Greetings,<div><br /></div><div>After reading and <a href="https://github.com/akarve/bipsea">implementing BIP-85</a> I entertained the possibility of a generalized keychain application atop hierarchical deterministic wallets.</div><div><br /></div><div>Here is the <a href="https://github.com/akarve/bip-keychain">pre-proposal for said BIP-Keychain on GitHub</a>. Below are the Abstract and Motivation. See the link above for the full spec.</div><div><br /></div><div>Let me know if I should proceed to submit this as a proper BIP.</div><div><br /></div><div>Thank you.</div><div><br /></div><div><br /></div><div># Abstract<br /><br />We extend the hierarchical deterministic wallet chain from BIP-32 with a new<br />application code for BIP-85 and a deterministic path derivation algorithm<br />that allows applications to create a large key-value map of secrets where the key<br />for each secret is a meaningful semantic path, as opposed to an arbitrary integer.<br />This secure key-value map can replace modern password managers and offers an improved, possibly trustless security profile.<br /></div><div><br /></div><div># Motivation<br /><br />BIP-85 specifies how to derive passwords, private keys, and entropy from paths<br />with the following form:<br /><br />```<br />m/83696968'/{app_no}'/{index}'<br />```<br /><br />Nevertheless BIP-85 has the following ambiguities and shortcomings:<br /><br />1. Path construction is arbitrary in that there is no well-defined procedure to<br />extend the path for applications that require more than two parameters.<br />The implied convention is for paths to end with `{some_integer_n}'{index}'`<br />but there is no guidance on the order of parameters for applications that need more<br />than two inputs.<br /><br />1. Return types for applications vary in interpretation and are<br />not specific enough to be actionable. For example sometimes `n` represents the<br />number of bytes, sometimes the number of characters, sometimes the number of<br />BIP-39 words, etc.<br /><br />Moreover, modern password managers protect hot child secrets with a single root<br />master hot secret such that if the master secret is compromised all children are<br />also compromised.<br /><br />BIP-Keychain proposes a new paradigm where numerous hot or cold secrets are derived<br />from hot but non-secret-compromising _derivation path keys_ that are in turn stored<br />under a hot master secret such that if this hot master is compromised only the<br />_derivation path keys_, and not the actual child secrets (_derivation path values_),<br />are compromised. Said hot master secret can itself be the child derivative of a<br />cold master key. The master key for deriving the secret values need not be stored<br />online nor with the derivation path keys and may be provided just-in-time by the<br />application.<br /><br />Moreover, _generalized derivation paths_ may be interpreted not simply as an<br />input to key derivation but also as information about the real world. <br /></div>

<p></p>

-- <br />
You received this message because you are subscribed to the Google Groups &quot;Bitcoin Development Mailing List&quot; group.<br />
To unsubscribe from this group and stop receiving emails from it, send an email to <a href="mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoindev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/bitcoindev/6d012560-4a66-4346-a1e8-8d8e5c879b29n%40googlegroups.com?utm_medium=email&utm_source=footer">https://groups.google.com/d/msgid/bitcoindev/6d012560-4a66-4346-a1e8-8d8e5c879b29n%40googlegroups.com</a>.<br />