Bitcoin Forum
February 17, 2020, 10:24:08 AM *
News: Latest Bitcoin Core release: 0.19.0.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: MyCelium -Keys issue with regards to BIP39/44 and differences of iOS and Android  (Read 4599 times)
Michail1
Legendary
*
Offline Offline

Activity: 1446
Merit: 1160



View Profile WWW
February 23, 2015, 10:26:57 PM
 #1

Mycelium on Android differs from iOS / Master keys / Generating addresses

*Why does Mycelium display different master keys on the Android than the iOS version*
(And how to generate the same addresses from both.)

Mycelium 2.2.0 - Android
Mycelium 1.0.1 - iOS  (I will not go into the issues/bugs with the iOS version as it deeply needs to be updated - I have done a lot of testing.)
Using a random master seed generated and on each device works and the associated balances match (unlike breadwallet (another topic)).

Export a master public key for use in ecommerce or simply knowing the future addresses. 
To generate the addresses from the master key, you can:

Go to:  www.evilbs.com/bip39   or   https://dcpos.github.io/bip39/    or download and run offline (recommended).
The file/website keys shown matches iOS version of MyCelium, but not the Android version of the software.

iOS.  Install, make a new wallet.  You then have your master seed.  Since this is just for testing, I got:   
orange hurt leisure rely name multiply pond crawl canoe story only bird

Plug that into the bip39 converter (site or offline).
Click on 'Mycelium wallet' (or BIP44 - same thing) which simply sets to:  m/44'/0'/0'/0
bip 44 and 0's for point/wallet, etc
(I go to BIP32 and input m/44'/0'/0'/0  as this allows for testing/changing the numbers (not greyed out))

Great, this produces a mpubkey for the first wallet of: 
xpub6FJdwT45KSFs3fAhDGwzY6jrMqP5FETMkR3r9wikit2UoYLRUb625rcGUJzgQtKpNrhhi3tpRaC Ubab9tXqK9KqwnTesGQs4UTKHzcXkP4x
It matches the iPhone, and the 1st receiving address of: 14Brr4TQpx4a7WvpN52a7S3mZs9nNfCrLs  all good.

Now, as for Android, although my 1st receiving address is: 14Brr4TQpx4a7WvpN52a7S3mZs9nNfCrLs, the mpubkey
is different
Andoid:
xpub6DW3ui9w59vVVLtdCtNTrxdLNp9WVCppDhKdnyWDpkUC5ZtfMm1evZKyJte7GuSj9AncPh5kmgi 5wCk1s3yAGjQ1vNi1QyxaevXiULhX11a

When getting a mpubkey, you get a different one from iOS than Android for the same master seed; however,
both devices generate the same receiving addresses - The first being: 14Brr4TQpx4a7WvpN52a7S3mZs9nNfCrLs.   
I wanted to know why....

So, I went to any of the bip39 websites to see (after putting in the master seed and selecting Mycelium wallet....

The Derivation path on Android (to see current and future HD wallet addresses) is:
m/44'/0'/0'/0

Side Note:
(if you select bip32 (or custom and put in m/44'/0'/0'/0 )  it is the same thing.  Do this to see future receiving addresses)
and when creating another HD Account, the next is:
m/44'/0'/1'/0    and so on.

Everything the site shows matches the iOS version of Mycelium.  This does NOT work for the Android version since the
mpubkey is diff on the site than what Android shows you. 
So, why does the generated bitcoin addresses match if using different pub keys?

I decided to test with pycoin....

