SylUI - easier way to write private key (Ux improvement proposal)

[Greg Tonoski]

Private key written as in the example:

"duboli kufuzu naleqy lyfety dohihy rutoqa rageli kilyly vetyka himujy teluzi fuoda va".

Why not? Can I ask you to review the SylUI concept, please? There is location of the demo and more information: "gregtonoski.github.io/sylui/".

[Ambatman]

I don't think I can trust any platform with anything I consider 'Secret'.
Checked the Github but really didn't get much and I think i would wait for those that have opened the Sylui code introduction.

If am not mistaken you are using mnemonic phrase as the private key?
The method you implementing is it in alignment with BIP 39, or is the randomness arbitrary.
Well I think it Isnt and personally I don't know if the randomness is random enough and this could be considered 'unsafe'

The standard for seedphrase is BIP 39 and this doesn't follow such and wallets that uses BIP 39 wouldn't recognize this
Except the aim is keeping the private key in another form which I think is unnecessary.


Edit:

This would be better moved to the Development and technical board.
The icon to move is at the bottom left corner of the thread.

[Greg Tonoski]

Thanks for feedback.

If am not mistaken you are using mnemonic phrase as the private key?

(...) the aim is keeping the private key in another form which I think is unnecessary.

Yes, the aim is to keep a private key in another form/representation which is easier to read and write/type. As an example the BIP39:
"legal winner thank year wave sausage worth useful legal winner thank yellow"
would be equivalent to:
"iqogu sovyza cusydy huvifi zyhole suvyfu je".

[betswift]

Does this belong to the BTC discussion? I would rather put it into the tech discussion.

[Ambatman]

Thanks for feedback.

If am not mistaken you are using mnemonic phrase as the private key?

(...) the aim is keeping the private key in another form which I think is unnecessary.

Yes, the aim is to keep a private key in another form/representation which is easier to read and write/type.

I understand but this could sacrifice security for user friendliness.
A nice initiative though
If private key were easy to write and recall it would have been easier for hackers to guess.
Except maybe there's something I ain't seeing
My knowledge is still limited.

[seoincorporation]

Private key written as in the example:

"duboli kufuzu naleqy lyfety dohihy rutoqa rageli kilyly vetyka himujy teluzi fuoda va".

Why not? Can I ask you to review the SylUI concept, please? There is location of the demo and more information: "gregtonoski.github.io/sylui/".

You could use that phrase to generate a brain wallet:

Passphrase: duboli kufuzu naleqy lyfety dohihy rutoqa rageli kilyly vetyka himujy teluzi fuoda va
Secret Exponent: 6a214f3718250338034cdc39f35ddd7bc821b3b88b197a8d30d3aee7f5cbafb2
Private Key: 5Jd2XrmzvzyWopSd9eKLKmajQmDsRK3xhbeEMUFtx6EPUiNNy6h
Address: 1MrXjcHacHxNSqACNjGt3urrWD9yWjeRqR
Hash160: e4c08dc464b579cb6f3ad0f43daa2e32243eba98

Even if brain wallets are considered vulnerable, i think a long prhase like that should be secure enough to proceed with. The risk part is the process of making the wallet, remember to never use an online address generator, always generate them in your computer and if you can generate them under Linux that would be better.

[pooya87]

Yes, the aim is to keep a private key in another form/representation which is easier to read and write/type. As an example the BIP39:
"legal winner thank year wave sausage worth useful legal winner thank yellow"
would be equivalent to:
"iqogu sovyza cusydy huvifi zyhole suvyfu je".

BIP39 is considered easier to read/write because it contains actual words that can be read and write without mistake. Like the word "legal" in your example. The user already knows this word and its spelling. So they just write it in an instant.

However, your result doesn't contain anything that is easy to read or write like "iqogu". It is not a word, but just random letters. So the user has to write them down one by one with a high chance of mistake.
In other words there is no difference between "sylui duboli kufuzu..." and "C85AFBACCF3E1EE40...." in how easy it is to read or write.

[apogio]

Even if brain wallets are considered vulnerable, i think a long prhase like that should be secure enough to proceed with. The risk part is the process of making the wallet, remember to never use an online address generator, always generate them in your computer and if you can generate them under Linux that would be better.

I get your point and obviously a very complex passphrase can lead to a brainwallet that is infeasible to be cracked.

However, the point of a brainwallet is to be remembered, isn't it? So, if you use duboli kufuzu naleqy lyfety dohihy rutoqa rageli kilyly vetyka himujy teluzi fuoda va as a passphrase, essentially it's much worse than using a CSPRNG to generate 128 bits of entropy to be used in a BIP39 wallet.

However, your result doesn't contain anything that is easy to read or write like "iqogu". It is not a word, but just random letters. So the user has to write them down one by one with a high chance of mistake.
In other words there is no difference between "sylui duboli kufuzu..." and "C85AFBACCF3E1EE40...." in how easy it is to read or write.

I totally agree with pooya87 on this one.

I would also add that BIP39 is a standard, which means it's properly tested and used.

Your method would be superior to the BIP39 standard, only in the sense that BIP39 is limited to a small dataset of 2048 words.

But again, unfortunately, the idea is not very useful.

[Ambatman]

Now that it's been mentioned I just realised OP said an easier way to write private keys and the words ain't even something that's understandable or could be memorised.
It's even longer and harder to write than some private key type (WIF compressed).

Searched some of the words and non of them are any human spoken English.

Well except the aim is to make it easier to protect and prevent individuals from getting access
Which I highly doubt.

[odolvlobo]

The advantage of your encoding over actual words is that it is more compact, but in my opinion actual words are better because actual words are easier to memorize and have error correction built in. Still, your encoding is interesting and there might be a specific scenrio where it shines.

As far as the algorithm goes, you don't describe it anywhere, but my guess is that you are using base-120 with 2-character digits.

[Greg Tonoski]

understand but this could sacrifice security for user friendliness.

No, there isn't any sacrifice of security.

BIP39 is considered easier to read/write because it contains actual words that can be read and write without mistake. Like the word "legal" in your example. The user already knows this word and its spelling. So they just write it in an instant.

I agree up to a point. While English words may be easier for English speakers, others may have little clue how to spell (write) them. Also, some words in the BIP39 dictionary are mistake-prone, e.g. chief and chef.

However, your result doesn't contain anything that is easy to read or write like "iqogu". It is not a word, but just random letters. So the user has to write them down one by one with a high chance of mistake.
In other words there is no difference between "sylui duboli kufuzu..." and "C85AFBACCF3E1EE40...." in how easy it is to read or write.

Not exactly. They are not completely random letters. There is a syllabic structure/pattern that a string follows.

Now that it's been mentioned I just realised OP said an easier way to write private keys and the words ain't even something that's understandable or could be memorised.

Correct.

As far as the algorithm goes, you don't describe it anywhere, but my guess is that you are using base-120 with 2-character digits.

To be precise: base-126 with 2-character digits (except for single/1 character vowels).

Thank you all for sharing your opinions.

[pooya87]

I agree up to a point. While English words may be easier for English speakers, others may have little clue how to spell (write) them. Also, some words in the BIP39 dictionary are mistake-prone, e.g. chief and chef.

BIP39 offers other word lists in other languages though:
https://github.com/bitcoin/bips/blob/master/bip-0039/bip-0039-wordlists.md

But I agree, the early wordlists such as the English one lacked the strict rules to not include similar looking words so the list contains many of them. The newer ones like the Portuguese list are much better though.

[AVE5]

Now that it's been mentioned I just realised OP said an easier way to write private keys and the words ain't even something that's understandable or could be memorised.

Yeah I catch up too. It's a technical strategy to write your private keys so even if anyone gets to it'd not understand what it really means unless him alone understands it.
But get, what it you also forget this technical pattern? I guess your funds would be a gone. The techniques is good though