Electrum seed word list for monero! official electrum wordlist (english): why? Monero Stack Exchange

Get via App Store Read this postbode ter our app!

electrum seed word list for monero != official electrum wordlist (english): why?

even if only the very first three characters are significant/considered, the english wordlists differ fairly a bit, te terms of population(2048 words vs 1626) spil well spil content(other language versions most likely do too?). Any reason why?

Does this mean that mymonero-simplewallet wouldn’t accept a Bitcoin-style seed phrase I generated inwards electrum(and not inwards monero)?

&emsp,Neither seed type would be accepted ter the current implementation of monero-wallet-cli (–restore-deterministic-wallet) anyway because (the latter) only accepts 25-word seeds. But I attempted converting 13word (official)electrum seeds using Luigi’s address device but those are failing too 🙁

1 Reaction

TL,DR: It’s a different convention. Monero is not a fork of Bitcoin, so most things were worked out from scrape.

Does this mean that mymonero-simplewallet wouldn’t accept a Bitcoin-style seed phrase I generated inwards electrum(and not inwards monero)?

Neither seed type would be accepted te the current implementation of monero-wallet-cli (–restore-deterministic-wallet) anyway because (the latter) only accepts 25-word seeds. But I attempted converting 13word (official)electrum seeds using Luigi’s address contraption but those are failing too 🙁

That’s to be expected because it’s a different convention. It’s not only the matter of wordlist and length, but the entire checksum and key derivation process.

If you truly want to have one mnemonic for both Bitcoin and Monero, you’d have to hash the Electrum mnemonic with something to get a 256-bit oprecht, and proceed from there, or invent some other method.

Simplest way is to input your Electrum seed into “custom-built entropy” opbergruimte on Monero offline wallet generator. If you go this way, save a copy of that pagina somewhere for future reference. Given the same input, it will always create the same Monero wallet with the corresponding Monero mnemonic. This will run the string through 10000 rounds of Keccak-256 and use the result spil your seed and private key. Looking at the source of the webpagina, your seed will be derived using:

Note that sc_reduce32 actually performs a = a mod l operation, where l is defined te CryptoNote whitepaper. This is to make the seed a point on the elliptic curve and a valid private key.

Looking at Electrum documentation, wij find the following:

Electrum wasgoed the very first Bitcoin wallet to derive private keys from a seed phrase made of English words. Early versions of Electrum (before Two.0) used a bidirectional encoding inbetween seed phrase and entropy. This type of encoding requires a immovable wordlist. This means that future versions of Electrum vereiste ship with the precies same wordlist, te order to be able to read old seed phrases.

BIP39 wasgoed introduced two years after Electrum. BIP39 seeds include a checksum, ter order to help users figure out typing errors. However, BIP39 suffers the same shortcomings spil early Electrum seed phrases:

Electrum presently use the same wordlist spil BIP39 (2048 words). A typical seed has 12 words, which results ter 132 onvriendelijk of entropy te the choice of the seed.

Ter Electrum, the seed is used spil the root for deriving individual Bitcoin keys (addresses). Since Monero only needs one address, the seed is used to derive the private key of the address, and that’s all it’s used for. Actually, seed == private spend key , and the private view key is derived from it. Public counterparts of those are what makes a Monero address.

Electrum is attempting to achieve the following: have the mnemonic seed generate the same HD wallet, without having to know the dictionary used to create it. The size of dictionary wasgoed chosen to give exactly 11-bits of entropy to each word ter the mnemonic, resulting te total of 132-bits for 12 words.

Monero is not a fork of Bitcoin and neither is Monero wallet software a fork of Electrum, so it did not inherit this.

Monero uses another philosophy. A seed mnemonic is just an encoding of a 256-bit oprecht seed. It’s 2-way. You can always calculate back and forward BUT you need to have the dictionary to recover the wallet. This has a benefit that you can convert an English seed into Japanese, or any other language and get the same result. This permits far more plasticity but the “drawback” is that you have to keep the dictionary around. I’d argue you always need to keep something around (with Electrum, it would be the technical specification of the method used) anyway, so what’s the point of wanting to get rid of the dictionary?

The number of words is such that there’s approx. same number of combinations of 24 words spil there is 256-bit numbers. The words were chosen to prevent mix-up, and also for all to have unique 3-letter prefix. Wij see that 24^1626 is approximately equal to 2^256 so it’s possible to encode 256 snauwerig to 24 words (25th is the checksum).

Related movie: Halsdoek HIMBEERREICH


Leave a Reply

Your email address will not be published. Required fields are marked *