Using iOS mpubkey, for pycoin, you can generate the first 5 addresses using:
ku mpubkey -a -s0-4

0   14Brr4TQpx4a7WvpN52a7S3mZs9nNfCrLs   
1   1f26ma1LitK2Cv1aWRcdPQC7zBeyp5WWh   
2   1F5K9q3JnxZnRbSqoabU6P427rnbDTTyTG   
3   1CaBPyF78q17yo7ZjzJDY7kJfgEaEzaTpS   
4   1HqSjEyLj8LgEL7p3sisTvfvAXpfmnzUqf

Great, so everything matches and works on the iPhone


On Android, you get a different mpubkey; however, the address generation is the same IF you change the Deprivation path.
So, for pycoin, you can generate the first 5 addresses using
ku mpubkey -a -s0/0-4
0   14Brr4TQpx4a7WvpN52a7S3mZs9nNfCrLs   
1   1f26ma1LitK2Cv1aWRcdPQC7zBeyp5WWh   
2   1F5K9q3JnxZnRbSqoabU6P427rnbDTTyTG   
3   1CaBPyF78q17yo7ZjzJDY7kJfgEaEzaTpS   
4   1HqSjEyLj8LgEL7p3sisTvfvAXpfmnzUqf

Why a diff pubkey and why using -s0-4 vs -s0/0-4 to get the same matching receiving addresses?


Why is it that the website matches everything from iOS version of Mycelium, but not Android,
and why can't I duplicate keys list on the Android with the site?

1581935048
Hero Member
*
Offline Offline

Posts: 1581935048

View Profile Personal Message (Offline)

Ignore
1581935048
Reply with quote  #2

1581935048
Report to moderator
1581935048
Hero Member
*
Offline Offline

Posts: 1581935048

View Profile Personal Message (Offline)

Ignore
1581935048
Reply with quote  #2

1581935048
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1581935048
Hero Member
*
Offline Offline

Posts: 1581935048

View Profile Personal Message (Offline)

Ignore
1581935048
Reply with quote  #2

1581935048
Report to moderator
1581935048
Hero Member
*
Offline Offline

Posts: 1581935048

View Profile Personal Message (Offline)

Ignore
1581935048
Reply with quote  #2

1581935048
Report to moderator
1581935048
Hero Member
*
Offline Offline

Posts: 1581935048

View Profile Personal Message (Offline)

Ignore
1581935048
Reply with quote  #2

1581935048
Report to moderator
apetersson
Hero Member
*****
Offline Offline

Activity: 667
Merit: 500



View Profile
February 24, 2015, 11:05:38 AM
 #2

thanks a lot for bringing this to our attention.

Mycelium iOS and Android have unfortunately different xPubkeys:

for the first account, Android uses
   
Code:
m/44'/0'/0'
while iOS gives you
   
Code:
m/44'/0'/0'/0
These pubkeys have different purposes: the Android Pubkey allows tracking of all incoming addresses and change addresses.
The iOS Version excludes the change addresses and only provides the "external chain".

We talked about this internally, and the iOS version will change, Since the m/44'/0'/0' version has a few usages today, and of course we want compatibility.
Michail1
Legendary
*
Offline Offline

Activity: 1446
Merit: 1160



View Profile WWW
February 24, 2015, 05:38:21 PM
 #3

First, thanks for the response; however, I think you missed it.

BIP39/44 site matches the iOS version.
Can duplicate results, receiving addresses, etc - Everything.  This is great.   Hell, it even has a button for MyCelium wallet which is m/44'/0'/0'/0
- Even the receiving addresses are correct and the displayed master keys shown.
And, it also matches the default output of pycoin using ku.  All is wonderful.

Why would you change the iOS version if everything matches everything as above?

It's the Android version that seems to be off.  Android version doesn't match the site for master seeds, and you specifically have to change it from the defaults to m/44'/0'/0' in order to get the same receiving addresses even if the master public keys shown are not displayed.

Why not change the Android version to match all other sites and pycoin?


Note:  You did say that Android uses m/44'/0'/0 for the 'first' account however taking out '/0 isn't a standard for BIP44.
And, the masterkey is different than any site I have checked.   Meaning, if I type in the neumonic on the sites, they all show different masterkeys than displayed on Android version.

To me, it appears the android version is the nonstandard.

Maybe I am missing something?  More research, but I like that the iOS version matches the BIP39/44 sites which means there is an online resource which, by default, will show me the future receiving addresses of a wallet and the keys match on the site to the wallet app.  (Android matches if you fool around with the defaults even if the keys on export don't match).

