BIP85: revert XPRV breaking changes for application 32' #1673
Conversation
|
ACK |
|
ACK - we should never break user space, if someone has an alternative implementation it can go in a different bip |
| @@ -438,8 +439,7 @@ BIP32, BIP39 | |||
|
|
|||
| * 1.0 (2020-07) | |||
| * 2.0.0 (2024-09-22) | |||
| * Swap chain code and private key bytes in application 32' for consistentcy with BIP-32 (major change) | |||
| * Correct derived entropy for application 128169' test vector (major change) | |||
| * Correct derived entropy for application 707764' test vector (bugfix) | |||
There was a problem hiding this comment.
The only vector that needs correction as of my simplified PR #1679 is Hex (128169').
If somehow an extant implementation got the old test vector to work this correction would be a breaking change but I agree that if the correct BIP 85 algo is used then this is non-breaking :)
|
ACK |
jonatack
changed the title
| Taking 64 bytes of the HMAC digest, the first 32 bytes are the chain code, | ||
| and second 32 bytes are the private key for BIP32 XPRV value. | ||
|
|
||
| WARNING: This is not consistent with BIP-032 |
There was a problem hiding this comment.
a3ff1ea nit, may as well use the same convention as the rest of this BIP, not a blocker
| WARNING: This is not consistent with BIP-032 | |
| WARNING: This is not consistent with BIP32 |
| @@ -258,7 +259,7 @@ INPUT: | |||
|
|
|||
| OUTPUT | |||
| * DERIVED ENTROPY=ead0b33988a616cf6a497f1c169d9e92562604e38305ccd3fc96f2252c177682 | |||
| * DERIVED XPRV=xprv9s21ZrQH143K4Px85utdpu6DFvY2NpHkJajPoupAznfiacH2MC9LasyW4uvqKXNxLWcjqGTbHKAhoZoMAbmRe5g9tAPA7cUUX4UVA1vFKFm | |||
| * DERIVED XPRV=xprv9s21ZrQH143K2srSbCSg4m4kLvPMzcWydgmKEnMmoZUurYuBuYG46c6P71UGXMzmriLzCCBvKQWBUv3vPB3m1SATMhp3uEjXHJ42jFg7myX | |||
There was a problem hiding this comment.
Verified this change indeed reverts to the previous xprv in https://github.com/bitcoin/bips/pull/1600/files#diff-eae7a61b6d2a0b6091c1ce04618f216cbb871d987b985ba712de89e04014654cL235.
| private key<ref name="curve-order" />. Prepend an empty byte (<code>0x00</code>) | ||
| per BIP32 on master key serialization. Use the last (rightmost) 32 bytes as the chain code. | ||
| Taking 64 bytes of the HMAC digest, the first 32 bytes are the chain code, | ||
| and second 32 bytes are the private key for BIP32 XPRV value. |
There was a problem hiding this comment.
In a3ff1ea, is there a reason not to keep the previous footnote at https://github.com/bitcoin/bips/pull/1600/files#diff-eae7a61b6d2a0b6091c1ce04618f216cbb871d987b985ba712de89e04014654cL379?
| and second 32 bytes are the private key for BIP32 XPRV value. | |
| and second 32 bytes[1] are the private key for BIP32 XPRV value. |
|
The reference implementations section would also need to be reverted. |
Thank you 🙏 |
I've done a full revert in #1674. From #1600 (comment):
@scgbckbone would you like to update this pull to do that instead? |
created new PR instead #1676 |
0x00private key prepend as it is defined in BIP-032