5

I understand it's possible to create a "normalized" 256bit wallet seed, and the mnemonic corresponding to it is compatible with both mymonero web wallet and simplewallet. What is a normalized seed and how to create one?

JollyMort
  • 19,934
  • 3
  • 46
  • 105

1 Answers1

7

At the beginning, when we designed the mnemonic seed mechanism, the spec was to have a seed derived from the mnemonic, hash it to produce the spend key, and hash it again to produce the view key. Somewhere in the implementation this spec got lost, and instead the seed derived from the mnemonic was the spend key, and the viewkey was hashed from that.

When MyMonero was being built, because it was at the same time as this mnemonic implementation was being done, it worked off the spec and not off the implementation. And because MyMonero followed the spec correctly, we ended up with a different derivation mechanism.

This has caused no end of confusion and frustration. Eventually, we added in an "import" function in MyMonero, that we charge for, to help alleviate the heavy process of rescanning the blockchain if you're sweeping a cold wallet or similar. But adding MyMonero's seed derivation mechanism into simplewallet would largely be a no-go, especially if I pushed it in, as it would be borderline unethical.

Eventually moneromooo came along and created a JavaScript-based generator, MoneroAddress, that generates a mnemonic that is compatible with both MyMonero and simplewallet. It's not doing anything fancy - it's merely generating a simplewallet-compatible mnemonic - but it takes advantage of the fact that a new wallet that is "restored" in MyMonero doesn't need to be "imported", as it only exists from the point you first login with the mnemonic. MoneroAddress can also be downloaded from the Github repository, and used entirely offline! This is a "normalised" seed - one that works on both simplewallet and MyMonero, instead of just on MyMonero:)

So to answer the second part of your question: use MoneroAddress to generate a wallet, and if you want hot-wallet access to it then immediately load it into MyMonero and ignore the import prompt.

fluffyponyza
  • 5,089
  • 20
  • 35
  • 1
    MoneroAddress generates 25 words. I thought MyMonero used less words. – Christopher King Aug 01 '16 at 12:18
  • 2
    @PyRulez it does - but the number of words is largely irrelevant to the derivation; 13 words = 12 words + checksum = 128-bit, 25 words = 24 words + checksum = 256-bit. – fluffyponyza Aug 01 '16 at 12:20
  • 1
    So do you just enter all 25 words into MyMonero? – Christopher King Aug 01 '16 at 12:21
  • 3
    @PyRulez that's correct – fluffyponyza Aug 01 '16 at 12:53
  • 1
    @fluffyponyza Thanx! Could you shine some light on how are those generated? From your answer it's not clear how we go from mnemonic to keys for these normalized seeds. If simplewallet uses one way (spendkey=seed) and mymonero the other (spendkey=hash(seed)), how can one seed work for both? – JollyMort Aug 02 '16 at 00:49
  • @JollyMort MyMonero can handle both formats, simplewallet can't. So a "normalised" seed is merely a simplewallet seed, created in such a way that it definitely can be handled by MyMonero. – fluffyponyza Aug 02 '16 at 12:35
  • That I understood already. But what is the process of generating such seed - keep trying random seeds until we get a compatible one, or is there a better way? How to evaluate if a seed is valid for mymonero? I saw on reddit luigi talk about those, and describe a way to generte using his site, but it's not clear what criteria must it satisfy to be accepted by both mymonero and simplewallet and generate the same set of keys. – JollyMort Aug 03 '16 at 09:47
  • @JollyMort every simplewallet seed is accepted by MyMonero, so you just have to generate it with simplewallet. You can't, however, randomly select words from the word list and hope that it will be a valid seed, as there are some EC cryptography criteria that it has to meet (ie. it has to be a valid EC curve point). – fluffyponyza Aug 04 '16 at 15:04
  • Ah, understood, thank you. Then, if it's a 25 word seed, mymonero uses the "old" system you described - same one as simplewallet - to get from seed to keys. In effect, any valid simplewallet seed is also valid for mymonero. So in this context, "normalized" means that the seed satisfies the EC criteria, right? – JollyMort Aug 04 '16 at 22:09
  • @JollyMort exactly right - you've got it! – fluffyponyza Aug 04 '16 at 22:40