Why don't wallets show addresses as mnemonic words? \ stacker news ~bitcoin

Why don't wallets show addresses as mnemonic words?

4152 sats \ 19 comments \ @joda 1 Feb bitcoin

zaps forwarded to @anita (50%) @calle (50%)

It's such a pain to check addresses when sending. Now I KNOW it would be long since you'd presumably convert to binary and then to mnemonics, and I'm too lazy to do the math. But imagine if instead of

bc1qzyda53xqwkqruex3mzwvpja04x23r572mygpgfc90qckdw2cwwaqr2h70u

you saw

fold laptop kitten marine impulse roast hundred brown desk ride broken advice appear awkward job logic elevator boy alert above shiver thought grace tone.

Or couldn't you just hash it and give an abbreviated version, since any change to it would change all the words?

view all related items

856 sats \ 3 replies \ @Krv 1 Feb

It could be done. I'm not sure of the merits. I would guess that it could create confusion based on what seeds are currently used for.

In terms of addresses, I look at about 5 characters after the bc1, the last few, and identify patterns in between. Due to checksums, and the massive amount of randomness of an address, it's unlikely to find 3 or more matching segments in two different addresses you encounter.

11 sats \ 0 replies \ @Krv 1 Feb

Another thing I would do was run it through md5sum on both computers. On linux: echo "bc1qzyda53xqwkqruex3mzwvpja04x23r572mygpgfc90qckdw2cwwaqr2h70u" | md5sum

12b0f10292c89d8be2e154ead4b8c819 -

Even a single character wrong makes a completely different hash. Thus, if they have the same lead 6 or so digits, they are virtually certain to be the same.

0 sats \ 1 reply \ @joda OP 1 Feb

Same.

And good point about confusion. But because of the randomness, I think there could be a function that hashes and shows you like four words to confirm. It could also be a different word list.

It is just such a source of friction for new users and it seems both really technical and unnecessary. I mean, you KNOW that can't happen if we get to large institutional custodial transfers.

10 sats \ 0 replies \ @Krv 1 Feb

Seedsigner, and some other address tools use a 6 or 8 character hex fingerprint for the seeds. Maybe a fingerprint could be created for an address.

583 sats \ 0 replies \ @WeAreAllSatoshi 1 Feb

Dude don’t share my seed phrase like that!

118 sats \ 0 replies \ @nout 1 Feb

One thing that would also slightly help is having some spacing in the address, like bc1p5d 7rjq7g 6rdk2y hzks9s mlaqte dr4dek q08ge8 ztwac7 2sfr9r usxg32 97

40 sats \ 0 replies \ @BTC_LN 1 Feb

Let's hope that's not your actual seed! 😅

In basic terms: The seed words are like a trunk of a tree. You must keep them confidential and never reveal to anyone.

The public addresses are like leafs on that tree generated from the seed. You can share these addresses so people can send you money.

In a bit more advanced terms: The seed on its own is not sufficient to generate your wallet, you also need a passphrase if you set one and you also need a derivation path.

The derivation path is like main branches of the tree. You decide which version you gonna use. You own all the leafs on all the branches, but you typically only use one branch.

The leafs can be imagined as having two sides. Each public address you generate has a corresponding private address technically, but this complication is hidden in most wallets. All you see if the seed (to be kept secret) and the public addressed (to be shared).

120 sats \ 4 replies \ @gbks 1 Feb

Visual formatting (example) can make this a lot easier.

There's also the idea of identicons to create a unique graphic for a quick visual check (just has the chicken-end-egg problem since it requires both places that show the address to also show the visual).

10 sats \ 2 replies \ @saunter 1 Feb

i love the identicon idea

unlikely to be adopted though :/

0 sats \ 1 reply \ @joda OP 1 Feb

They're cool but I'm not sure about the security. Looks like 2^25 possible icons. Would make a great quick second level check though.

0 sats \ 0 replies \ @gbks 2 Feb

Color is also a variable. Lots of variations on this idea, too, that might be better for security and legibility.

Totally agree that it's more of a quick gut-check. In most cases, it would just take a split second to compare two of these.

0 sats \ 0 replies \ @joda OP 1 Feb

that visual formatting helps a TON. Both grouping AND alternating colors.

10 sats \ 1 reply \ @calle fwd 1 Feb

Thank you for the zap forward 🙏 I don't know how I deserved this but I'm very grateful for it

0 sats \ 0 replies \ @joda OP 1 Feb

you do cool stuff 🙏

10 sats \ 0 replies \ @Fabs 1 Feb

Yeah, I'd vote for something like that.

10 sats \ 1 reply \ @midas 1 Feb

Do you need to even check the full address?

On my wallet, I can only see the first 5 and last 5 characters for me to check and confirm.

0 sats \ 0 replies \ @joda OP 1 Feb

I suppose that's good enough for small to medium amounts. It would be quite hard for someone to create an address that they own that has the same first and last 5 characters. But if they were sophisticated and had your extended public key for some reason (like you had given it to an exchange you buy from), it is possible.

Also, not all wallets are like that. Smaller hardware wallets or software wallets with poor UI sometimes scroll the whole address, which is pretty annoying.

10 sats \ 0 replies \ @nullama 1 Feb

Not sure about that, I want to double check the address is exactly what I expect it to be.

There would be no way to know if there's a man in the middle attack with the proposed method.

I just check the beginning and the end of the address.

Almost zero chances to get a different address with same beginning and end.

10 sats \ 0 replies \ @OriginalSize 1 Feb

An address is just a representation of the hash of the pubkey. Bech32 was an improvement on the base58 ones. There's no reason that bech32 would be the end. That being said there are requirements that a bag of words wouldn't satisfy. Whatever the form users need to check a sufficient number of bits to ensure accuracy. Words may or may not make that easier.