Author: James MacWhyte 2019-02-07 02:42:55
Published on: 2019-02-07T02:42:55+00:00
A discussion was held on the bitcoin-dev mailing list regarding the use of shuffled decks of cards as a form of physical backup for private keys. Devrandom suggested using 50+ 6-sided dice rolls to obtain around 128 bits of entropy, but Alan Evans pointed out that it was not enough to just use SHA512 and missed out on a condition where the master key would be invalid if IL is 0 or ≥n. He also suggested inventing/formalizing a scheme that takes Cards -> Entropy so that one can generate BIP39 and non-BIP39 fans can continue generating and storing their root xprv. Prior art was noted in Ian Coleman's BIP39 site which already supports Cards (and Dice) and calculates the Total Bits of Entropy while being able to handle card replacement and multiple decks. It was also mentioned that the entropy calculation was out by a bit. James MacWhyte added to the discussion by suggesting drawing a diagonal line on the side of the deck from corner to corner to ensure that the order of the shuffled deck remained intact.
Updated on: 2023-06-13T16:53:43.951629+00:00