Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

On 12 May 2014 15:09, Jan Møller wrote: > > I think having 3 encoding formats (long/short/compact) is over engineered, > and basically only makes implementing the standard a pain in the rear. From > a user experience point of view only the long format makes sense, and it is > only a few bytes long

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

A fork of Matt's proposal converted to GF(2^8) is here: https://github.com/cetuscetus/btctool/blob/bip/bip-.mediawiki Other changes include: - only six application/version bytes are allocated, which is the minimum to ensure that the encoded form starts with S in all cases; - encoded prefixes a

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

> > A fair point. I'll add some prefixes for testnet. > I've looked at the latest draft and am worried about the increased AVB namespace usage. Would it make sense to differentiate main/testnet in the prefix byte instead of the AVB? Perhaps aiming for ST rather than TS. > I'll welcome forks of

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

> What do you think a big-integer division by a word-sized divisor *is*? > Obviously rolling your own is always an option. Are you just saying that > Base58 encoding and decoding is easier than Shamir's Secret Sharing because > the divisors are small? Well, yes, to be fair, in fact it is. The

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

> > I'd be fine with changing the key fingerprint algorithm to something else. Do > you like CRC16? > I like CRC16. Do you intend to use it in conjunction with a cryptographic hash? Regarding the choice of fields, any implementation of this BIP will need big integer arithmetic to do base-58 anyw

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

On 4 April 2014 01:42, Matt Whitlock wrote: > The fingerprint field, Hash16(K), is presently specified as a 16-bit field. > Rationale: There is no need to consume 4 bytes just to allow shares to be > grouped together. And if someone has more than 100 different secrets, they > probably have a go

Re: [Bitcoin-development] Presenting a BIP for Shamir's Secret Sharing of Bitcoin private keys

Matt Whitlock wrote: > Okay, you've convinced me. However, it looks like the consensus here is > that my BIP is unneeded, so I'm not sure it would be worth the effort > for me to improve it with your suggestions. I need your BIP. We are going to implement SSS and we'd rather stick with something