Enhancement: read electrum seeds from STDIN or a file #53
Comments
|
Thanks for letting me know @leto. I'll be pushing back the fork height while I work out a patch. Sorry, I just saw this now. |
|
Does the wallet exit properly? |
|
In the past, I've always recommended people use the |
who-biz
added
advisory
|
@who-biz I didn't really know how to recover/import my wallet to a new machine, so I just read --help and after doing the wrong thing various times, I figured out something that worked. I was confused about "electrum seed", because I used the seedphrase generated by a blur full node, but I either failed to use --restore-deterministric or it wasn't clear that I should have used that. If I should just use that, maybe no work is needed. What is the difference between --restore-deterministric and --electrum-seed ? |
As nearly as I can tell, not much. Electrum style seeds are used as default in our codebase, by inheritance from XMR, since launch. From that information, they should be the same command. So the fix, if that's the case, would just be a matter of removing the --electrum-seed option completely, and updating the help text since you've let me know that its lacking proper instruction. |
|
Something that was waiting down the pipeline as well, was separating the viewkey and spendkey so that the viewkey is not deterministic (derived from the spendkey, of which the mnemonic is a representation). I think this is a disavowal of established best-practices, and to the best of my understanding, was eliminated because a single mnemonic couldn't be used to generate two distinctly unrelated keypairs. That was a problem for MyMonero mainly, and general usability. But since, we don't have any plans to use any solutions that are like MyMonero's requirement to divulge your keys... I dont see anything but good that could come from a reversion to that practice. A loss in usability maybe, but a worthwhile one for a gain in security. |
|
[reverted in master] |
Lastly, you can find the procedure for the seed phrase restore here #24... with the possible issues in ChaCha20Poly1305, I would recommend just sending those coins to a new wallet, while further investigation into that matter takes place |
who-biz
added
enhancement
|
The help text from this original issue has been amended in commit 8a15a76 & in 14777ad. Electrum seed option and prompts (when missing for other options) have been removed. I am going to |
Currently when using
--restore-deterministic-wallet --electrum-seed "the seedphrase"it means that the seedphrase can be seen in a trivial
psoutput and will also potentially be in shell history. This is not just a short running process, when recovering a wallet and leaving it running, the seedphrase can be seen in the process arguments until the wallet is exited.Instead of the current behavior of giving an error if no seedphrase is specified, the wallet would attempt to read it from STDIN. There could also be a new --electrum-seed-file as well.
The text was updated successfully, but these errors were encountered: