A wise man once said we should not normalize making people type seeds (BIP39) into text boxes. And I wholeheartedly agree.
he seed is meant to be stored in a safe place. preferably not on a device connected to the internet if on a device at all. Typing it into an app defeats it's purpose, no?
Security through obscurity is not a solution
A private key is a private key, regardless of format, should be managed with caution. I think that we should educate about that, otherwise the user will keep the seed on steel in the safe and then will share the bech32 private key thinking that a qrcode cannot harm. The key point is evaluate the risks and decide if the specific private key can be imported in a hot wallet/service. And the value is not only economic: perhaps for example could be "safe" to share a hot wallet private key with few sats but not the one that manages my identity on a social network.
Completely agree with what you are saying.
However, in this case, I think this is a UX issue, not a "security by obscurity" issue. One could argue that a mnemonic seed is also a different representation of a seed, just like the bech32 representation, would you agree?
reply
I absolutely agree. For this exact reason (different representation of a seed) I think we cannot demonize the menmonic preferring other formats.
So I cannot understand why "the secret is presented as bech32 encoded string" should be a preferred solution against a mnemonic seed (aside from the fact that you share a single private key insterad a bip39 master key, but here we are talking about formats and UX, not keys tipology).
Perhaps I misunderstood something?
reply
These were exactly my thoughts before. After some thinking I changed my views. Please, take no offense, it is totally okay to have a different opinion on this.
I just don't want to drift into a world where people not as educated as you put in their seed words just because a random app prompts them to. Sure, all that's needed is a "little" education and healthy skepticism, but that's arguably very hard. Imho, it's better to try "avoiding" it in the first place.
Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.
reply
Thank for your kindness :)
Fun fact: It is in fact a bip32 master key. But you can only put funds on it if you know thy tools.
You developed a tool and without any doubt have more experience in the field and thought a lot about the best approach, so I'm really interested in you opinion.
I played with https://lnpass.github.io, from the export function I grasped what you mean! You would like to create a "closed" login app where the bip32 master key is not so obvious, so it cannot be used as a standard wallet. Fair, but I would prefer a more transparent approach where the user can easily export and migrate to to another LN wallet, for example.
reply