bitcoin-dev
Penlock, a paper-computer for secret-splitting BIP39 seed phrases
Posted on: May 14, 2024 12:03 UTC
Andrew Poelstra recently addressed some key updates and insights regarding the development of digital document compatibility, cryptographic tools, and methodologies for secure information handling.
The conversation sheds light on several technical aspects that are pivotal to understanding the current state and future directions in this field.
Firstly, there have been significant improvements in making documents display correctly across most browsers. However, challenges persist with the "Print to PDF" feature, especially in qutebrowser versions 5.x and 6.x, leading to pixelation issues and incorrect page margins. This problem is under investigation, with hopes for a resolution that ensures compatibility across all platforms without compromising on quality or accuracy.
In terms of cryptographic advancements, the "Generate a Seed Phrase" guide has been highlighted as a crucial resource for initializing new hardware wallets, specifically those supporting BIP39. This tool currently facilitates the creation of 12-word seed phrases, streamlining the process by eliminating the need for cumbersome checksum grinding. Despite the utility of this feature, it was not included in the initial presentation, possibly due to an assumption that most Penlock users already possess a seed phrase.
The discussion also touches on the exploration of seedxor and the challenges associated with BIP39->binary conversion. The inherent risks of incorrect conversions underscore the importance of meticulous verification processes to prevent potentially catastrophic errors.
Furthermore, the use of GF(27) for analog computations was defended as a viable choice despite its non-standard nature. The permanence of documents pertaining to analog computations ensures their ongoing relevance and utility, unlike software implementations that might require frequent updates or face discontinuation.
Penlock's unique approach to implementing arithmetic operations through slider-wheels and volvelles for additions, subtractions, multiplications, and divisions was discussed. These methods diverge from Codex32's techniques, offering innovative solutions but also introducing risks such as the potential misuse of the slider-wheel. The mitigation strategy for this risk involves design choices that exclude addition operations in certain security protocols.
The efficiency of using Penlock for cryptographic purposes was exemplified by the ability of an experienced user to compute and verify a 12-words checksum within a total of seven minutes. However, the process becomes significantly more time-consuming and laborious for 24-word sentences, highlighting a scalability issue in terms of user effort and focus.
Lastly, the adaptability and sophistication of Penlock's cryptographic capabilities were further illustrated by its support for a variant of Shamir's algorithm, which allows for the implementation of 2-of-(N<=26) cases on a single wheel. For more complex scenarios requiring (K>=3)-of-M configurations, a combination of a recovery wheel and a volvelle facilitates the necessary operations, as detailed on Penlock's website. This level of detail and innovation underscores the ongoing efforts to provide secure, efficient, and user-friendly cryptographic solutions.