Kieran
/
snort
5
14
Fork 14
Code Issues 55 Pull Requests 1 Packages Projects Releases 24 Wiki Activity

Incorrect NIP06 derivation #745

New Issue
Open
opened 2024-05-24 18:08:25 +00:00 by vitorpamplona · 0 comments
vitorpamplona commented 2024-05-24 18:08:25 +00:00
Copy Link

Folks, the NIP06's private key derivation is taking the raw entropy of the wordlist as input as opposed to the Master Seed on line:
bc2169a186/packages/app/src/Utils/nip6.ts (L29)

I think that is incorrect. Those are two different byte arrays. You can switch

entropyToMnemonic -> mnemonicToSeedSync

and then use the resulting byte array on that fromMasterSeed function.

This means that all Snort/Iris users who saved their words are using a key that is not supposed to be derived from those words and will fail to load in any other system.

Folks, the NIP06's private key derivation is taking the raw entropy of the wordlist as input as opposed to the Master Seed on line: https://git.v0l.io/Kieran/snort/src/commit/bc2169a186205247589e9e9d08eb2539c2de247d/packages/app/src/Utils/nip6.ts#L29 I think that is incorrect. Those are two different byte arrays. You can switch `entropyToMnemonic` -> `mnemonicToSeedSync` and then use the resulting byte array on that `fromMasterSeed` function. This means that all Snort/Iris users who saved their words are using a key that is not supposed to be derived from those words and will fail to load in any other system.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
snort-prod
develop
trading
nip26
v0.2.1
v0.2.0
v0.1.24
v0.1.23
v0.1.22
v0.1.21
v0.1.20
v0.1.19
v0.1.18
v0.1.17
v0.1.17-test
v0.1.16
v0.1.15
v0.1.14
v0.1.13
v0.1.12
v0.1.11
v0.1.10
v0.1.9
v0.1.8
v0.1.7
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
Labels
Clear labels   
1000k

1M Sats on Offer

  
100k

100k Sats on Offer

  
10k

10k Sats on Offer

  
200k

200k Sats on Offer

  
20k

20k Sats on Offer

  
500k

400k Sats on Offer

  
50k

50k Sats On Offer

  
5k

5k sats on Offers

  
75k

75k Sats on Offer

  
backend

Issue needs work on snort-api

  
blocked:design

Waiting for UI/UX designs

  
bug

Something isn't working

  
dependencies

Pull requests that update a dependency file

  
documentation

Improvements or additions to documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature or request

  
good first issue

Good for newcomers

  
help wanted

Extra attention is needed

  
invalid

This doesn't seem right

  
P1

   
P2

   
P3

   
question

Further information is requested

  
scope:intl

   
scope:nip

   
scope:query_tracing

   
scope:ux

   
wontfix

This will not be worked on

No Label
1000k
100k
10k
200k
20k
500k
50k
5k
75k
backend
blocked:design
bug
dependencies
documentation
duplicate
enhancement
good first issue
help wanted
invalid
P1
P2
P3
question
scope:intl
scope:nip
scope:query_tracing
scope:ux
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Kieran/snort#745
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?