--- Log opened Tue Nov 15 00:00:17 2022
00:19 -!- salvatoshi [~salvatosh@genymobile-2-6-86.fib.nerim.net] has joined ##miniscript
02:55 -!- midnight [~midnight@user/midnight] has quit [Ping timeout: 252 seconds]
02:57 -!- midnight [~midnight@user/midnight] has joined ##miniscript
05:32 < andytoshi> salvatoshi: i'm confused about your motivation here.. what's wrong with normal bip49/84/whatever paths?
05:33 < andytoshi> if you're letting your users choose arbitrary paths, there's not much you can do to prevent them choosing paths that have already been used elsewhere (and presumably this is the point, so that they can import their stuff from other systems)
05:34 < andytoshi> also you should warn them that non-standard paths make it more likely they'll lose track of coins!
05:48 -!- darosior [~darosior@194.36.189.246] has quit [Ping timeout: 246 seconds]
05:49 -!- darosior [~darosior@194.36.189.246] has joined ##miniscript
06:07 < salvatoshi> imagine a software wallet that implements a miniscript 2FA wallet, working with a hardware wallet: and_v(v:pk(key_user),or_d(pk(key_service),older(12960))). What would the workflow look like?
06:08 < salvatoshi> The idea is that it's a 2-of-2 with a 2FA service that countersigns, but it's non-custodial as after 90-days they user's key alone is enough.
06:09 < salvatoshi> 1) The software wallet import a xpub from the service via some API
06:09 < salvatoshi> 2) The software wallet imports an xpub from the user's hardware wallet
06:10 < salvatoshi> For (2), using any of the standard paths is IMO a bad choice, as the user is likely to have used (or to use in the future) those keys for a different wallet, leading to key reuse
06:11 <@sipa> I think standard paths are really only a thing that should be talked about in the context of simple single-key policies.
06:13 < salvatoshi> giving complete freedom (that is, the user chooses a path) also doesn't seem good, though, as mistakes can lead to either impossible recovery and/or key reuse
06:16 < salvatoshi> so I think some standard is missing; it could be as simple as a new standard path that means: for anything in this subpath, the software wallets should warn the user that it's their responsibility to ensure they do not use this seed/account for multiple policies
06:16 <@sipa> Oh, I don't think the user should choose the path.
06:18 < salvatoshi> agreed, but what would a developer choose right now? There is no guideline afaik
06:18 <@sipa> Something would need to keep track of which paths have been used already, and pick the next one from some set... but UX design isn't my thing :)
06:20 < salvatoshi> that's why I think extending BIP48 with some new script_type (say, 100) might be a good idea. script_type = 100 means "the wallet developer should put extra care to instruct the user to avoid key reuse"; and there is an "account" derivation level in BIP-48, so the user can use different accounts for different policies 
06:27 < darosior> salvatoshi: for your interest we've been discussing that for our wallet https://github.com/revault/minisafe/issues/87
06:30 < darosior> salvatoshi:
06:30 < darosior> > script_type = 100 means "the wallet developer should put extra care to instruct the user to avoid key reuse";
06:30 < darosior> On what occasion would the wallet developer be shown a key, with a derivation path fixed, but no descriptor? Today how wallets (sometimes insanely) use derivation paths is inferring the derivation path to use from a script type, not the other way around. Am i missing something?
06:42 < salvatoshi> commented on the issue!
06:43 < salvatoshi> I suppose just avoiding the BIP-standardized single-sig paths is mostly solving the problem, as multisig wallets already had the key reuse risk
06:44 < salvatoshi> so using existing valid BIP-48 paths already addresses most of my concerns (except it would be more "pure" to have a new script_code - so you can show it to friends that you know how to use miniscript right :P)
06:44 < salvatoshi> *script_type
08:03 <@sipa> For anything else, you necessarily need coordination with something to make sure paths aren't reused, and if you have that something, defaults don't matter.
08:09 -!- jon_atack [~jonatack@user/jonatack] has quit [Quit: WeeChat 3.7.1]
08:10 -!- jonatack [~jonatack@user/jonatack] has joined ##miniscript
08:27 -!- jonatack [~jonatack@user/jonatack] has quit [Quit: WeeChat 3.7.1]
08:46 -!- salvatoshi [~salvatosh@genymobile-2-6-86.fib.nerim.net] has quit [Ping timeout: 260 seconds]
09:25 -!- salvatoshi [~salvatosh@lfbn-idf3-1-330-185.w83-199.abo.wanadoo.fr] has joined ##miniscript
10:00 -!- salvatoshi [~salvatosh@lfbn-idf3-1-330-185.w83-199.abo.wanadoo.fr] has quit [Remote host closed the connection]
10:00 -!- salvatoshi [~salvatosh@lfbn-idf3-1-330-185.w83-199.abo.wanadoo.fr] has joined ##miniscript
11:08 -!- salvatoshi [~salvatosh@lfbn-idf3-1-330-185.w83-199.abo.wanadoo.fr] has quit [Ping timeout: 268 seconds]
12:05 < andytoshi> maybe we should have a BIP which is just a giant list of reserved path prefixes for various services? iirc the 'coin_type` field for bip39 is defined like this
12:05 < andytoshi> err bip49
12:18 < andytoshi> or maybe there should just be a standard by which wallets connect to services and update some index in their "usual" derivation path for each one
--- Log closed Wed Nov 16 00:00:19 2022