PS.  I wish the iOS version would be updated as there are many bugs.  I am guessing you are already aware of them, so I wont go into that here.

cetus
Newbie
*
Offline Offline

Activity: 22
Merit: 0


View Profile
February 26, 2015, 12:28:23 AM
 #4

I think Android version's xpub is better.

For a BIP-44 wallet, the xpub at m/44'/0'/0' makes a lot more sense than at m/44'/0'/0'/0.  The former can be used to find out the total amount of funds in Account 0, and therefore is usable as a “watch-only” key to monitor an HD account without risking the private keys.  And it can still generate “incoming” addresses in the external chain at 0/1, 0/2, 0/3 etc. relative to the xpub.

m/44'/0'/0'/0 does technically offer a bit more privacy by hiding the internal (change) chain.  Still, whoever has it can see all external incoming transactions into the account and track them on the blockchain.  That's really not that much more private than m/44'/0'/0'.  I suppose xpubs are not really meant to be made public; it's the addresses on the external chain that are.  And they are the same regardless of the xpub they are derived from (as long as correct derivation sub-paths are used).

The site you mentioned (which you call ‘sites’ in plural, even though they are identical) looks to me more like an engineering toolkit than a consumer product.  It calculates everything based on a derivation path.  You can enter one path and read just the xpub, then enter another path and read just the derived addresses.  I guess, the site assumes that the visitors are more likely to be interested in the addresses than in the xpub, so the default derivation path for Mycelium Wallet is the one for addresses.  An extra parameter for the sub-path could have made it easier to use, but as a toolkit, the site offers the functionality it's built for.

Oh, and your spelling of Mycelium is wrong in most instances.  ‘Celium’ is not a word.
Michail1
Legendary
*
Offline Offline

Activity: 1446
Merit: 1160



View Profile WWW
February 26, 2015, 01:58:49 AM
 #5

For a BIP-44 wallet, the xpub at m/44'/0'/0' makes a lot more sense than at m/44'/0'/0'/0.  The former can be used to find out the total amount of funds in Account 0, and therefore is usable as a “watch-only” key to monitor an HD account without risking the private keys.  And it can still generate “incoming” addresses in the external chain at 0/1, 0/2, 0/3 etc. relative to the xpub.

m/44'/0'/0'/0 does technically offer a bit more privacy by hiding the internal (change) chain.  Still, whoever has it can see all external incoming transactions into the account and track them on the blockchain.  That's really not that much more private than m/44'/0'/0'.  I suppose xpubs are not really meant to be made public; it's the addresses on the external chain that are.  And they are the same regardless of the xpub they are derived from (as long as correct derivation sub-paths are used).
What I didn't/don't understand is if 4 fields are the protocol (m/44'/0'/0'/0), then why does (m/44'/0'/0') even work.  What is being used as a default in which position?  Sorry, I just need to read more.

Sites:
The site you mentioned (which you call ‘sites’ in plural, even though they are identical) looks to me more like an engineering toolkit than a consumer product. 
I mentioned any BIP39 sites, but listed two (although a copy).  If you use google, you will find many sites and github tools to match the results.  Since it is a protocol, it wouldn't matter which I pick.  To save space, I decided not to make this a thread about a list of sites or tools.  This thread is about keys, not about sites which convert wordlists.  Basically, the SITE matches the keys that the iOS version outputs and the Android version doesn't.   I CAN'T match a wordlist to the keys that the Android version outputs.   So, any person trying to figure out if there wordlist backup is correct or not simply can't match keys output on the Android.

Also,
Oh, and your spelling of Mycelium is wrong in most instances.  ‘Celium’ is not a word.
My wife does that.   She will take an entire conversation and, just to make a point, will try to nitpick anything.  I don't think spelling, or rather the case of a letter, changes the topic of a thread.  If I were to nitpick back, I would say that your determination of 'wrong in most instances' is wrong in that I used the capital letter C only 3 times out of the 11 times I had typed it in.

Thanks for your input.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!