From 6bc81068621d9e0b769df45820af2ca9ccd250a6 Mon Sep 17 00:00:00 2001 From: ehanoc Date: Tue, 4 Jul 2023 09:00:50 +0000 Subject: [PATCH 1/7] Wallet derivations alignment --- ARCs/arc-0044.md | 67 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 ARCs/arc-0044.md diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md new file mode 100644 index 000000000..5640b88f5 --- /dev/null +++ b/ARCs/arc-0044.md @@ -0,0 +1,67 @@ +--- +arc: 044 +title: Algorand BIP44 HD Wallet derivations +description: Specification to support BIP44 +author: Bruno Martins (@ehanoc, bruno.martins@algorand.foundation) +discussions-to: +status: Proposed +type: Standards Track +category: Interface +created: 2023-06-30 +--- + +# Algorand BIP44 HD Wallet derivations\ + +## **Abstract** + +Proposal for standardization of Algorand's HD wallets and BIP44 derivation path. By establishing a consistent approach to wallet generation and key derivation, this ARC aims to enhance interoperability and compatibility across different wallets, applications, and services. + +## **Motivation** + +Currently, the Algorand ecosystem lacks a standardized methodology for HD wallet generation and key derivation paths. This absence of a consistent approach results in fragmentation and challenges for wallet developers, users, and the broader Algorand community. Standardization will improve the user experience, promote interoperability, and foster the development of a robust and secure ecosystem. + +## **Known Derivation Implementations** + +- `Ledger`: Supporting already the derivation path `m/44'/283'/0'/0/0` for Algorand. +- `Trezor` : N/A +- `kmd` : No BIP32/44 derivations, but HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in [RFC 5869](https://www.rfc-editor.org/rfc/rfc5869.html) + +## **Specification** + +### **BIP44 Derivation Path** + +The BIP44 path structure follows the format: `m/purpose'/coin_type'/account'/change/address_index`. + +`m`: The root key of the HD wallet. + +`purpose`': The purpose field indicating the usage of this path. + +`coin_type`': The coin type field indicating the specific cryptocurrency. + +`account`': The account index. + +`change`: The change index. + +`address_index`: The index of a specific address generated by the wallet. + +#### **Specification For Algorand** + +The following table outlines the derivation path for Algorand wallets: + +| Purpose | Coin Type | Account | Change | Address Index | Description | +| :-----: | :-------: | :-----: | :----: | :-----------: | :---------: | +| 44' | 283' | x' | x | x | Algorand Addresses | + +Please note the \' symbol after each field. This symbol indicates that the field is hardened. See [BIP32 Extended Keys](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#extended-keys) + +### **HD Wallet Generation** +The standardization will also cover HD wallet generation, ensuring compatibility across different wallet implementations. Wallets adhering to this standard must use the BIP39 standard for mnemonic phrases and BIP32 for key derivation. The following steps outline the HD wallet generation process: + +Generate a random mnemonic phrase of 12 or 24 words using BIP39. +Derive a seed from the mnemonic phrase using BIP39. +Derive the master key from the seed using BIP32. +Derive the account-level keys from the master key using the BIP44 derivation path with the appropriate purpose, coin type, account index, change index, and address index. +Derive change and address-level keys from the account-level keys using the BIP44 derivation path. + +### **Wallet Compatibility** +Wallets adhering to this standard will be compatible with each other and with applications and services built on the Algorand blockchain. Wallet users will be able to import their account into any compatible wallet by using their mnemonic phrase or extended public key (xpub). The compatibility will ensure a seamless user experience and facilitate the adoption of Algorand across various platforms. \ No newline at end of file From 859f3771c69aedc0f1edb1a1999c1aa2bd2facc3 Mon Sep 17 00:00:00 2001 From: ehanoc Date: Tue, 4 Jul 2023 09:27:38 +0000 Subject: [PATCH 2/7] update phrase size --- ARCs/arc-0044.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index 5640b88f5..75da7f5d9 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -57,7 +57,7 @@ Please note the \' symbol after each field. This symbol indicates that the field ### **HD Wallet Generation** The standardization will also cover HD wallet generation, ensuring compatibility across different wallet implementations. Wallets adhering to this standard must use the BIP39 standard for mnemonic phrases and BIP32 for key derivation. The following steps outline the HD wallet generation process: -Generate a random mnemonic phrase of 12 or 24 words using BIP39. +Generate a random mnemonic phrase of 12 or 24 / 25 words using BIP39. Derive a seed from the mnemonic phrase using BIP39. Derive the master key from the seed using BIP32. Derive the account-level keys from the master key using the BIP44 derivation path with the appropriate purpose, coin type, account index, change index, and address index. From 46ba35a03b378e0d9bb3efeb0fa9ec8667d123e7 Mon Sep 17 00:00:00 2001 From: ehanoc Date: Tue, 4 Jul 2023 12:13:38 +0000 Subject: [PATCH 3/7] Introduce multiple Context in derivation paths --- ARCs/arc-0044.md | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index 75da7f5d9..2b13a4f1f 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -10,7 +10,7 @@ category: Interface created: 2023-06-30 --- -# Algorand BIP44 HD Wallet derivations\ +# Algorand BIP44 HD Wallet derivations ## **Abstract** @@ -46,14 +46,23 @@ The BIP44 path structure follows the format: `m/purpose'/coin_type'/account'/cha #### **Specification For Algorand** -The following table outlines the derivation path for Algorand wallets: +The following table outlines the derivation path for Algorand wallets. The table introduces the ability for wallets to generate keys for a specific (optional) Context. -| Purpose | Coin Type | Account | Change | Address Index | Description | -| :-----: | :-------: | :-----: | :----: | :-----------: | :---------: | +| Purpose | Coin Type | Account | Change | Address Index | Context | +| :-----: | :-------: | :-----: | :----: | :-----------: | :-----------------: | | 44' | 283' | x' | x | x | Algorand Addresses | +| 44' | 0' | x' | x | x | Identity Keys | Please note the \' symbol after each field. This symbol indicates that the field is hardened. See [BIP32 Extended Keys](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#extended-keys) +##### **Contexts** + +- **Algorand Addresses**: The context for deriving Algorand addresses. This context is used to derive the public keys for Algorand addresses. + +- **Identity Keys**: The context for deriving identity keys. These can be used for Decentralized Identifiers (DIDs) and other identity-related use cases. Path `m/44'/0'/x'/x/x` is the one suggested in the [W3C Universal Wallet Interoperability Spec](https://w3c-ccg.github.io/universal-wallet-interop-spec/#hd-wallets). + +- Others can / should be added in the future. + ### **HD Wallet Generation** The standardization will also cover HD wallet generation, ensuring compatibility across different wallet implementations. Wallets adhering to this standard must use the BIP39 standard for mnemonic phrases and BIP32 for key derivation. The following steps outline the HD wallet generation process: From da5a0c5d223e5292c9ef40b8d3e5cc9902c96857 Mon Sep 17 00:00:00 2001 From: ehanoc Date: Tue, 4 Jul 2023 12:19:25 +0000 Subject: [PATCH 4/7] Add contextual section --- ARCs/arc-0044.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index 2b13a4f1f..8862bfac9 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -26,6 +26,10 @@ Currently, the Algorand ecosystem lacks a standardized methodology for HD wallet - `Trezor` : N/A - `kmd` : No BIP32/44 derivations, but HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in [RFC 5869](https://www.rfc-editor.org/rfc/rfc5869.html) +## **Contextual Derivations** + +We might need to derive keys for many different purposes and want to avoid re-using the same keys. Some possible contextual derivations can be for the purpose of generating keys for algorand addresses, identity such as DIDs, authentication, messaging, etc. + ## **Specification** ### **BIP44 Derivation Path** From b70648f3e47dcb59fa73f4b0e960b433a227d472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Tue, 4 Jul 2023 14:30:02 +0200 Subject: [PATCH 5/7] fix linting --- ARCs/arc-0044.md | 47 +++++++++++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 20 deletions(-) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index 8862bfac9..ed6e5943c 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -1,10 +1,10 @@ --- -arc: 044 +arc: 44 title: Algorand BIP44 HD Wallet derivations -description: Specification to support BIP44 -author: Bruno Martins (@ehanoc, bruno.martins@algorand.foundation) -discussions-to: -status: Proposed +description: Specification to support BIP44 +author: Bruno Martins (@ehanoc) +discussions-to: https://github.com/algorandfoundation/ARCs/issues/224 +status: Draft type: Standards Track category: Interface created: 2023-06-30 @@ -17,20 +17,10 @@ created: 2023-06-30 Proposal for standardization of Algorand's HD wallets and BIP44 derivation path. By establishing a consistent approach to wallet generation and key derivation, this ARC aims to enhance interoperability and compatibility across different wallets, applications, and services. ## **Motivation** - -Currently, the Algorand ecosystem lacks a standardized methodology for HD wallet generation and key derivation paths. This absence of a consistent approach results in fragmentation and challenges for wallet developers, users, and the broader Algorand community. Standardization will improve the user experience, promote interoperability, and foster the development of a robust and secure ecosystem. - -## **Known Derivation Implementations** - -- `Ledger`: Supporting already the derivation path `m/44'/283'/0'/0/0` for Algorand. -- `Trezor` : N/A -- `kmd` : No BIP32/44 derivations, but HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in [RFC 5869](https://www.rfc-editor.org/rfc/rfc5869.html) - -## **Contextual Derivations** - -We might need to derive keys for many different purposes and want to avoid re-using the same keys. Some possible contextual derivations can be for the purpose of generating keys for algorand addresses, identity such as DIDs, authentication, messaging, etc. +Currently, the Algorand ecosystem lacks a standardized methodology for HD wallet generation and key derivation paths. This absence of a consistent approach results in fragmentation and challenges for wallet developers, users, and the broader Algorand community. ## **Specification** +The key words "**MUST**", "**MUST NOT**", "**REQUIRED**", "**SHALL**", "**SHALL NOT**", "**SHOULD**", "**SHOULD NOT**", "**RECOMMENDED**", "**MAY**", and "**OPTIONAL**" in this document are to be interpreted as described in RFC-2119. ### **BIP44 Derivation Path** @@ -57,13 +47,13 @@ The following table outlines the derivation path for Algorand wallets. The table | 44' | 283' | x' | x | x | Algorand Addresses | | 44' | 0' | x' | x | x | Identity Keys | -Please note the \' symbol after each field. This symbol indicates that the field is hardened. See [BIP32 Extended Keys](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#extended-keys) +Please note the \' symbol after each field. This symbol indicates that the field is hardened. See BIP32 Extended Keys. ##### **Contexts** - **Algorand Addresses**: The context for deriving Algorand addresses. This context is used to derive the public keys for Algorand addresses. -- **Identity Keys**: The context for deriving identity keys. These can be used for Decentralized Identifiers (DIDs) and other identity-related use cases. Path `m/44'/0'/x'/x/x` is the one suggested in the [W3C Universal Wallet Interoperability Spec](https://w3c-ccg.github.io/universal-wallet-interop-spec/#hd-wallets). +- **Identity Keys**: The context for deriving identity keys. These can be used for Decentralized Identifiers (DIDs) and other identity-related use cases. Path `m/44'/0'/x'/x/x` is the one suggested in the W3C Universal Wallet Interoperability Spec. - Others can / should be added in the future. @@ -77,4 +67,21 @@ Derive the account-level keys from the master key using the BIP44 derivation pat Derive change and address-level keys from the account-level keys using the BIP44 derivation path. ### **Wallet Compatibility** -Wallets adhering to this standard will be compatible with each other and with applications and services built on the Algorand blockchain. Wallet users will be able to import their account into any compatible wallet by using their mnemonic phrase or extended public key (xpub). The compatibility will ensure a seamless user experience and facilitate the adoption of Algorand across various platforms. \ No newline at end of file +Wallets adhering to this standard will be compatible with each other and with applications and services built on the Algorand blockchain. Wallet users will be able to import their account into any compatible wallet by using their mnemonic phrase or extended public key (xpub). The compatibility will ensure a seamless user experience and facilitate the adoption of Algorand across various platforms. + +## Rationale +Standardization will improve the user experience, promote interoperability, and foster the development of a robust and secure ecosystem. + +### **Known Derivation Implementations** +- `Ledger`: Supporting already the derivation path `m/44'/283'/0'/0/0` for Algorand. +- `Trezor` : N/A +- `kmd` : No BIP32/44 derivations, but HMAC-based Extract-and-Expand Key Derivation Function (HKDF) as defined in RFC-5869. + +### **Contextual Derivations** +We might need to derive keys for many different purposes and want to avoid re-using the same keys. Some possible contextual derivations can be for the purpose of generating keys for algorand addresses, identity such as DIDs, authentication, messaging, etc. + +## Security Considerations +Todo + +## Copyright +Copyright and related rights waived via CCO. From c721aaa33da8caff02f2a01061b3fb846eb6c510 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane?= Date: Tue, 4 Jul 2023 14:43:57 +0200 Subject: [PATCH 6/7] Adding External link to BIP 39 - 44 --- ARCs/arc-0044.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index ed6e5943c..5e16aec97 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -14,7 +14,7 @@ created: 2023-06-30 ## **Abstract** -Proposal for standardization of Algorand's HD wallets and BIP44 derivation path. By establishing a consistent approach to wallet generation and key derivation, this ARC aims to enhance interoperability and compatibility across different wallets, applications, and services. +Proposal for standardization of Algorand's HD wallets and BIP44. derivation path. By establishing a consistent approach to wallet generation and key derivation, this ARC aims to enhance interoperability and compatibility across different wallets, applications, and services. ## **Motivation** Currently, the Algorand ecosystem lacks a standardized methodology for HD wallet generation and key derivation paths. This absence of a consistent approach results in fragmentation and challenges for wallet developers, users, and the broader Algorand community. @@ -58,7 +58,7 @@ Please note the \' symbol after each field. This symbol indicates that the field - Others can / should be added in the future. ### **HD Wallet Generation** -The standardization will also cover HD wallet generation, ensuring compatibility across different wallet implementations. Wallets adhering to this standard must use the BIP39 standard for mnemonic phrases and BIP32 for key derivation. The following steps outline the HD wallet generation process: +The standardization will also cover HD wallet generation, ensuring compatibility across different wallet implementations. Wallets adhering to this standard must use the BIP39 standard for mnemonic phrases and BIP32 for key derivation. The following steps outline the HD wallet generation process: Generate a random mnemonic phrase of 12 or 24 / 25 words using BIP39. Derive a seed from the mnemonic phrase using BIP39. From 34007df9ef668e3057f479673d4bc453db156c13 Mon Sep 17 00:00:00 2001 From: ehanoc Date: Wed, 5 Jul 2023 11:34:38 +0000 Subject: [PATCH 7/7] Add Security Considerations --- ARCs/arc-0044.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/ARCs/arc-0044.md b/ARCs/arc-0044.md index ed6e5943c..8473199af 100644 --- a/ARCs/arc-0044.md +++ b/ARCs/arc-0044.md @@ -81,7 +81,12 @@ Standardization will improve the user experience, promote interoperability, and We might need to derive keys for many different purposes and want to avoid re-using the same keys. Some possible contextual derivations can be for the purpose of generating keys for algorand addresses, identity such as DIDs, authentication, messaging, etc. ## Security Considerations -Todo +The security of a HD wallet is dependent on the security of the mnemonic phrase. Although different actors may have different security requirements, the following guidelines are recommended: + +- Is the responsibility of the **USER** to keep the mnemonic phrase safe and secure. +- Is the responsibility of the **WALLET** to provide a secure storage for the mnemonic phrase. +- Is the responsibility of the **WALLET** to not populate the application's runtime memory with the mnemonic phrase or unnecessary key material. + - It's recommended, if possible, that the **key management service (KMS)** used by the wallet does **NOT** share runtime memory space with the wallet application ## Copyright Copyright and related rights waived via CCO.