Published on: 2018-01-18T21:29:27+00:00
In a recent email exchange, Matthew Clancy disagreed with the notion that changing or removing a word in a mnemonic phrase is impossible. The argument against it is that the verification of an existing mnemonic requires the list, and altering one word would necessitate an alternative to BIP0039 or a complete change to a new set of 2048 English words. However, Clancy proposed a simple solution: selecting another word not on the 2048 list and agreeing by convention that it represents the same number as 'satoshi' or the original word. This alternative implementation seems feasible.The discussion on the Bitcoin development mailing list revolved around a suggestion to eliminate the word "satoshi" from the BIP39 English wordlist. The concern was that if a malicious third party discovers a word list resembling a seed, they could test every occurrence of "satoshi" to find a lead to a seed. Opponents argued that changing a word or list is impossible since the verification of an existing mnemonic relies on the list. To alter one word, an alternative to BIP0039 or a complete replacement of all the words with a new set of 2048 English words would be needed. One proposal was to use only the most common words that meet the necessary criteria.The suggestion to remove the word "satoshi" from the BIP39 English wordlist stems from the concern that it poses an unnecessary security risk. Malicious third parties could index any discovered word list and test each occurrence of "satoshi" to identify a bitcoin seed, making it easier to exploit. Some argue that the inclusion of the word does not necessarily increase the security threat, as any word list resembling a seed would be tested regardless. Nonetheless, there are supporters who believe removing "satoshi" would be a reasonable improvement. The linked wordlist provides further context.Responding to Ronald van der Meer's suggestion to remove "satoshi" from the BIP39 English wordlist, Weiwu Zhang states that the word's presence does not significantly impact the security threat. If a malicious third party finds a wordlist resembling a seed, they would test it as a bitcoin seed regardless of whether it contains "satoshi". Zhang highlights the risk lies in indexing and testing every occurrence of "satoshi" for a lead to a seed, which can be done by recycling services or through hacked accounts. Consequently, Zhang views the removal of "satoshi" from the wordlist as a reasonable improvement.A Bitcoin developer has proposed removing the word "satoshi" from the BIP39 English wordlist used for generating bitcoin wallet seeds. The suggestion arises from concerns that malicious third parties could exploit the inclusion of "satoshi" to identify a bitcoin seed. However, some argue that the security threat is minimal since determined attackers would attempt to use any word list as a seed, regardless of the presence of "satoshi". The real risk lies in attackers indexing and testing each occurrence of the word to gain access to a bitcoin wallet.Ronald van der Meer, an individual reviewing Bitcoin Improvement Proposals, has recommended removing the word "satoshi" from the BIP39 English wordlist. The objective is to make it less apparent that the phrase represents a bitcoin seed when discovered by malicious third parties. Ronald provides his email, website, Twitter account, and GPG key for secure communication.
Updated on: 2023-08-01T22:26:37.151195+00:00