Commit 044db8df authored by Éloïs's avatar Éloïs
Browse files

wip: [DEWIF] store mnemonic

parent 8987b59f
......@@ -60,7 +60,7 @@ The 4 bytes of the version field must be interpreted as an unsigned integer enco
| log N | Algorithm | Encrypted data |
|:---------:|:-----------:|:---------------:|
| 1 byte | 1 byte | 64 bytes |
| 1 byte | 1 byte | Any bytes |
#### Algorithm
......@@ -70,16 +70,10 @@ The 4 bytes of the version field must be interpreted as an unsigned integer enco
| [BIP32-Ed25519] | 0x01 |
| Unknown* | 0x02 |
* Future algorithms can be added to DEWIF v1 if their seed and public key are the same size.
*\* Future algorithms can be added to DEWIF v1.*
#### Encrypted data
| Seed | Public key |
|:-------------:|:-------------:|
| 32 bytes | 32 bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate a keypair with the seed and check that the obtained public key matches.
**Symmetric encryption algorithm:** aes256
**AES256 key** = scrypt of user passphrase with the following parameters:
......@@ -92,13 +86,21 @@ The public key serves as a checksum. To check that the DEWIF base64 string is no
|**r** |16 |
|**p** |1 |
##### Algorithm Ed25519
| Seed | Public key |
|:-------------:|:-------------:|
| 32 bytes | 32 bytes |
The public key serves as a checksum. To check that the DEWIF base64 string is not corrupted, simply generate a keypair with the seed and check that the obtained public key matches.
**Example 1:**
| Parameter | Value |
|:-----------------:|:----------------------------:|
|**Log N** | 15|
|**Algorithm** |Ed25519|
|**Keypair seed** | 0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 |
|**Log N** | 15 |
|**Algorithm** | Ed25519 |
|**Keypair seed** | 0xbfa3f6e322cf21d0e652f79a69df9498fdf5347665e5646d9041f756496a1143 |
```txt
0x000000001 #v1
......@@ -111,47 +113,73 @@ The public key serves as a checksum. To check that the DEWIF base64 string is no
**AES256 key generated from scrypt with the following parameters:**
| Parameter | Value |
|:-----------------:|:----------------------------:|
|**N** | `2^12 = 4096` |
|**r** |16|
|**p** | 1 |
| Parameter | Value |
|:-----------------:|:-------------:|
| **N** | `2^12 = 4096` |
| **r** | 16 |
| **p** | 1 |
DEWIF base 64 string (with aes key `"toto titi tata"`):
`AAAAARAAAAEMAJ8UMCz6NVliR+EGUdlnZ8RAi8GqcbXqDn7TZxjXzBI6NbRxSDYlXdJRMlg3YKttB5EPAZrNafNIUGmFyEyaIvQ=`
##### Algorithm Bip32-Ed25519
| Language code | Entropy length | Mnemonic entropy | Checksum | padding |
|:--------------:|:--------------:|:----------------:|:--------:|:------------:|
| Uint8 (1 byte) | Uint8 (1 byte) | Any bytes | 8 bytes | Zeroed bytes |
The padding is used so that the size of the encrypted data is a multiple of 16 (necessary for aes256).
Language code:
| Language code | Language |
|:--------------:|:-------------------:|
| 0 | English |
| 1 | Chinese simplified |
| 2 | Chinese traditional |
| 3 | French |
| 4 | Italian |
| 5 | Japanese |
| 6 | Korean |
| 7 | Spanish |
Mnemonic entropy is defined on [BIP39]
To check that the DEWIF base64 string is not corrupted, compute the hash sha256 of `Language code || Entropy length || Mnemonic entropy`. The first eight bytes of the sha256 hash constitute the checksum.
**Example 2:**
| parameter | value |
|:-----------------:|:----------------------------:|
|**Log N** | 15|
|**Algorithm** |Bip32-Ed25519|
|**Keypair seed** | 0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872 |
| **Log N** | 14 |
| **Algorithm** | Bip32-Ed25519 |
| **mnemonic** | `"crop cash unable insane eight faith inflict route frame loud box vibrant"` |
```txt
0x000000001 #v1
0x100000001 #g1-test
0x0F # log N
0x01 # Algorithm Bip32-Ed25519
0xb7d3a54e1c20172cd38e0d803776a3bacf11f895ef8ef846043a0d628431c872 # keypair seed
0xd1fec6ddf6e887e40bd77d459131ee5a6bec1194341b9393ead606363bb7b060 # public key
0x00 # Language english
0x10 # Entropy length
0x33E46BB13A746EA41CDDE45C90846A79 # Mnemonic entropy
0x???? # checksum
```
**AES256 key generated from scrypt with the following parameters:**
**AES256 key generated from scrypt with the following parameters:**
| Parameter | Value |
|:-----------------:|:----------------------------:|
|**N** | `2^15 = 32768` |
|**r** |16|
|**p** | 1 |
| Parameter | Value |
|:--------------:|:--------------:|
| **N** | `2^14 = 16384` |
| **r** | 16 |
| **p** | 1 |
DEWIF base 64 string (with aes key `"toto titi tata"`):
`AAAAARAAAAEPAXBN8l4QNE9IhJV0f7w22U0UpnXnNupVruNplirmnM88WdtmyBlXy5pYX1VvTVplmO5vz/49FukruEGRIhEXvLw=`
`???`
[Ed25519]: https://tools.ietf.org/html/rfc8032
[BIP32-Ed25519]: https://drive.google.com/file/d/0ByMtMw2hul0EMFJuNnZORDR2NDA/view
[Ed25519]: https://tools.ietf.org/html/rfc8032
[BIP39]: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki#generating-the-mnemonic
[DUBP]: https://git.duniter.org/nodes/common/doc/blob/master/rfc/0010_Duniter_Blockchain_Protocol_V12.md
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment