Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow restore from 4-character mnemonics #741

Open
greg-szabo opened this issue Jun 12, 2023 · 1 comment
Open

Allow restore from 4-character mnemonics #741

greg-szabo opened this issue Jun 12, 2023 · 1 comment

Comments

@greg-szabo
Copy link

Summary

  • A lot of steel mnemonics backups only store the first four characters of the passphrase mnemonic.
  • While restoring an HSM device using tmkms yubihsm setup --restore, the mnemonics have to be restored to the original words. The user has to get a BIP39 wordlist and manually restore the complete passphrase.
  • TMKMS already has the complete wordlist.

User story: For easier restore, let TMKMS expand the whole passphrase from the 4-char words.
For example: tmkms yubihsm setup --restore --short-words would check for 4-char words and restore them before generating the password.

Proposal

The solution boils down around the Phrase::new method in the hkd32 crate from the iqlusioninc/crates repository. This method converts a string containing the mnemonics passphrase into a Phrase struct.

Option 1: Expand the new method looping through the string's content and try to expand any words if they are four characters. This would not break the method implementation but it would accept input that is not strictly a 24-word BIP39 passphrase as correct input. (aban abandon aban === abandon abandon abandon)

Option 2: Expand the new method input parameters with a boolean that indicates if the submitted string contains short-word mnemonics or full-word mnemonics. This would break implementations of this function elsewhere but it would keep the strict word checking.

Option 3: Add a method to the Phrase struct that allows converting a short-word list to a full mnemonic-list or return with an error if it is invalid. This would not break the current implementations, it could enable strict checking, but it requires the developer to make an extra call to get the full mnemonics, before new is called. It also requires a similar method in the Language struct.

Implementation

I went ahead and implemented Option 3, because I didn't want to break current implementations but I wanted to keep strict checking. I actually like Option 1 more, that's why I need feedback in this issue.

In the hkd32 crate:

  • Language::expand_short(&str) -> Result<&str, Error> returns an expanded BIP39 word from a 4-character input.
  • Phrase::expand_short<S>(S, Language) -> Result<S, Error> returns an expanded BIP39 passphrase from a string of space-separated 4-character input.

After this, in tmkms, I can call Phrase::expand_short, before Phrase::new, if the --short-words input parameter was set.

What do you think, which option would be best?
@tony-iqlusion
Copy link
Member

Option 3 seems the best to me, as it's purely additive and doesn't encumber the existing functionality with extra baggage around a niche use case

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@greg-szabo @tony-iqlusion