Published on: 2023-06-05T14:22:04+00:00
Yuri S Villas Boas has published an article on Toptal's Technology Blog introducing Formosa, a password format that aims to improve upon BIP39. Unlike BIP39, which uses semantically disconnected words for seed phrases, Formosa allows for meaningful, themed sentences with a regular grammatical structure. This system is simple and can be understood by any IT professional in less than 10 minutes. Formosa uses a fixed grammatical structure for sentences, making it easy to implement and customize themes. It also retains important properties of BIP39, such as checksum bits and uniformly high entropy density. This leads to efficient auto-complete and resistance to side-channel attacks. The article also touches on the issue of loss of Bitcoin at a higher rate than it is mined, and how non-technical individuals who adopt Bitcoin can feel emotional pain when they lose their patrimony. Yuri argues that a solution for coercion-resistance should not rely on obscurity. He mentions that we currently lack defenses to coercion that don't violate Kerckhoff's principle by critically relying on obscurity. Yuri plans to make a thread about this critical issue soon.In response to feedback from Keagan McClelland, Yuri explains that Formosa extends BIP39 rather than replacing it. This allows for forwards and backwards compatibility, facilitating adoption. Themes used in Formosa are convertible into one another, and legacy addresses can be kept even if a user chooses a theme. While increased memorability could make $5 wrench attacks more viable, Yuri argues that knowledge-based authentication still has properties that possession-based authentication doesn't. He suggests that mitigating the shortcomings of knowledge-based authentication can be done better with two-factor authentication instead of possession-based authentication.Yuri S VB has proposed a password format as a Bitcoin Improvement Proposal that enhances BIP39. The proposed format allows for meaningful, themed sentences with a regular grammatical structure while maintaining the same entropy/checksum and total bits/non-repeating leading digits ratios. This process aims to extend BIP39 rather than replace it, in order to avoid the need for everyone in the ecosystem to adopt a new standard. The main value proposition of this scheme is significant wallet interoperability. Anecdotal experiments suggest that long-term memorization of 128 + 4 bits (equivalent to the 12 words standard of BIP39) can be achieved in less than one hour with the use of a theme. Users who want to avoid the vulnerability to coercion that an effective brain wallet would entail can take advantage of the easier transcription and checking without memorizing the seed for the long term.Yuri, a developer, has proposed a password format that improves upon BIP39 by allowing meaningful, themed sentences with a regular grammatical structure. This proposal aims to make it easier for users to memorize their seed phrases. The intention is to extend BIP39 rather than replace it, as BIP39 is widely used in the ecosystem. The main benefit of this proposal is significant wallet interoperability. However, there may be concerns about whether the increased memorability of the seed phrases is a good thing, as it could make $5 wrench attacks more viable. There is also a possibility that widespread adoption of this technology could change the ratio of loss versus theft in the Bitcoin ecosystem. The proposal is available on GitHub for further exploration and scrutiny by colleagues.
Updated on: 2023-08-02T09:23:27.878283+00:00