Skip to content

Instantly share code, notes, and snippets.

@0300dbdd1b

0300dbdd1b/BIP39_Versioning.md

Last active October 27, 2023 21:18
Show Gist options
  • Save 0300dbdd1b/767bb8b7f58ba63da659ef7268b7c505 to your computer and use it in GitHub Desktop.
Save 0300dbdd1b/767bb8b7f58ba63da659ef7268b7c505 to your computer and use it in GitHub Desktop.
Download ZIP
Proposal for Enhancing BIP39 Mnemonic Phrases with Versioning
Raw
BIP39_Versioning.md

Proposal for Enhancing BIP39 Mnemonic Phrases with Versioning

Author:

@0300dbdd1b

Abstract:

This document proposes an enhancement to the BIP39 mnemonic phrase standard. By incorporating a 32-bit versioning field, this proposal aims to provide broader compatibility and flexibility for future applications.

1. Introduction

BIP39 mnemonic phrases are an essential mechanism for representing entropy in a user-friendly format. With the growing reliance on such standards, there emerges a need to refine and ensure its long-term viability.

2. The 32-Bit Versioning Field

A 32-bit field is proposed, structured as:

  1. Reserved (24 bits): Allocated for potential future adaptations. The exact subdivision and utilization of these bits can be defined by specific versions as required.
  2. Version (8 bits): Dictates the mnemonic's version.

3. Compatibility Considerations

  • Backward Compatibility: Systems designed for BIP39, unaware of the 32-bit extension, will interpret the mnemonic as a 'Legacy' BIP39 phrase.
  • Forward Compatibility: The versioning mechanism prepares systems for future modifications to the BIP39 standard, facilitating seamless integration.

4. Implementation Framework

The mnemonic phrase generation process under this standard is:

  1. Produce initial entropy in multiples of 32 bits.
  2. Prepend the 32-bit field to the entropy.
  3. Compute and append the checksum as defined by BIP39.
  4. Convert the result to a BIP39 mnemonic phrase.

⚠️ The entropy size limit set by BIP39 is removed.

5. Dictionary Dependency

Wallets will still require access to the predefined BIP39 dictionary to retrieve the version of the mnemonic seed and validate the checksum.

💡 Note that as certain numbers are in the BIP39 English wordlist, this could be used by software to identify the version number without relying on the wordlist.

One way to achieve this is by assigning the first 22 bits of the reserved field to match these words.

11110010110 11111111101 : version zero
11110010110 10011010101 : version one
11110010110 11101011101 : version two
11110010110 11100001000 : version three
...
11110010110 01101111001 : version hundred

6. Changing Derivation Methods

The introduction of mnemonic versioning provides the flexibility to adopt alternative entropy derivation methods in the future. While BIP39 currently uses PBKDF2 for key stretching, future versions could employ different mechanisms to meet evolving cryptographic standards and requirements.

References:

  1. Bitcoin Improvement Proposals. BIP39: Mnemonic code for generating deterministic keys.
  2. bip39-versioned
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment