From 48e8615ce0bb3fb5892057afd40eb46a883b37d2 Mon Sep 17 00:00:00 2001 From: kaiwitt Date: Sun, 22 Aug 2021 22:04:55 +0200 Subject: [PATCH 1/5] Implement first draft --- .gitignore | 2 + Cargo.lock | 64 +++++++++++ Cargo.toml | 9 ++ src/lib.rs | 314 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 389 insertions(+) create mode 100644 .gitignore create mode 100644 Cargo.lock create mode 100644 Cargo.toml create mode 100644 src/lib.rs diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bdc789e --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +/target +todos.txt diff --git a/Cargo.lock b/Cargo.lock new file mode 100644 index 0000000..7448778 --- /dev/null +++ b/Cargo.lock @@ -0,0 +1,64 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "bip39" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9e89470017230c38e52b82b3ee3f530db1856ba1d434e3a67a3456a8a8dec5f" +dependencies = [ + "bitcoin_hashes", + "rand_core", + "serde", + "unicode-normalization", +] + +[[package]] +name = "bitcoin_hashes" +version = "0.9.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ce18265ec2324ad075345d5814fbeed4f41f0a660055dc78840b74d19b874b1" + +[[package]] +name = "maybe-uninit" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00" + +[[package]] +name = "rand_core" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" + +[[package]] +name = "seed-xor" +version = "0.1.0" +dependencies = [ + "bip39", +] + +[[package]] +name = "serde" +version = "1.0.128" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1056a0db1978e9dbf0f6e4fca677f6f9143dc1c19de346f22cac23e422196834" + +[[package]] +name = "smallvec" +version = "0.6.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b97fcaeba89edba30f044a10c6a3cc39df9c3f17d7cd829dd1446cab35f890e0" +dependencies = [ + "maybe-uninit", +] + +[[package]] +name = "unicode-normalization" +version = "0.1.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "09c8070a9942f5e7cfccd93f490fdebd230ee3c3c9f107cb25bad5351ef671cf" +dependencies = [ + "smallvec", +] diff --git a/Cargo.toml b/Cargo.toml new file mode 100644 index 0000000..ad5624a --- /dev/null +++ b/Cargo.toml @@ -0,0 +1,9 @@ +[package] +name = "seed-xor" +version = "0.1.0" +edition = "2018" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dependencies] +bip39 = "1.0.1" \ No newline at end of file diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..5e7fab0 --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,314 @@ +use bip39::Mnemonic; + +// TODO: calculate/guess last word +// TODO: Remove unwrap and other panicky funk +// TODO: Documentation +// TODO: Write tests +// TODO: make macro +pub fn seed_xor(mnemonic1: &Mnemonic, mnemonic2: &Mnemonic) -> Result { + if mnemonic1.word_count() == mnemonic2.word_count() { + return Err("XOR for different word lenghts are not defined"); + } + + let mut words = convert_words_to_bytes(mnemonic1.word_iter())?; + let words2 = convert_words_to_bytes(mnemonic2.word_iter())?; + + for (i, word) in words.iter_mut().enumerate() { + *word ^= words2.get(i).unwrap(); + } + Ok(convert_bytes_to_mnemonic(&words)?) +} + +fn convert_bytes_to_mnemonic(bytes: &Vec) -> Result { + let mut indexes = Vec::::with_capacity(24); + + let mut helper: u16 = 0; + let mut cut: u8 = 0; + for (i, byte) in bytes.iter().enumerate() { + match i % 3 { + 0 => { + helper = (*byte as u16) << 4; + } + 1 => { + helper |= (byte >> 4) as u16; // wrap or no wrap??? + cut = byte << 4; + indexes.push(helper.into()); + } + // Only 2? + _ => { + helper = (cut << 8) as u16; + helper |= *byte as u16; + indexes.push(helper.into()); + } + } + } + + let words: Vec<&str> = indexes.into_iter().map(|i| WORDS[i]).collect(); + return Ok(Mnemonic::parse(words.join(" ")).unwrap()); +} + +// TODO: return iterator? +// TODO: enumerate and check mod 2 instead of first_word variable +/// One word is represented with 3 hex = 1.5 Bytes, we need 2 words = 6 hex = 3bytes +fn convert_words_to_bytes<'a, W>(words: W) -> Result, &'static str> +where + W: Iterator, +{ + // max words 24 á 3 bytes = 36 bytes + let mut result = Vec::::with_capacity(36); + let mut wordlist = WORDS.iter(); + let mut first_word = None::<&str>; + for word in words { + if first_word.is_none() { + first_word = Some(word); + continue; + } + let first: u32; + let second: u32; + match wordlist.position(|&w| w == first_word.unwrap()) { + Some(index) => { + first = index as u32 & TWELVE_BITS; + } + None => return Err(ERR), + } + match wordlist.position(|&w| w == word) { + Some(index) => { + second = index as u32 & TWELVE_BITS; + } + None => return Err(ERR), + } + + let bytes: [u8; 4] = ((first << 12) & second).to_be_bytes(); + bytes[1..].iter().for_each(|b| result.push(*b)); + + first_word = None; + } + + Ok(result) +} + +const ERR: &str = "Words contains a word which is not in the standard word list"; + +const TWELVE_BITS: u32 = 0b111111111111; + +const WORDS: [&str; 2048] = [ + "abandon", "ability", "able", "about", "above", "absent", "absorb", "abstract", "absurd", + "abuse", "access", "accident", "account", "accuse", "achieve", "acid", "acoustic", "acquire", + "across", "act", "action", "actor", "actress", "actual", "adapt", "add", "addict", "address", + "adjust", "admit", "adult", "advance", "advice", "aerobic", "affair", "afford", "afraid", + "again", "age", "agent", "agree", "ahead", "aim", "air", "airport", "aisle", "alarm", "album", + "alcohol", "alert", "alien", "all", "alley", "allow", "almost", "alone", "alpha", "already", + "also", "alter", "always", "amateur", "amazing", "among", "amount", "amused", "analyst", + "anchor", "ancient", "anger", "angle", "angry", "animal", "ankle", "announce", "annual", + "another", "answer", "antenna", "antique", "anxiety", "any", "apart", "apology", "appear", + "apple", "approve", "april", "arch", "arctic", "area", "arena", "argue", "arm", "armed", + "armor", "army", "around", "arrange", "arrest", "arrive", "arrow", "art", "artefact", "artist", + "artwork", "ask", "aspect", "assault", "asset", "assist", "assume", "asthma", "athlete", + "atom", "attack", "attend", "attitude", "attract", "auction", "audit", "august", "aunt", + "author", "auto", "autumn", "average", "avocado", "avoid", "awake", "aware", "away", "awesome", + "awful", "awkward", "axis", "baby", "bachelor", "bacon", "badge", "bag", "balance", "balcony", + "ball", "bamboo", "banana", "banner", "bar", "barely", "bargain", "barrel", "base", "basic", + "basket", "battle", "beach", "bean", "beauty", "because", "become", "beef", "before", "begin", + "behave", "behind", "believe", "below", "belt", "bench", "benefit", "best", "betray", "better", + "between", "beyond", "bicycle", "bid", "bike", "bind", "biology", "bird", "birth", "bitter", + "black", "blade", "blame", "blanket", "blast", "bleak", "bless", "blind", "blood", "blossom", + "blouse", "blue", "blur", "blush", "board", "boat", "body", "boil", "bomb", "bone", "bonus", + "book", "boost", "border", "boring", "borrow", "boss", "bottom", "bounce", "box", "boy", + "bracket", "brain", "brand", "brass", "brave", "bread", "breeze", "brick", "bridge", "brief", + "bright", "bring", "brisk", "broccoli", "broken", "bronze", "broom", "brother", "brown", + "brush", "bubble", "buddy", "budget", "buffalo", "build", "bulb", "bulk", "bullet", "bundle", + "bunker", "burden", "burger", "burst", "bus", "business", "busy", "butter", "buyer", "buzz", + "cabbage", "cabin", "cable", "cactus", "cage", "cake", "call", "calm", "camera", "camp", "can", + "canal", "cancel", "candy", "cannon", "canoe", "canvas", "canyon", "capable", "capital", + "captain", "car", "carbon", "card", "cargo", "carpet", "carry", "cart", "case", "cash", + "casino", "castle", "casual", "cat", "catalog", "catch", "category", "cattle", "caught", + "cause", "caution", "cave", "ceiling", "celery", "cement", "census", "century", "cereal", + "certain", "chair", "chalk", "champion", "change", "chaos", "chapter", "charge", "chase", + "chat", "cheap", "check", "cheese", "chef", "cherry", "chest", "chicken", "chief", "child", + "chimney", "choice", "choose", "chronic", "chuckle", "chunk", "churn", "cigar", "cinnamon", + "circle", "citizen", "city", "civil", "claim", "clap", "clarify", "claw", "clay", "clean", + "clerk", "clever", "click", "client", "cliff", "climb", "clinic", "clip", "clock", "clog", + "close", "cloth", "cloud", "clown", "club", "clump", "cluster", "clutch", "coach", "coast", + "coconut", "code", "coffee", "coil", "coin", "collect", "color", "column", "combine", "come", + "comfort", "comic", "common", "company", "concert", "conduct", "confirm", "congress", + "connect", "consider", "control", "convince", "cook", "cool", "copper", "copy", "coral", + "core", "corn", "correct", "cost", "cotton", "couch", "country", "couple", "course", "cousin", + "cover", "coyote", "crack", "cradle", "craft", "cram", "crane", "crash", "crater", "crawl", + "crazy", "cream", "credit", "creek", "crew", "cricket", "crime", "crisp", "critic", "crop", + "cross", "crouch", "crowd", "crucial", "cruel", "cruise", "crumble", "crunch", "crush", "cry", + "crystal", "cube", "culture", "cup", "cupboard", "curious", "current", "curtain", "curve", + "cushion", "custom", "cute", "cycle", "dad", "damage", "damp", "dance", "danger", "daring", + "dash", "daughter", "dawn", "day", "deal", "debate", "debris", "decade", "december", "decide", + "decline", "decorate", "decrease", "deer", "defense", "define", "defy", "degree", "delay", + "deliver", "demand", "demise", "denial", "dentist", "deny", "depart", "depend", "deposit", + "depth", "deputy", "derive", "describe", "desert", "design", "desk", "despair", "destroy", + "detail", "detect", "develop", "device", "devote", "diagram", "dial", "diamond", "diary", + "dice", "diesel", "diet", "differ", "digital", "dignity", "dilemma", "dinner", "dinosaur", + "direct", "dirt", "disagree", "discover", "disease", "dish", "dismiss", "disorder", "display", + "distance", "divert", "divide", "divorce", "dizzy", "doctor", "document", "dog", "doll", + "dolphin", "domain", "donate", "donkey", "donor", "door", "dose", "double", "dove", "draft", + "dragon", "drama", "drastic", "draw", "dream", "dress", "drift", "drill", "drink", "drip", + "drive", "drop", "drum", "dry", "duck", "dumb", "dune", "during", "dust", "dutch", "duty", + "dwarf", "dynamic", "eager", "eagle", "early", "earn", "earth", "easily", "east", "easy", + "echo", "ecology", "economy", "edge", "edit", "educate", "effort", "egg", "eight", "either", + "elbow", "elder", "electric", "elegant", "element", "elephant", "elevator", "elite", "else", + "embark", "embody", "embrace", "emerge", "emotion", "employ", "empower", "empty", "enable", + "enact", "end", "endless", "endorse", "enemy", "energy", "enforce", "engage", "engine", + "enhance", "enjoy", "enlist", "enough", "enrich", "enroll", "ensure", "enter", "entire", + "entry", "envelope", "episode", "equal", "equip", "era", "erase", "erode", "erosion", "error", + "erupt", "escape", "essay", "essence", "estate", "eternal", "ethics", "evidence", "evil", + "evoke", "evolve", "exact", "example", "excess", "exchange", "excite", "exclude", "excuse", + "execute", "exercise", "exhaust", "exhibit", "exile", "exist", "exit", "exotic", "expand", + "expect", "expire", "explain", "expose", "express", "extend", "extra", "eye", "eyebrow", + "fabric", "face", "faculty", "fade", "faint", "faith", "fall", "false", "fame", "family", + "famous", "fan", "fancy", "fantasy", "farm", "fashion", "fat", "fatal", "father", "fatigue", + "fault", "favorite", "feature", "february", "federal", "fee", "feed", "feel", "female", + "fence", "festival", "fetch", "fever", "few", "fiber", "fiction", "field", "figure", "file", + "film", "filter", "final", "find", "fine", "finger", "finish", "fire", "firm", "first", + "fiscal", "fish", "fit", "fitness", "fix", "flag", "flame", "flash", "flat", "flavor", "flee", + "flight", "flip", "float", "flock", "floor", "flower", "fluid", "flush", "fly", "foam", + "focus", "fog", "foil", "fold", "follow", "food", "foot", "force", "forest", "forget", "fork", + "fortune", "forum", "forward", "fossil", "foster", "found", "fox", "fragile", "frame", + "frequent", "fresh", "friend", "fringe", "frog", "front", "frost", "frown", "frozen", "fruit", + "fuel", "fun", "funny", "furnace", "fury", "future", "gadget", "gain", "galaxy", "gallery", + "game", "gap", "garage", "garbage", "garden", "garlic", "garment", "gas", "gasp", "gate", + "gather", "gauge", "gaze", "general", "genius", "genre", "gentle", "genuine", "gesture", + "ghost", "giant", "gift", "giggle", "ginger", "giraffe", "girl", "give", "glad", "glance", + "glare", "glass", "glide", "glimpse", "globe", "gloom", "glory", "glove", "glow", "glue", + "goat", "goddess", "gold", "good", "goose", "gorilla", "gospel", "gossip", "govern", "gown", + "grab", "grace", "grain", "grant", "grape", "grass", "gravity", "great", "green", "grid", + "grief", "grit", "grocery", "group", "grow", "grunt", "guard", "guess", "guide", "guilt", + "guitar", "gun", "gym", "habit", "hair", "half", "hammer", "hamster", "hand", "happy", + "harbor", "hard", "harsh", "harvest", "hat", "have", "hawk", "hazard", "head", "health", + "heart", "heavy", "hedgehog", "height", "hello", "helmet", "help", "hen", "hero", "hidden", + "high", "hill", "hint", "hip", "hire", "history", "hobby", "hockey", "hold", "hole", "holiday", + "hollow", "home", "honey", "hood", "hope", "horn", "horror", "horse", "hospital", "host", + "hotel", "hour", "hover", "hub", "huge", "human", "humble", "humor", "hundred", "hungry", + "hunt", "hurdle", "hurry", "hurt", "husband", "hybrid", "ice", "icon", "idea", "identify", + "idle", "ignore", "ill", "illegal", "illness", "image", "imitate", "immense", "immune", + "impact", "impose", "improve", "impulse", "inch", "include", "income", "increase", "index", + "indicate", "indoor", "industry", "infant", "inflict", "inform", "inhale", "inherit", + "initial", "inject", "injury", "inmate", "inner", "innocent", "input", "inquiry", "insane", + "insect", "inside", "inspire", "install", "intact", "interest", "into", "invest", "invite", + "involve", "iron", "island", "isolate", "issue", "item", "ivory", "jacket", "jaguar", "jar", + "jazz", "jealous", "jeans", "jelly", "jewel", "job", "join", "joke", "journey", "joy", "judge", + "juice", "jump", "jungle", "junior", "junk", "just", "kangaroo", "keen", "keep", "ketchup", + "key", "kick", "kid", "kidney", "kind", "kingdom", "kiss", "kit", "kitchen", "kite", "kitten", + "kiwi", "knee", "knife", "knock", "know", "lab", "label", "labor", "ladder", "lady", "lake", + "lamp", "language", "laptop", "large", "later", "latin", "laugh", "laundry", "lava", "law", + "lawn", "lawsuit", "layer", "lazy", "leader", "leaf", "learn", "leave", "lecture", "left", + "leg", "legal", "legend", "leisure", "lemon", "lend", "length", "lens", "leopard", "lesson", + "letter", "level", "liar", "liberty", "library", "license", "life", "lift", "light", "like", + "limb", "limit", "link", "lion", "liquid", "list", "little", "live", "lizard", "load", "loan", + "lobster", "local", "lock", "logic", "lonely", "long", "loop", "lottery", "loud", "lounge", + "love", "loyal", "lucky", "luggage", "lumber", "lunar", "lunch", "luxury", "lyrics", "machine", + "mad", "magic", "magnet", "maid", "mail", "main", "major", "make", "mammal", "man", "manage", + "mandate", "mango", "mansion", "manual", "maple", "marble", "march", "margin", "marine", + "market", "marriage", "mask", "mass", "master", "match", "material", "math", "matrix", + "matter", "maximum", "maze", "meadow", "mean", "measure", "meat", "mechanic", "medal", "media", + "melody", "melt", "member", "memory", "mention", "menu", "mercy", "merge", "merit", "merry", + "mesh", "message", "metal", "method", "middle", "midnight", "milk", "million", "mimic", "mind", + "minimum", "minor", "minute", "miracle", "mirror", "misery", "miss", "mistake", "mix", "mixed", + "mixture", "mobile", "model", "modify", "mom", "moment", "monitor", "monkey", "monster", + "month", "moon", "moral", "more", "morning", "mosquito", "mother", "motion", "motor", + "mountain", "mouse", "move", "movie", "much", "muffin", "mule", "multiply", "muscle", "museum", + "mushroom", "music", "must", "mutual", "myself", "mystery", "myth", "naive", "name", "napkin", + "narrow", "nasty", "nation", "nature", "near", "neck", "need", "negative", "neglect", + "neither", "nephew", "nerve", "nest", "net", "network", "neutral", "never", "news", "next", + "nice", "night", "noble", "noise", "nominee", "noodle", "normal", "north", "nose", "notable", + "note", "nothing", "notice", "novel", "now", "nuclear", "number", "nurse", "nut", "oak", + "obey", "object", "oblige", "obscure", "observe", "obtain", "obvious", "occur", "ocean", + "october", "odor", "off", "offer", "office", "often", "oil", "okay", "old", "olive", "olympic", + "omit", "once", "one", "onion", "online", "only", "open", "opera", "opinion", "oppose", + "option", "orange", "orbit", "orchard", "order", "ordinary", "organ", "orient", "original", + "orphan", "ostrich", "other", "outdoor", "outer", "output", "outside", "oval", "oven", "over", + "own", "owner", "oxygen", "oyster", "ozone", "pact", "paddle", "page", "pair", "palace", + "palm", "panda", "panel", "panic", "panther", "paper", "parade", "parent", "park", "parrot", + "party", "pass", "patch", "path", "patient", "patrol", "pattern", "pause", "pave", "payment", + "peace", "peanut", "pear", "peasant", "pelican", "pen", "penalty", "pencil", "people", + "pepper", "perfect", "permit", "person", "pet", "phone", "photo", "phrase", "physical", + "piano", "picnic", "picture", "piece", "pig", "pigeon", "pill", "pilot", "pink", "pioneer", + "pipe", "pistol", "pitch", "pizza", "place", "planet", "plastic", "plate", "play", "please", + "pledge", "pluck", "plug", "plunge", "poem", "poet", "point", "polar", "pole", "police", + "pond", "pony", "pool", "popular", "portion", "position", "possible", "post", "potato", + "pottery", "poverty", "powder", "power", "practice", "praise", "predict", "prefer", "prepare", + "present", "pretty", "prevent", "price", "pride", "primary", "print", "priority", "prison", + "private", "prize", "problem", "process", "produce", "profit", "program", "project", "promote", + "proof", "property", "prosper", "protect", "proud", "provide", "public", "pudding", "pull", + "pulp", "pulse", "pumpkin", "punch", "pupil", "puppy", "purchase", "purity", "purpose", + "purse", "push", "put", "puzzle", "pyramid", "quality", "quantum", "quarter", "question", + "quick", "quit", "quiz", "quote", "rabbit", "raccoon", "race", "rack", "radar", "radio", + "rail", "rain", "raise", "rally", "ramp", "ranch", "random", "range", "rapid", "rare", "rate", + "rather", "raven", "raw", "razor", "ready", "real", "reason", "rebel", "rebuild", "recall", + "receive", "recipe", "record", "recycle", "reduce", "reflect", "reform", "refuse", "region", + "regret", "regular", "reject", "relax", "release", "relief", "rely", "remain", "remember", + "remind", "remove", "render", "renew", "rent", "reopen", "repair", "repeat", "replace", + "report", "require", "rescue", "resemble", "resist", "resource", "response", "result", + "retire", "retreat", "return", "reunion", "reveal", "review", "reward", "rhythm", "rib", + "ribbon", "rice", "rich", "ride", "ridge", "rifle", "right", "rigid", "ring", "riot", "ripple", + "risk", "ritual", "rival", "river", "road", "roast", "robot", "robust", "rocket", "romance", + "roof", "rookie", "room", "rose", "rotate", "rough", "round", "route", "royal", "rubber", + "rude", "rug", "rule", "run", "runway", "rural", "sad", "saddle", "sadness", "safe", "sail", + "salad", "salmon", "salon", "salt", "salute", "same", "sample", "sand", "satisfy", "satoshi", + "sauce", "sausage", "save", "say", "scale", "scan", "scare", "scatter", "scene", "scheme", + "school", "science", "scissors", "scorpion", "scout", "scrap", "screen", "script", "scrub", + "sea", "search", "season", "seat", "second", "secret", "section", "security", "seed", "seek", + "segment", "select", "sell", "seminar", "senior", "sense", "sentence", "series", "service", + "session", "settle", "setup", "seven", "shadow", "shaft", "shallow", "share", "shed", "shell", + "sheriff", "shield", "shift", "shine", "ship", "shiver", "shock", "shoe", "shoot", "shop", + "short", "shoulder", "shove", "shrimp", "shrug", "shuffle", "shy", "sibling", "sick", "side", + "siege", "sight", "sign", "silent", "silk", "silly", "silver", "similar", "simple", "since", + "sing", "siren", "sister", "situate", "six", "size", "skate", "sketch", "ski", "skill", "skin", + "skirt", "skull", "slab", "slam", "sleep", "slender", "slice", "slide", "slight", "slim", + "slogan", "slot", "slow", "slush", "small", "smart", "smile", "smoke", "smooth", "snack", + "snake", "snap", "sniff", "snow", "soap", "soccer", "social", "sock", "soda", "soft", "solar", + "soldier", "solid", "solution", "solve", "someone", "song", "soon", "sorry", "sort", "soul", + "sound", "soup", "source", "south", "space", "spare", "spatial", "spawn", "speak", "special", + "speed", "spell", "spend", "sphere", "spice", "spider", "spike", "spin", "spirit", "split", + "spoil", "sponsor", "spoon", "sport", "spot", "spray", "spread", "spring", "spy", "square", + "squeeze", "squirrel", "stable", "stadium", "staff", "stage", "stairs", "stamp", "stand", + "start", "state", "stay", "steak", "steel", "stem", "step", "stereo", "stick", "still", + "sting", "stock", "stomach", "stone", "stool", "story", "stove", "strategy", "street", + "strike", "strong", "struggle", "student", "stuff", "stumble", "style", "subject", "submit", + "subway", "success", "such", "sudden", "suffer", "sugar", "suggest", "suit", "summer", "sun", + "sunny", "sunset", "super", "supply", "supreme", "sure", "surface", "surge", "surprise", + "surround", "survey", "suspect", "sustain", "swallow", "swamp", "swap", "swarm", "swear", + "sweet", "swift", "swim", "swing", "switch", "sword", "symbol", "symptom", "syrup", "system", + "table", "tackle", "tag", "tail", "talent", "talk", "tank", "tape", "target", "task", "taste", + "tattoo", "taxi", "teach", "team", "tell", "ten", "tenant", "tennis", "tent", "term", "test", + "text", "thank", "that", "theme", "then", "theory", "there", "they", "thing", "this", + "thought", "three", "thrive", "throw", "thumb", "thunder", "ticket", "tide", "tiger", "tilt", + "timber", "time", "tiny", "tip", "tired", "tissue", "title", "toast", "tobacco", "today", + "toddler", "toe", "together", "toilet", "token", "tomato", "tomorrow", "tone", "tongue", + "tonight", "tool", "tooth", "top", "topic", "topple", "torch", "tornado", "tortoise", "toss", + "total", "tourist", "toward", "tower", "town", "toy", "track", "trade", "traffic", "tragic", + "train", "transfer", "trap", "trash", "travel", "tray", "treat", "tree", "trend", "trial", + "tribe", "trick", "trigger", "trim", "trip", "trophy", "trouble", "truck", "true", "truly", + "trumpet", "trust", "truth", "try", "tube", "tuition", "tumble", "tuna", "tunnel", "turkey", + "turn", "turtle", "twelve", "twenty", "twice", "twin", "twist", "two", "type", "typical", + "ugly", "umbrella", "unable", "unaware", "uncle", "uncover", "under", "undo", "unfair", + "unfold", "unhappy", "uniform", "unique", "unit", "universe", "unknown", "unlock", "until", + "unusual", "unveil", "update", "upgrade", "uphold", "upon", "upper", "upset", "urban", "urge", + "usage", "use", "used", "useful", "useless", "usual", "utility", "vacant", "vacuum", "vague", + "valid", "valley", "valve", "van", "vanish", "vapor", "various", "vast", "vault", "vehicle", + "velvet", "vendor", "venture", "venue", "verb", "verify", "version", "very", "vessel", + "veteran", "viable", "vibrant", "vicious", "victory", "video", "view", "village", "vintage", + "violin", "virtual", "virus", "visa", "visit", "visual", "vital", "vivid", "vocal", "voice", + "void", "volcano", "volume", "vote", "voyage", "wage", "wagon", "wait", "walk", "wall", + "walnut", "want", "warfare", "warm", "warrior", "wash", "wasp", "waste", "water", "wave", + "way", "wealth", "weapon", "wear", "weasel", "weather", "web", "wedding", "weekend", "weird", + "welcome", "west", "wet", "whale", "what", "wheat", "wheel", "when", "where", "whip", + "whisper", "wide", "width", "wife", "wild", "will", "win", "window", "wine", "wing", "wink", + "winner", "winter", "wire", "wisdom", "wise", "wish", "witness", "wolf", "woman", "wonder", + "wood", "wool", "word", "work", "world", "worry", "worth", "wrap", "wreck", "wrestle", "wrist", + "write", "wrong", "yard", "year", "yellow", "you", "young", "youth", "zebra", "zero", "zone", + "zoo", +]; + +#[cfg(test)] +mod tests { + #[test] + fn it_works() { + assert_eq!(2 + 2, 4); + } +} From 8eb78f43974d0814c876e59fc972e10ebc1eda67 Mon Sep 17 00:00:00 2001 From: kaiwitt Date: Mon, 23 Aug 2021 19:11:10 +0200 Subject: [PATCH 2/5] Implement XOR and test it --- Cargo.toml | 8 + README.md | 30 +++- src/lib.rs | 484 +++++++++++++++++++++-------------------------------- 3 files changed, 231 insertions(+), 291 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index ad5624a..96fd0cf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -2,6 +2,14 @@ name = "seed-xor" version = "0.1.0" edition = "2018" +authors = ["KaiWitt "] +description = "XOR 24-word bip39 mnemonics." +readme = "README.md" +repository = "https://github.com/KaiWitt/seed-xor" +license = "MIT" +keywords = ["bitcoin", "seed", "mnemonic", "bip39", "xor"] +categories = ["cryptography::cryptocurrencies"] +publish = true # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html diff --git a/README.md b/README.md index e2c00b0..19daf31 100644 --- a/README.md +++ b/README.md @@ -1 +1,29 @@ -# seed-xor \ No newline at end of file + # seed-xor + + seed-xor builds on top of [rust-bip39](https://github.com/rust-bitcoin/rust-bip39/) + and lets you XOR 24-word mnemonics as defined in [Coldcard docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). + + + Future versions will also allow you to XOR different seed lengths. + + + ## Example + + ```rust + // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md + let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; + let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; + let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; + let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; + + let a = Mnemonic::from_str(a_str).unwrap(); + let b = Mnemonic::from_str(b_str).unwrap(); + let c = Mnemonic::from_str(c_str).unwrap(); + let result = Mnemonic::from_str(result_str).unwrap(); + + assert_eq!(result, a ^ b ^ c); + ``` + + ## Useful resources + - Coldcard docs: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md + - Easy mnemonic seed explanation: https://learnmeabitcoin.com/technical/mnemonic diff --git a/src/lib.rs b/src/lib.rs index 5e7fab0..35bdff3 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,314 +1,218 @@ -use bip39::Mnemonic; +//! # seed-xor +//! +//! seed-xor builds on top of [rust-bip39](https://github.com/rust-bitcoin/rust-bip39/) +//! and lets you XOR 24-word mnemonics as defined in [Coldcards docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). +//! +//! +//! Future versions will also allow you to XOR different seed lengths. +//! +//! +//! ## Example +//! +//! ```rust +//! // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md +//! let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; +//! let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; +//! let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; +//! let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; +//! +//! // Mnemonic is a wrapper for bip39::Mnemonic which ensures a 24 word seed length. +//! // Mnemonics can also be created from 256bit entropy. +//! let a = Mnemonic::from_str(a_str).unwrap(); +//! let b = Mnemonic::from_str(b_str).unwrap(); +//! let c = Mnemonic::from_str(c_str).unwrap(); +//! let result = Mnemonic::from_str(result_str).unwrap(); +//! +//! assert_eq!(result, a ^ b ^ c); +//! ``` +//! +use std::{ + fmt, + ops::{BitXor, BitXorAssign}, + str::FromStr, +}; -// TODO: calculate/guess last word -// TODO: Remove unwrap and other panicky funk -// TODO: Documentation -// TODO: Write tests -// TODO: make macro -pub fn seed_xor(mnemonic1: &Mnemonic, mnemonic2: &Mnemonic) -> Result { - if mnemonic1.word_count() == mnemonic2.word_count() { - return Err("XOR for different word lenghts are not defined"); - } +use bip39::Mnemonic as Inner; - let mut words = convert_words_to_bytes(mnemonic1.word_iter())?; - let words2 = convert_words_to_bytes(mnemonic2.word_iter())?; +/// Maximal number of words in a mnemonic. +const MAX_MNEMONIC_LENGTH: usize = 24; - for (i, word) in words.iter_mut().enumerate() { - *word ^= words2.get(i).unwrap(); - } - Ok(convert_bytes_to_mnemonic(&words)?) +/// Errors same as [bip39::Error] but specifically for 24 word mnemonics. +#[derive(Debug, Clone, PartialEq, Eq, Copy)] +pub enum SeedXorError { + /// Mnemonic has a word count that is not 24. + WordCountNot24, + /// Mnemonic contains an unknown word. + /// Error contains the index of the word. + UnknownWord(usize), + /// Entropy was not a 256 bits in length. + EntropyBitsNot256, + /// The mnemonic has an invalid checksum. + InvalidChecksum, + /// The mnemonic can be interpreted as multiple languages. + AmbiguousLanguages, } -fn convert_bytes_to_mnemonic(bytes: &Vec) -> Result { - let mut indexes = Vec::::with_capacity(24); +impl From for SeedXorError { + fn from(err: bip39::Error) -> Self { + match err { + bip39::Error::BadEntropyBitCount(_) => return Self::EntropyBitsNot256, + bip39::Error::BadWordCount(_) => return Self::WordCountNot24, + bip39::Error::UnknownWord(i) => return Self::UnknownWord(i), + bip39::Error::InvalidChecksum => return Self::InvalidChecksum, + bip39::Error::AmbiguousLanguages(_) => Self::AmbiguousLanguages, + } + } +} - let mut helper: u16 = 0; - let mut cut: u8 = 0; - for (i, byte) in bytes.iter().enumerate() { - match i % 3 { - 0 => { - helper = (*byte as u16) << 4; +impl fmt::Display for SeedXorError { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + match *self { + SeedXorError::WordCountNot24 => { + write!(f, "Mnemonic has a word count that is not 24",) } - 1 => { - helper |= (byte >> 4) as u16; // wrap or no wrap??? - cut = byte << 4; - indexes.push(helper.into()); - } - // Only 2? - _ => { - helper = (cut << 8) as u16; - helper |= *byte as u16; - indexes.push(helper.into()); + SeedXorError::UnknownWord(i) => { + write!(f, "Mnemonic contains an unknown word (word {})", i,) } + SeedXorError::EntropyBitsNot256 => write!(f, "Entropy was not between 256 bits",), + SeedXorError::InvalidChecksum => write!(f, "Mnemonic has an invalid checksum"), + SeedXorError::AmbiguousLanguages => write!(f, "Ambiguous language"), + } + } +} + +/// Wrapper for a [bip39::Mnemonic] which is aliased as `Inner` +#[derive(Clone, PartialEq, Eq, Debug, Hash, PartialOrd, Ord)] +pub struct Mnemonic { + inner: Inner, +} + +impl Mnemonic { + /// Private constructor which ensures that a new [Mnemonic] instance has 24 words. + fn new(inner: Inner) -> Result { + ensure_24_words(&inner)?; + + Ok(Mnemonic { inner }) + } + + /// Access the inner [bip39::Mnemonic] for more functionality. + pub fn inner(&self) -> &Inner { + &self.inner + } + + /// Wrapper for the same method as in [bip39::Mnemonic] + /// but it returns an `Err` if the entropy does not result in a 24 word mnemonic. + pub fn from_entropy(entropy: &[u8]) -> Result { + match Inner::from_entropy(entropy) { + Ok(inner) => return Ok(Mnemonic::new(inner)?), + Err(err) => return Err(SeedXorError::from(err)), } } - let words: Vec<&str> = indexes.into_iter().map(|i| WORDS[i]).collect(); - return Ok(Mnemonic::parse(words.join(" ")).unwrap()); + /// XOR two [Mnemonic]s without consuming them. + /// If consumption is not of relevance the XOR operator `^` and XOR assigner `^=` can be used as well. + fn xor(&self, rhs: &Self) -> Self { + let mut xor_result = Vec::with_capacity(MAX_MNEMONIC_LENGTH); + + // XOR self's and other's entropy and push result + self.inner + .to_entropy() + .iter() + .zip(rhs.inner.to_entropy().iter()) + .for_each(|(a, b)| xor_result.push(a ^ b)); + + // We unwrap here because xor_result has as many bytes as self and rhs + // which in turn have a valid number of bytes + Mnemonic::from_entropy(&xor_result).unwrap() + } } -// TODO: return iterator? -// TODO: enumerate and check mod 2 instead of first_word variable -/// One word is represented with 3 hex = 1.5 Bytes, we need 2 words = 6 hex = 3bytes -fn convert_words_to_bytes<'a, W>(words: W) -> Result, &'static str> -where - W: Iterator, -{ - // max words 24 á 3 bytes = 36 bytes - let mut result = Vec::::with_capacity(36); - let mut wordlist = WORDS.iter(); - let mut first_word = None::<&str>; - for word in words { - if first_word.is_none() { - first_word = Some(word); - continue; - } - let first: u32; - let second: u32; - match wordlist.position(|&w| w == first_word.unwrap()) { - Some(index) => { - first = index as u32 & TWELVE_BITS; - } - None => return Err(ERR), - } - match wordlist.position(|&w| w == word) { - Some(index) => { - second = index as u32 & TWELVE_BITS; - } - None => return Err(ERR), - } +impl FromStr for Mnemonic { + type Err = SeedXorError; - let bytes: [u8; 4] = ((first << 12) & second).to_be_bytes(); - bytes[1..].iter().for_each(|b| result.push(*b)); + fn from_str(mnemonic: &str) -> Result::Err> { + match Inner::from_str(mnemonic) { + Ok(inner) => return Ok(Mnemonic::new(inner)?), + Err(err) => Err(SeedXorError::from(err)), + } + } +} - first_word = None; +impl fmt::Display for Mnemonic { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + for (i, word) in self.inner.word_iter().enumerate() { + if i > 0 { + f.write_str(" ")?; + } + f.write_str(word)?; + } + Ok(()) + } +} + +impl BitXor for Mnemonic { + type Output = Self; + + fn bitxor(self, rhs: Self) -> Self::Output { + self.xor(&rhs) + } +} + +impl BitXorAssign for Mnemonic { + fn bitxor_assign(&mut self, rhs: Self) { + *self = self.xor(&rhs) + } +} + +/// Ensures that an [Inner] is a 24 word mnemonic for wrapping into a [Mnemonic]. +fn ensure_24_words(inner: &Inner) -> Result<(), SeedXorError> { + if inner.word_count() != MAX_MNEMONIC_LENGTH { + return Err(SeedXorError::WordCountNot24); } - Ok(result) + Ok(()) } -const ERR: &str = "Words contains a word which is not in the standard word list"; - -const TWELVE_BITS: u32 = 0b111111111111; - -const WORDS: [&str; 2048] = [ - "abandon", "ability", "able", "about", "above", "absent", "absorb", "abstract", "absurd", - "abuse", "access", "accident", "account", "accuse", "achieve", "acid", "acoustic", "acquire", - "across", "act", "action", "actor", "actress", "actual", "adapt", "add", "addict", "address", - "adjust", "admit", "adult", "advance", "advice", "aerobic", "affair", "afford", "afraid", - "again", "age", "agent", "agree", "ahead", "aim", "air", "airport", "aisle", "alarm", "album", - "alcohol", "alert", "alien", "all", "alley", "allow", "almost", "alone", "alpha", "already", - "also", "alter", "always", "amateur", "amazing", "among", "amount", "amused", "analyst", - "anchor", "ancient", "anger", "angle", "angry", "animal", "ankle", "announce", "annual", - "another", "answer", "antenna", "antique", "anxiety", "any", "apart", "apology", "appear", - "apple", "approve", "april", "arch", "arctic", "area", "arena", "argue", "arm", "armed", - "armor", "army", "around", "arrange", "arrest", "arrive", "arrow", "art", "artefact", "artist", - "artwork", "ask", "aspect", "assault", "asset", "assist", "assume", "asthma", "athlete", - "atom", "attack", "attend", "attitude", "attract", "auction", "audit", "august", "aunt", - "author", "auto", "autumn", "average", "avocado", "avoid", "awake", "aware", "away", "awesome", - "awful", "awkward", "axis", "baby", "bachelor", "bacon", "badge", "bag", "balance", "balcony", - "ball", "bamboo", "banana", "banner", "bar", "barely", "bargain", "barrel", "base", "basic", - "basket", "battle", "beach", "bean", "beauty", "because", "become", "beef", "before", "begin", - "behave", "behind", "believe", "below", "belt", "bench", "benefit", "best", "betray", "better", - "between", "beyond", "bicycle", "bid", "bike", "bind", "biology", "bird", "birth", "bitter", - "black", "blade", "blame", "blanket", "blast", "bleak", "bless", "blind", "blood", "blossom", - "blouse", "blue", "blur", "blush", "board", "boat", "body", "boil", "bomb", "bone", "bonus", - "book", "boost", "border", "boring", "borrow", "boss", "bottom", "bounce", "box", "boy", - "bracket", "brain", "brand", "brass", "brave", "bread", "breeze", "brick", "bridge", "brief", - "bright", "bring", "brisk", "broccoli", "broken", "bronze", "broom", "brother", "brown", - "brush", "bubble", "buddy", "budget", "buffalo", "build", "bulb", "bulk", "bullet", "bundle", - "bunker", "burden", "burger", "burst", "bus", "business", "busy", "butter", "buyer", "buzz", - "cabbage", "cabin", "cable", "cactus", "cage", "cake", "call", "calm", "camera", "camp", "can", - "canal", "cancel", "candy", "cannon", "canoe", "canvas", "canyon", "capable", "capital", - "captain", "car", "carbon", "card", "cargo", "carpet", "carry", "cart", "case", "cash", - "casino", "castle", "casual", "cat", "catalog", "catch", "category", "cattle", "caught", - "cause", "caution", "cave", "ceiling", "celery", "cement", "census", "century", "cereal", - "certain", "chair", "chalk", "champion", "change", "chaos", "chapter", "charge", "chase", - "chat", "cheap", "check", "cheese", "chef", "cherry", "chest", "chicken", "chief", "child", - "chimney", "choice", "choose", "chronic", "chuckle", "chunk", "churn", "cigar", "cinnamon", - "circle", "citizen", "city", "civil", "claim", "clap", "clarify", "claw", "clay", "clean", - "clerk", "clever", "click", "client", "cliff", "climb", "clinic", "clip", "clock", "clog", - "close", "cloth", "cloud", "clown", "club", "clump", "cluster", "clutch", "coach", "coast", - "coconut", "code", "coffee", "coil", "coin", "collect", "color", "column", "combine", "come", - "comfort", "comic", "common", "company", "concert", "conduct", "confirm", "congress", - "connect", "consider", "control", "convince", "cook", "cool", "copper", "copy", "coral", - "core", "corn", "correct", "cost", "cotton", "couch", "country", "couple", "course", "cousin", - "cover", "coyote", "crack", "cradle", "craft", "cram", "crane", "crash", "crater", "crawl", - "crazy", "cream", "credit", "creek", "crew", "cricket", "crime", "crisp", "critic", "crop", - "cross", "crouch", "crowd", "crucial", "cruel", "cruise", "crumble", "crunch", "crush", "cry", - "crystal", "cube", "culture", "cup", "cupboard", "curious", "current", "curtain", "curve", - "cushion", "custom", "cute", "cycle", "dad", "damage", "damp", "dance", "danger", "daring", - "dash", "daughter", "dawn", "day", "deal", "debate", "debris", "decade", "december", "decide", - "decline", "decorate", "decrease", "deer", "defense", "define", "defy", "degree", "delay", - "deliver", "demand", "demise", "denial", "dentist", "deny", "depart", "depend", "deposit", - "depth", "deputy", "derive", "describe", "desert", "design", "desk", "despair", "destroy", - "detail", "detect", "develop", "device", "devote", "diagram", "dial", "diamond", "diary", - "dice", "diesel", "diet", "differ", "digital", "dignity", "dilemma", "dinner", "dinosaur", - "direct", "dirt", "disagree", "discover", "disease", "dish", "dismiss", "disorder", "display", - "distance", "divert", "divide", "divorce", "dizzy", "doctor", "document", "dog", "doll", - "dolphin", "domain", "donate", "donkey", "donor", "door", "dose", "double", "dove", "draft", - "dragon", "drama", "drastic", "draw", "dream", "dress", "drift", "drill", "drink", "drip", - "drive", "drop", "drum", "dry", "duck", "dumb", "dune", "during", "dust", "dutch", "duty", - "dwarf", "dynamic", "eager", "eagle", "early", "earn", "earth", "easily", "east", "easy", - "echo", "ecology", "economy", "edge", "edit", "educate", "effort", "egg", "eight", "either", - "elbow", "elder", "electric", "elegant", "element", "elephant", "elevator", "elite", "else", - "embark", "embody", "embrace", "emerge", "emotion", "employ", "empower", "empty", "enable", - "enact", "end", "endless", "endorse", "enemy", "energy", "enforce", "engage", "engine", - "enhance", "enjoy", "enlist", "enough", "enrich", "enroll", "ensure", "enter", "entire", - "entry", "envelope", "episode", "equal", "equip", "era", "erase", "erode", "erosion", "error", - "erupt", "escape", "essay", "essence", "estate", "eternal", "ethics", "evidence", "evil", - "evoke", "evolve", "exact", "example", "excess", "exchange", "excite", "exclude", "excuse", - "execute", "exercise", "exhaust", "exhibit", "exile", "exist", "exit", "exotic", "expand", - "expect", "expire", "explain", "expose", "express", "extend", "extra", "eye", "eyebrow", - "fabric", "face", "faculty", "fade", "faint", "faith", "fall", "false", "fame", "family", - "famous", "fan", "fancy", "fantasy", "farm", "fashion", "fat", "fatal", "father", "fatigue", - "fault", "favorite", "feature", "february", "federal", "fee", "feed", "feel", "female", - "fence", "festival", "fetch", "fever", "few", "fiber", "fiction", "field", "figure", "file", - "film", "filter", "final", "find", "fine", "finger", "finish", "fire", "firm", "first", - "fiscal", "fish", "fit", "fitness", "fix", "flag", "flame", "flash", "flat", "flavor", "flee", - "flight", "flip", "float", "flock", "floor", "flower", "fluid", "flush", "fly", "foam", - "focus", "fog", "foil", "fold", "follow", "food", "foot", "force", "forest", "forget", "fork", - "fortune", "forum", "forward", "fossil", "foster", "found", "fox", "fragile", "frame", - "frequent", "fresh", "friend", "fringe", "frog", "front", "frost", "frown", "frozen", "fruit", - "fuel", "fun", "funny", "furnace", "fury", "future", "gadget", "gain", "galaxy", "gallery", - "game", "gap", "garage", "garbage", "garden", "garlic", "garment", "gas", "gasp", "gate", - "gather", "gauge", "gaze", "general", "genius", "genre", "gentle", "genuine", "gesture", - "ghost", "giant", "gift", "giggle", "ginger", "giraffe", "girl", "give", "glad", "glance", - "glare", "glass", "glide", "glimpse", "globe", "gloom", "glory", "glove", "glow", "glue", - "goat", "goddess", "gold", "good", "goose", "gorilla", "gospel", "gossip", "govern", "gown", - "grab", "grace", "grain", "grant", "grape", "grass", "gravity", "great", "green", "grid", - "grief", "grit", "grocery", "group", "grow", "grunt", "guard", "guess", "guide", "guilt", - "guitar", "gun", "gym", "habit", "hair", "half", "hammer", "hamster", "hand", "happy", - "harbor", "hard", "harsh", "harvest", "hat", "have", "hawk", "hazard", "head", "health", - "heart", "heavy", "hedgehog", "height", "hello", "helmet", "help", "hen", "hero", "hidden", - "high", "hill", "hint", "hip", "hire", "history", "hobby", "hockey", "hold", "hole", "holiday", - "hollow", "home", "honey", "hood", "hope", "horn", "horror", "horse", "hospital", "host", - "hotel", "hour", "hover", "hub", "huge", "human", "humble", "humor", "hundred", "hungry", - "hunt", "hurdle", "hurry", "hurt", "husband", "hybrid", "ice", "icon", "idea", "identify", - "idle", "ignore", "ill", "illegal", "illness", "image", "imitate", "immense", "immune", - "impact", "impose", "improve", "impulse", "inch", "include", "income", "increase", "index", - "indicate", "indoor", "industry", "infant", "inflict", "inform", "inhale", "inherit", - "initial", "inject", "injury", "inmate", "inner", "innocent", "input", "inquiry", "insane", - "insect", "inside", "inspire", "install", "intact", "interest", "into", "invest", "invite", - "involve", "iron", "island", "isolate", "issue", "item", "ivory", "jacket", "jaguar", "jar", - "jazz", "jealous", "jeans", "jelly", "jewel", "job", "join", "joke", "journey", "joy", "judge", - "juice", "jump", "jungle", "junior", "junk", "just", "kangaroo", "keen", "keep", "ketchup", - "key", "kick", "kid", "kidney", "kind", "kingdom", "kiss", "kit", "kitchen", "kite", "kitten", - "kiwi", "knee", "knife", "knock", "know", "lab", "label", "labor", "ladder", "lady", "lake", - "lamp", "language", "laptop", "large", "later", "latin", "laugh", "laundry", "lava", "law", - "lawn", "lawsuit", "layer", "lazy", "leader", "leaf", "learn", "leave", "lecture", "left", - "leg", "legal", "legend", "leisure", "lemon", "lend", "length", "lens", "leopard", "lesson", - "letter", "level", "liar", "liberty", "library", "license", "life", "lift", "light", "like", - "limb", "limit", "link", "lion", "liquid", "list", "little", "live", "lizard", "load", "loan", - "lobster", "local", "lock", "logic", "lonely", "long", "loop", "lottery", "loud", "lounge", - "love", "loyal", "lucky", "luggage", "lumber", "lunar", "lunch", "luxury", "lyrics", "machine", - "mad", "magic", "magnet", "maid", "mail", "main", "major", "make", "mammal", "man", "manage", - "mandate", "mango", "mansion", "manual", "maple", "marble", "march", "margin", "marine", - "market", "marriage", "mask", "mass", "master", "match", "material", "math", "matrix", - "matter", "maximum", "maze", "meadow", "mean", "measure", "meat", "mechanic", "medal", "media", - "melody", "melt", "member", "memory", "mention", "menu", "mercy", "merge", "merit", "merry", - "mesh", "message", "metal", "method", "middle", "midnight", "milk", "million", "mimic", "mind", - "minimum", "minor", "minute", "miracle", "mirror", "misery", "miss", "mistake", "mix", "mixed", - "mixture", "mobile", "model", "modify", "mom", "moment", "monitor", "monkey", "monster", - "month", "moon", "moral", "more", "morning", "mosquito", "mother", "motion", "motor", - "mountain", "mouse", "move", "movie", "much", "muffin", "mule", "multiply", "muscle", "museum", - "mushroom", "music", "must", "mutual", "myself", "mystery", "myth", "naive", "name", "napkin", - "narrow", "nasty", "nation", "nature", "near", "neck", "need", "negative", "neglect", - "neither", "nephew", "nerve", "nest", "net", "network", "neutral", "never", "news", "next", - "nice", "night", "noble", "noise", "nominee", "noodle", "normal", "north", "nose", "notable", - "note", "nothing", "notice", "novel", "now", "nuclear", "number", "nurse", "nut", "oak", - "obey", "object", "oblige", "obscure", "observe", "obtain", "obvious", "occur", "ocean", - "october", "odor", "off", "offer", "office", "often", "oil", "okay", "old", "olive", "olympic", - "omit", "once", "one", "onion", "online", "only", "open", "opera", "opinion", "oppose", - "option", "orange", "orbit", "orchard", "order", "ordinary", "organ", "orient", "original", - "orphan", "ostrich", "other", "outdoor", "outer", "output", "outside", "oval", "oven", "over", - "own", "owner", "oxygen", "oyster", "ozone", "pact", "paddle", "page", "pair", "palace", - "palm", "panda", "panel", "panic", "panther", "paper", "parade", "parent", "park", "parrot", - "party", "pass", "patch", "path", "patient", "patrol", "pattern", "pause", "pave", "payment", - "peace", "peanut", "pear", "peasant", "pelican", "pen", "penalty", "pencil", "people", - "pepper", "perfect", "permit", "person", "pet", "phone", "photo", "phrase", "physical", - "piano", "picnic", "picture", "piece", "pig", "pigeon", "pill", "pilot", "pink", "pioneer", - "pipe", "pistol", "pitch", "pizza", "place", "planet", "plastic", "plate", "play", "please", - "pledge", "pluck", "plug", "plunge", "poem", "poet", "point", "polar", "pole", "police", - "pond", "pony", "pool", "popular", "portion", "position", "possible", "post", "potato", - "pottery", "poverty", "powder", "power", "practice", "praise", "predict", "prefer", "prepare", - "present", "pretty", "prevent", "price", "pride", "primary", "print", "priority", "prison", - "private", "prize", "problem", "process", "produce", "profit", "program", "project", "promote", - "proof", "property", "prosper", "protect", "proud", "provide", "public", "pudding", "pull", - "pulp", "pulse", "pumpkin", "punch", "pupil", "puppy", "purchase", "purity", "purpose", - "purse", "push", "put", "puzzle", "pyramid", "quality", "quantum", "quarter", "question", - "quick", "quit", "quiz", "quote", "rabbit", "raccoon", "race", "rack", "radar", "radio", - "rail", "rain", "raise", "rally", "ramp", "ranch", "random", "range", "rapid", "rare", "rate", - "rather", "raven", "raw", "razor", "ready", "real", "reason", "rebel", "rebuild", "recall", - "receive", "recipe", "record", "recycle", "reduce", "reflect", "reform", "refuse", "region", - "regret", "regular", "reject", "relax", "release", "relief", "rely", "remain", "remember", - "remind", "remove", "render", "renew", "rent", "reopen", "repair", "repeat", "replace", - "report", "require", "rescue", "resemble", "resist", "resource", "response", "result", - "retire", "retreat", "return", "reunion", "reveal", "review", "reward", "rhythm", "rib", - "ribbon", "rice", "rich", "ride", "ridge", "rifle", "right", "rigid", "ring", "riot", "ripple", - "risk", "ritual", "rival", "river", "road", "roast", "robot", "robust", "rocket", "romance", - "roof", "rookie", "room", "rose", "rotate", "rough", "round", "route", "royal", "rubber", - "rude", "rug", "rule", "run", "runway", "rural", "sad", "saddle", "sadness", "safe", "sail", - "salad", "salmon", "salon", "salt", "salute", "same", "sample", "sand", "satisfy", "satoshi", - "sauce", "sausage", "save", "say", "scale", "scan", "scare", "scatter", "scene", "scheme", - "school", "science", "scissors", "scorpion", "scout", "scrap", "screen", "script", "scrub", - "sea", "search", "season", "seat", "second", "secret", "section", "security", "seed", "seek", - "segment", "select", "sell", "seminar", "senior", "sense", "sentence", "series", "service", - "session", "settle", "setup", "seven", "shadow", "shaft", "shallow", "share", "shed", "shell", - "sheriff", "shield", "shift", "shine", "ship", "shiver", "shock", "shoe", "shoot", "shop", - "short", "shoulder", "shove", "shrimp", "shrug", "shuffle", "shy", "sibling", "sick", "side", - "siege", "sight", "sign", "silent", "silk", "silly", "silver", "similar", "simple", "since", - "sing", "siren", "sister", "situate", "six", "size", "skate", "sketch", "ski", "skill", "skin", - "skirt", "skull", "slab", "slam", "sleep", "slender", "slice", "slide", "slight", "slim", - "slogan", "slot", "slow", "slush", "small", "smart", "smile", "smoke", "smooth", "snack", - "snake", "snap", "sniff", "snow", "soap", "soccer", "social", "sock", "soda", "soft", "solar", - "soldier", "solid", "solution", "solve", "someone", "song", "soon", "sorry", "sort", "soul", - "sound", "soup", "source", "south", "space", "spare", "spatial", "spawn", "speak", "special", - "speed", "spell", "spend", "sphere", "spice", "spider", "spike", "spin", "spirit", "split", - "spoil", "sponsor", "spoon", "sport", "spot", "spray", "spread", "spring", "spy", "square", - "squeeze", "squirrel", "stable", "stadium", "staff", "stage", "stairs", "stamp", "stand", - "start", "state", "stay", "steak", "steel", "stem", "step", "stereo", "stick", "still", - "sting", "stock", "stomach", "stone", "stool", "story", "stove", "strategy", "street", - "strike", "strong", "struggle", "student", "stuff", "stumble", "style", "subject", "submit", - "subway", "success", "such", "sudden", "suffer", "sugar", "suggest", "suit", "summer", "sun", - "sunny", "sunset", "super", "supply", "supreme", "sure", "surface", "surge", "surprise", - "surround", "survey", "suspect", "sustain", "swallow", "swamp", "swap", "swarm", "swear", - "sweet", "swift", "swim", "swing", "switch", "sword", "symbol", "symptom", "syrup", "system", - "table", "tackle", "tag", "tail", "talent", "talk", "tank", "tape", "target", "task", "taste", - "tattoo", "taxi", "teach", "team", "tell", "ten", "tenant", "tennis", "tent", "term", "test", - "text", "thank", "that", "theme", "then", "theory", "there", "they", "thing", "this", - "thought", "three", "thrive", "throw", "thumb", "thunder", "ticket", "tide", "tiger", "tilt", - "timber", "time", "tiny", "tip", "tired", "tissue", "title", "toast", "tobacco", "today", - "toddler", "toe", "together", "toilet", "token", "tomato", "tomorrow", "tone", "tongue", - "tonight", "tool", "tooth", "top", "topic", "topple", "torch", "tornado", "tortoise", "toss", - "total", "tourist", "toward", "tower", "town", "toy", "track", "trade", "traffic", "tragic", - "train", "transfer", "trap", "trash", "travel", "tray", "treat", "tree", "trend", "trial", - "tribe", "trick", "trigger", "trim", "trip", "trophy", "trouble", "truck", "true", "truly", - "trumpet", "trust", "truth", "try", "tube", "tuition", "tumble", "tuna", "tunnel", "turkey", - "turn", "turtle", "twelve", "twenty", "twice", "twin", "twist", "two", "type", "typical", - "ugly", "umbrella", "unable", "unaware", "uncle", "uncover", "under", "undo", "unfair", - "unfold", "unhappy", "uniform", "unique", "unit", "universe", "unknown", "unlock", "until", - "unusual", "unveil", "update", "upgrade", "uphold", "upon", "upper", "upset", "urban", "urge", - "usage", "use", "used", "useful", "useless", "usual", "utility", "vacant", "vacuum", "vague", - "valid", "valley", "valve", "van", "vanish", "vapor", "various", "vast", "vault", "vehicle", - "velvet", "vendor", "venture", "venue", "verb", "verify", "version", "very", "vessel", - "veteran", "viable", "vibrant", "vicious", "victory", "video", "view", "village", "vintage", - "violin", "virtual", "virus", "visa", "visit", "visual", "vital", "vivid", "vocal", "voice", - "void", "volcano", "volume", "vote", "voyage", "wage", "wagon", "wait", "walk", "wall", - "walnut", "want", "warfare", "warm", "warrior", "wash", "wasp", "waste", "water", "wave", - "way", "wealth", "weapon", "wear", "weasel", "weather", "web", "wedding", "weekend", "weird", - "welcome", "west", "wet", "whale", "what", "wheat", "wheel", "when", "where", "whip", - "whisper", "wide", "width", "wife", "wild", "will", "win", "window", "wine", "wing", "wink", - "winner", "winter", "wire", "wisdom", "wise", "wish", "witness", "wolf", "woman", "wonder", - "wood", "wool", "word", "work", "world", "worry", "worth", "wrap", "wreck", "wrestle", "wrist", - "write", "wrong", "yard", "year", "yellow", "you", "young", "youth", "zebra", "zero", "zone", - "zoo", -]; - #[cfg(test)] mod tests { + use crate::Mnemonic; + use std::str::FromStr; + #[test] - fn it_works() { - assert_eq!(2 + 2, 4); + fn seed_xor_works() { + // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md + let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; + let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; + let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; + let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; + + let a = Mnemonic::from_str(a_str).unwrap(); + let b = Mnemonic::from_str(b_str).unwrap(); + let c = Mnemonic::from_str(c_str).unwrap(); + let result = Mnemonic::from_str(result_str).unwrap(); + + assert_eq!(result, a.clone() ^ b.clone() ^ c.clone()); + + // Different order + assert_eq!(result, b ^ c ^ a); + } + + #[test] + fn seed_xor_assignment_works() { + // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md + let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; + let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; + let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; + let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; + + let a = Mnemonic::from_str(a_str).unwrap(); + let b = Mnemonic::from_str(b_str).unwrap(); + let c = Mnemonic::from_str(c_str).unwrap(); + let result = Mnemonic::from_str(result_str).unwrap(); + + let mut assigned = a.xor(&b); // XOR without consuming + assigned ^= c; + + assert_eq!(result, assigned); } } From f947ffdad98177122dc99633c00cd8846a8b270c Mon Sep 17 00:00:00 2001 From: kaiwitt Date: Mon, 23 Aug 2021 23:09:41 +0200 Subject: [PATCH 3/5] Fix doc test and clippy warnings --- src/lib.rs | 34 +++++++++++++++++++--------------- 1 file changed, 19 insertions(+), 15 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index 35bdff3..a26e968 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -10,6 +10,9 @@ //! ## Example //! //! ```rust +//! use seed_xor::Mnemonic; +//! use std::str::FromStr; +//! //! // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md //! let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; //! let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; @@ -56,10 +59,10 @@ pub enum SeedXorError { impl From for SeedXorError { fn from(err: bip39::Error) -> Self { match err { - bip39::Error::BadEntropyBitCount(_) => return Self::EntropyBitsNot256, - bip39::Error::BadWordCount(_) => return Self::WordCountNot24, - bip39::Error::UnknownWord(i) => return Self::UnknownWord(i), - bip39::Error::InvalidChecksum => return Self::InvalidChecksum, + bip39::Error::BadEntropyBitCount(_) => Self::EntropyBitsNot256, + bip39::Error::BadWordCount(_) => Self::WordCountNot24, + bip39::Error::UnknownWord(i) => Self::UnknownWord(i), + bip39::Error::InvalidChecksum => Self::InvalidChecksum, bip39::Error::AmbiguousLanguages(_) => Self::AmbiguousLanguages, } } @@ -81,9 +84,10 @@ impl fmt::Display for SeedXorError { } } -/// Wrapper for a [bip39::Mnemonic] which is aliased as `Inner` +/// Wrapper for a [bip39::Mnemonic] which is aliased as `Inner`. #[derive(Clone, PartialEq, Eq, Debug, Hash, PartialOrd, Ord)] pub struct Mnemonic { + /// Actual [bip39::Mnemonic] which is wrapped to be able to implement the XOR operator. inner: Inner, } @@ -95,7 +99,7 @@ impl Mnemonic { Ok(Mnemonic { inner }) } - /// Access the inner [bip39::Mnemonic] for more functionality. + /// Access the private inner [bip39::Mnemonic] for more functionality. pub fn inner(&self) -> &Inner { &self.inner } @@ -104,25 +108,25 @@ impl Mnemonic { /// but it returns an `Err` if the entropy does not result in a 24 word mnemonic. pub fn from_entropy(entropy: &[u8]) -> Result { match Inner::from_entropy(entropy) { - Ok(inner) => return Ok(Mnemonic::new(inner)?), - Err(err) => return Err(SeedXorError::from(err)), + Ok(inner) => Mnemonic::new(inner), + Err(err) => Err(SeedXorError::from(err)), } } /// XOR two [Mnemonic]s without consuming them. /// If consumption is not of relevance the XOR operator `^` and XOR assigner `^=` can be used as well. fn xor(&self, rhs: &Self) -> Self { - let mut xor_result = Vec::with_capacity(MAX_MNEMONIC_LENGTH); - - // XOR self's and other's entropy and push result - self.inner + // self and rhs have both 256bit entropy + let xor_result = self + .inner .to_entropy() .iter() .zip(rhs.inner.to_entropy().iter()) - .for_each(|(a, b)| xor_result.push(a ^ b)); + .map(|(a, b)| a ^ b) + .collect::>(); // We unwrap here because xor_result has as many bytes as self and rhs - // which in turn have a valid number of bytes + // which in turn have a valid number of bytes. Mnemonic::from_entropy(&xor_result).unwrap() } } @@ -132,7 +136,7 @@ impl FromStr for Mnemonic { fn from_str(mnemonic: &str) -> Result::Err> { match Inner::from_str(mnemonic) { - Ok(inner) => return Ok(Mnemonic::new(inner)?), + Ok(inner) => Mnemonic::new(inner), Err(err) => Err(SeedXorError::from(err)), } } From 3fccb84af20e1bbc7e87f02038b4f44684bb8500 Mon Sep 17 00:00:00 2001 From: kaiwitt Date: Tue, 24 Aug 2021 09:30:59 +0200 Subject: [PATCH 4/5] XOR seeds of differing entropy --- README.md | 42 +++++++++------- src/lib.rs | 137 +++++++++++++++++++---------------------------------- 2 files changed, 74 insertions(+), 105 deletions(-) diff --git a/README.md b/README.md index 19daf31..690e701 100644 --- a/README.md +++ b/README.md @@ -1,29 +1,35 @@ - # seed-xor +# seed-xor - seed-xor builds on top of [rust-bip39](https://github.com/rust-bitcoin/rust-bip39/) - and lets you XOR 24-word mnemonics as defined in [Coldcard docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). +seed-xor builds on top of [rust-bip39](https://github.com/rust-bitcoin/rust-bip39/) +and lets you XOR bip39 mnemonics as defined in [Coldcards docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). - Future versions will also allow you to XOR different seed lengths. +It is also possible to XOR mnemonics with differing numbers of words. +For this the shorter one will be extended with 0s during the XOR calculation. - ## Example +## Example - ```rust - // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md - let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; - let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; - let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; - let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; +```rust +use seed_xor::Mnemonic; +use std::str::FromStr; - let a = Mnemonic::from_str(a_str).unwrap(); - let b = Mnemonic::from_str(b_str).unwrap(); - let c = Mnemonic::from_str(c_str).unwrap(); - let result = Mnemonic::from_str(result_str).unwrap(); +// Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md +let a_str = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; +let b_str = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series noodle toy crowd jeans select depth lounge"; +let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; +let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; - assert_eq!(result, a ^ b ^ c); - ``` +// Mnemonic is a wrapper for bip39::Mnemonic which implements the XOR operation `^`. +// Mnemonics can also be created from entropy. +let a = Mnemonic::from_str(a_str).unwrap(); +let b = Mnemonic::from_str(b_str).unwrap(); +let c = Mnemonic::from_str(c_str).unwrap(); +let result = Mnemonic::from_str(result_str).unwrap(); + +assert_eq!(result, a ^ b ^ c); +``` ## Useful resources - Coldcard docs: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md - - Easy mnemonic seed explanation: https://learnmeabitcoin.com/technical/mnemonic + - Easy bip39 mnemonic explanation: https://learnmeabitcoin.com/technical/mnemonic diff --git a/src/lib.rs b/src/lib.rs index a26e968..7f9deba 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,10 +1,11 @@ //! # seed-xor //! //! seed-xor builds on top of [rust-bip39](https://github.com/rust-bitcoin/rust-bip39/) -//! and lets you XOR 24-word mnemonics as defined in [Coldcards docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). +//! and lets you XOR bip39 mnemonics as defined in [Coldcards docs](https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md). //! //! -//! Future versions will also allow you to XOR different seed lengths. +//! It is also possible to XOR mnemonics with differing numbers of words. +//! For this the shorter one will be extended with 0s during the XOR calculation. //! //! //! ## Example @@ -19,8 +20,8 @@ //! let c_str = "vault nominee cradle silk own frown throw leg cactus recall talent worry gadget surface shy planet purpose coffee drip few seven term squeeze educate"; //! let result_str = "silent toe meat possible chair blossom wait occur this worth option bag nurse find fish scene bench asthma bike wage world quit primary indoor"; //! -//! // Mnemonic is a wrapper for bip39::Mnemonic which ensures a 24 word seed length. -//! // Mnemonics can also be created from 256bit entropy. +//! // Mnemonic is a wrapper for bip39::Mnemonic which implements the XOR operation `^`. +//! // Mnemonics can also be created from entropy. //! let a = Mnemonic::from_str(a_str).unwrap(); //! let b = Mnemonic::from_str(b_str).unwrap(); //! let c = Mnemonic::from_str(c_str).unwrap(); @@ -37,53 +38,6 @@ use std::{ use bip39::Mnemonic as Inner; -/// Maximal number of words in a mnemonic. -const MAX_MNEMONIC_LENGTH: usize = 24; - -/// Errors same as [bip39::Error] but specifically for 24 word mnemonics. -#[derive(Debug, Clone, PartialEq, Eq, Copy)] -pub enum SeedXorError { - /// Mnemonic has a word count that is not 24. - WordCountNot24, - /// Mnemonic contains an unknown word. - /// Error contains the index of the word. - UnknownWord(usize), - /// Entropy was not a 256 bits in length. - EntropyBitsNot256, - /// The mnemonic has an invalid checksum. - InvalidChecksum, - /// The mnemonic can be interpreted as multiple languages. - AmbiguousLanguages, -} - -impl From for SeedXorError { - fn from(err: bip39::Error) -> Self { - match err { - bip39::Error::BadEntropyBitCount(_) => Self::EntropyBitsNot256, - bip39::Error::BadWordCount(_) => Self::WordCountNot24, - bip39::Error::UnknownWord(i) => Self::UnknownWord(i), - bip39::Error::InvalidChecksum => Self::InvalidChecksum, - bip39::Error::AmbiguousLanguages(_) => Self::AmbiguousLanguages, - } - } -} - -impl fmt::Display for SeedXorError { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - match *self { - SeedXorError::WordCountNot24 => { - write!(f, "Mnemonic has a word count that is not 24",) - } - SeedXorError::UnknownWord(i) => { - write!(f, "Mnemonic contains an unknown word (word {})", i,) - } - SeedXorError::EntropyBitsNot256 => write!(f, "Entropy was not between 256 bits",), - SeedXorError::InvalidChecksum => write!(f, "Mnemonic has an invalid checksum"), - SeedXorError::AmbiguousLanguages => write!(f, "Ambiguous language"), - } - } -} - /// Wrapper for a [bip39::Mnemonic] which is aliased as `Inner`. #[derive(Clone, PartialEq, Eq, Debug, Hash, PartialOrd, Ord)] pub struct Mnemonic { @@ -92,11 +46,9 @@ pub struct Mnemonic { } impl Mnemonic { - /// Private constructor which ensures that a new [Mnemonic] instance has 24 words. - fn new(inner: Inner) -> Result { - ensure_24_words(&inner)?; - - Ok(Mnemonic { inner }) + /// Private constructor. + fn new(inner: Inner) -> Self { + Mnemonic { inner } } /// Access the private inner [bip39::Mnemonic] for more functionality. @@ -104,40 +56,44 @@ impl Mnemonic { &self.inner } - /// Wrapper for the same method as in [bip39::Mnemonic] - /// but it returns an `Err` if the entropy does not result in a 24 word mnemonic. - pub fn from_entropy(entropy: &[u8]) -> Result { + /// Wrapper for the same method as in [bip39::Mnemonic]. + pub fn from_entropy(entropy: &[u8]) -> Result { match Inner::from_entropy(entropy) { - Ok(inner) => Mnemonic::new(inner), - Err(err) => Err(SeedXorError::from(err)), + Ok(inner) => Ok(Mnemonic::new(inner)), + Err(err) => Err(err), } } /// XOR two [Mnemonic]s without consuming them. /// If consumption is not of relevance the XOR operator `^` and XOR assigner `^=` can be used as well. fn xor(&self, rhs: &Self) -> Self { - // self and rhs have both 256bit entropy - let xor_result = self - .inner - .to_entropy() - .iter() - .zip(rhs.inner.to_entropy().iter()) - .map(|(a, b)| a ^ b) - .collect::>(); + let mut entropy = self.inner.to_entropy(); + let xor_values = rhs.inner.to_entropy(); - // We unwrap here because xor_result has as many bytes as self and rhs - // which in turn have a valid number of bytes. - Mnemonic::from_entropy(&xor_result).unwrap() + // XOR each Byte + entropy + .iter_mut() + .zip(xor_values.iter()) + .for_each(|(a, b)| *a ^= b); + + // Extend entropy with values of xor_values if it has a shorter entropy length. + if entropy.len() < xor_values.len() { + entropy.extend(xor_values.iter().skip(entropy.len())) + } + + // We unwrap here because entropy has either as many Bytes + // as self or rhs and both are valid mnemonics. + Mnemonic::from_entropy(&entropy).unwrap() } } impl FromStr for Mnemonic { - type Err = SeedXorError; + type Err = bip39::Error; fn from_str(mnemonic: &str) -> Result::Err> { match Inner::from_str(mnemonic) { - Ok(inner) => Mnemonic::new(inner), - Err(err) => Err(SeedXorError::from(err)), + Ok(inner) => Ok(Mnemonic::new(inner)), + Err(err) => Err(err), } } } @@ -168,15 +124,6 @@ impl BitXorAssign for Mnemonic { } } -/// Ensures that an [Inner] is a 24 word mnemonic for wrapping into a [Mnemonic]. -fn ensure_24_words(inner: &Inner) -> Result<(), SeedXorError> { - if inner.word_count() != MAX_MNEMONIC_LENGTH { - return Err(SeedXorError::WordCountNot24); - } - - Ok(()) -} - #[cfg(test)] mod tests { use crate::Mnemonic; @@ -196,9 +143,7 @@ mod tests { let result = Mnemonic::from_str(result_str).unwrap(); assert_eq!(result, a.clone() ^ b.clone() ^ c.clone()); - - // Different order - assert_eq!(result, b ^ c ^ a); + assert_eq!(result, b ^ c ^ a); // Commutative } #[test] @@ -219,4 +164,22 @@ mod tests { assert_eq!(result, assigned); } + + #[test] + fn seed_xor_with_different_lengths_works() { + // Coldcard example: https://github.com/Coldcard/firmware/blob/master/docs/seed-xor.md + // but truncated mnemonics with correct last word. + let str_24 = "romance wink lottery autumn shop bring dawn tongue range crater truth ability miss spice fitness easy legal release recall obey exchange recycle dragon room"; + let str_16 = "lion misery divide hurry latin fluid camp advance illegal lab pyramid unaware eager fringe sick camera series number"; + let str_12 = "vault nominee cradle silk own frown throw leg cactus recall talent wisdom"; + let result_str = "silent toe meat possible chair blossom wait occur this worth option aware since milk mother grace rocket cement recall obey exchange recycle dragon rocket"; + + let w_24 = Mnemonic::from_str(str_24).unwrap(); + let w_16 = Mnemonic::from_str(str_16).unwrap(); + let w_12 = Mnemonic::from_str(str_12).unwrap(); + let result = Mnemonic::from_str(result_str).unwrap(); + + assert_eq!(result, w_24.clone() ^ w_16.clone() ^ w_12.clone()); + assert_eq!(result, w_12 ^ w_24 ^ w_16); // Commutative + } } From 54dbe4a1867f6a3a4e86dea473612ddfbf550573 Mon Sep 17 00:00:00 2001 From: kaiwitt Date: Tue, 24 Aug 2021 09:34:46 +0200 Subject: [PATCH 5/5] Update description in cargo.toml --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index 96fd0cf..dbaf3f4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -3,7 +3,7 @@ name = "seed-xor" version = "0.1.0" edition = "2018" authors = ["KaiWitt "] -description = "XOR 24-word bip39 mnemonics." +description = "XOR bip39 mnemonics." readme = "README.md" repository = "https://github.com/KaiWitt/seed-xor" license = "MIT"