CIP-0003

Abstract

Many wallets utilize some way of mapping a sentence of words (easy to read and write for humans) uniquely back and forth to a sized binary data (harder to remember).

This document outlines the various mapping algorithms used in the Cardano ecosystem.

Motivation: why is this CIP necessary?

The philosophy of cryptocurrencies is that you are in charge of your own finances. Therefore, it is very anti-thematic for wallet software to lock in a user by explicitly describing the algorithm used to derive keys for a wallet (both the master key and key derivation)

To this end, this document outlines all the relevant key generation algorithms used in the Cardano ecosystem.

Specification

Recovery Phrase (mnemonic) Generation

Conversion from a recovery phrase to entropy is the same as described in BIP39.

Hierarchical Deterministic Wallets

In Cardano, hierarchical deterministic (abbrev. HD) wallets are similar to those described in BIP-0032. Notably, we use a variation called ED25519-BIP32. A reference implementation can be found here.

Master Key Generation

The master key generation is the mean by which on turns an initial entropy into a secure cryptographic key.

More specifically, the generation is a function from an initial seed to an extended private key (abbrev. XPrv) composed of:

64 bytes: an extended Ed25519 secret key composed of:
- 32 bytes: Ed25519 curve scalar from which few bits have been tweaked according to ED25519-BIP32
- 32 bytes: Ed25519 binary blob used as IV for signing
32 bytes: chain code for allowing secure child key derivation

History

Throughout the years, Cardano has used different styles of master key generation:

Name	Used by	Address prefix in Byron	Is deprecated?	Is Recommended?
Byron	Daedalus	Ddz	Yes	No
Icarus	Yoroi, Daedalus	Ae2	No	Yes
Icarus-Trezor	Trezor	Ae2	No	No
Ledger/BitBox02	Ledger/BitBox02	Ae2	No	No

Rationale: how does this CIP achieve its goals?

This CIP is merely to document the existing standards and not to provide rationales for the various methods used.

However, you can learn more at the following links:

Path to Active

Acceptance Criteria

Each generation method is documented and provides test vectors in a language-agnostic way.
There exists reference implementations in various languages for each method.
At least 2 Cardano wallets (e.g. Yoroi & Daedalus) implement these methods.

Implementation Plan

Implementation of each algorithm will be carried out in Yoroi and Daedalus (via cardano-wallet) by Emurgo and Input Output respectively.

Copyright

This CIP is licensed under CC-BY-4.0.

CIP Information

This null ./CIP-0003 created on 2020-05-07 has the status: Active.
This page was generated automatically from: cardano-foundation/CIPs.

Abstract​

Motivation: why is this CIP necessary?​

Specification​

Recovery Phrase (mnemonic) Generation​

Hierarchical Deterministic Wallets​

Master Key Generation​

History​

Rationale: how does this CIP achieve its goals?​

Path to Active​

Acceptance Criteria​

Implementation Plan​

Copyright​

CIP Information​