legacy address

Quote from: BlackHatCoiner on May 20, 2021, 07:30:42 PM

He doesn't have to do that. Electrum allows you to create a legacy wallet without having to import any BIP39 seeds.

the private keys only matter.

Quote from: xenon131 on May 22, 2021, 05:43:30 AM

~
Why? Bag and baggage, the private keys only matter. Is there any essential difference in private keys generated from BIP39 SEED and native Electrum SEED?

There is no difference in private keys derived using any method as long as the method is cryptographically secure. As for the seed phrase itself apart from the BIP-32 seed derivation process, a very small difference in entropy size and the checksum there is no differences and these aren't really big differences either.

Quote from: xenon131 on May 22, 2021, 05:43:30 AM

The procedure to create the legacy wallet via Electrum GUI is much easier than via its console and eliminates human errors.

I believe Electrum no longer lets you create a legacy wallet through the GUI.

Quote from: xenon131 on May 22, 2021, 05:43:30 AM

Why? Bag and baggage, the private keys only matter. Is there any essential difference in private keys generated from BIP39 SEED and native Electrum SEED? The procedure to create the legacy wallet via Electrum GUI is much easier than via its console and eliminates human errors.

Honestly, if you need a legacy wallet, there is simply no reason to choose BIP39 over Electrum seeds. Electrum seeds have obvious advantages over the former and generating it from some other sources raises some security concerns as well.

The story changes with nested Segwit wallet (which I think OP should use over legacy). There's no nested Segwit for Electrum seeds and for which BIP39 would be your only option.

Quote from: ranochigo on May 22, 2021, 04:26:48 PM

Electrum seeds have obvious advantages over the former and generating it from some other sources raises some security concerns as well.

There's a downside of using electrum seeds, at least if we're talking in the long term. Electrum seeds, as said by their name, can only be generated from electrum. But, BIP39 is a proposal and many wallets adopted it. Electrum doesn't propose anything, the developers simply believe that their way is the proper one.

How sure can I be that electrum will exist in 10 years from now? A lot, but I can feel more sure with BIP39.

Quote from: ranochigo on May 22, 2021, 04:26:48 PM

There's no nested Segwit for Electrum seeds and for which BIP39 would be your only option.

I still don't get why they haven't implemented it for nested Segwit...

Quote from: pooya87 on May 22, 2021, 05:53:12 AM

I believe Electrum no longer lets you create a legacy wallet through the GUI.

It allows you:

Quote from: BlackHatCoiner on May 22, 2021, 04:50:05 PM

Electrum's method is fully transparent and it is only a difference with generating the seed for use with BIP32. You can always derive your private keys with Electrum seeds and there really isn't any obvious disadvantages.

Conversely, would you rather continue using a standard that is "Unanimously Discourage for implementation"? BIP39 is only used because it is proposed in a BIP. Just because there is a proposal for it, doesn't mean everyone should use it. It's almost like having a BIP for increased block size... It got rejected at the end.

Quote from: BlackHatCoiner on May 22, 2021, 04:50:05 PM

It allows you:

What version of Electrum are you using?

Quote from: ranochigo on May 22, 2021, 04:54:45 PM

Conversely, would you rather continue using a standard that is "Unanimously Discourage for implementation"?

No, I don't. Don't get me wrong. I believe that using an electrum seed is better than a BIP39 one. But, for the non-code experts, or the people who simply don't look into the code, generating a seed that can only be used by one software may not attract them that much. They will consider this a downside.

Quote from: ranochigo on May 22, 2021, 04:54:45 PM

What version of Electrum are you using?

4.0.4. Have they changed it since then?

Quote from: BlackHatCoiner on May 22, 2021, 05:15:50 PM

Hmm, not really sure if that really matters actually. I don't recommend people to start mixing seeds or start to use seeds interchangably. Perhaps there could be some utility to help people recover Electrum seeds? Definitely not a deal breaker but the point is, if you're going to use Electrum, just might as well generate a seed that uses Electrum's standards. Even if it were to be abandoned in the future, I'm confident to say that there will either be a utility to convert it to a BIP32 seed or users can just transfer it out somehow.

I would definitely be sure that BIP39 will eventually be abandoned (probably still have some support) at some point in time, or at least wallets will start adopting a different standards for mnemonic.

Quote from: BlackHatCoiner on May 22, 2021, 05:15:50 PM

4.0.4. Have they changed it since then?

Yes they have. I think it has been like this since 4.1.0.

Quote from: BlackHatCoiner on May 22, 2021, 04:50:05 PM

How sure can I be that electrum will exist in 10 years from now?

You have to think of "Electrum" as this open source software that exists on the internet and everything it does can be seen by everyone. So it will exist until the end of time as long as the internet exists!

Quote

I still don't get why they haven't implemented it for nested Segwit...

Probably because nested SegWit is less efficient than native SegWit and legacy types since it takes up a a lot more space (even though it has less weight compared to legacy but more compared to native SegWit).

Plus at this point which is nearly 5 years after introduction of SegWit into consensus rules, there is no reason to use a service that doesn't support native SegWit addresses because there shouldn't be any such service anymore.

Quote from: xenon131 on May 23, 2021, 07:26:28 AM

Why? Is this just a matter of your believe or you have the strong evidence for it? As it have been said in my above post the only thing that matters is the private key. Can you prove that private keys generated from BIP39 SEED lack something compared with those priv keys obtained from native Electrum SEED?

As said above, there is no difference to the derived private keys as long as the cryptography's method is strong. Why we do analyze this is because of the checksum and probably because of the fact that generating entropy from electrum is much more random than a github page. The checksum, if you're unfamiliar with, is bits representing the sum of the correct bits. The last word of every seed phrase is affected by the checksum. On a BIP39 twelve-words seed, that requires 4 bits checksum, there are on average 2048/(2⁴) = 128 different combinations of valid seeds. On an electrum seed, that requires 8 bits checksum, there are 2048/(2⁸) = 8 different combinations of valid seeds.

This means that if you ever need to brute force your seed, you'll finish you search 16 times faster.

Quote from: xenon131 on May 23, 2021, 07:26:28 AM

We're talking about seeds here, so talking about the derived private keys would be totally offtopic.

Private keys are the same, BIP39 and Electrum, and also pretty much any other wallets will generate private keys of the same format, ECDSA private and public key pairs are the same for Bitcoin's curve. WIF is adopted by most if not all wallets as well.

The key difference lies with the limitations of BIP39 seeds, reliance on wordlist for checksum is not ideal, lacking versioning and contributing to any user's confusion, and as BlackHatCoiner mentioned, better checksum by lowering risks of false positive. I don't think there is any argument to be made here, you can refer to Electrum's docs on their seed system and you'll realised that it doesn't lack anything that BIP39 has but improves on many of the shortcomings