Jump to content

Recommended Posts

If it is any small help to all of you at Ripple, it lets help people like me know that there are a lot smarter people than myself working on an extremely difficult problem.

Share this post


Link to post
Share on other sites

Thanks mDuo13.

As someone who's just a hack and new to programming the XRP Ledger, it's really confusing which is the correct term for the base58 encoded seed value that starts with the letter 's'. e.g. snNVZDynkm4NoWe3tsQGzZXyhcAda.

On this page https://xrpl.org/cryptographic-keys.html ) it's referred to as a Master Seed.

On this page ( https://xrpl.org/base58-encodings.html ) it's referred to as a Seed Value .

Outside of the documentation everybody seems to refer to it as Secret (e.g. Toast Wallet) or Secret Key (e.g. https://www.xrptoolkit.com/login).

This caused me a lot of confusion when reading the following on this page https://xrpl.org/cryptographic-keys.html.

Quote

Secret Key

The wallet_propose response does not explicitly list the secret key value, also called a private key. Software that can sign transactions is expected to derive the secret key from the seed value.

I hereby suggest that from now on, in all contexts, the value should be known exclusively as Secret Seed. If you could have all the documentation fixed up by Friday lunch time, that'd be great. ;)

Share this post


Link to post
Share on other sites

@SimpleXRPTools Very good post. The terminology surrounding XRPL account keys is inconsistent and really confusing, unless you are a cryptography expert.

I think we need definitive, consistent and non-technical (as much as that is possible) definitions of the following:

1. XRPL account address - the string beginning with 'r'.

2. Master key, secret seed, master seed, private key (if those are all the same entity)  - the string beginning with 's'. Let's just have one term for this, please.

3. Regular key - does that begin with an 's' as well? Why would you want to use a regular key instead of the master key, assuming the latter has not been compromised?

4. Any other XRPL account keys I haven't thought of.

Share this post


Link to post
Share on other sites
3 minutes ago, PunishmentOfLuxury said:

Regular key - does that begin with an 's' as well? Why would you want to use a regular key instead of the master key, assuming the latter has not been compromised?

One reason as you mentioned is to secure the address if it is suspected that the master has been compromised.  Another might be if the wallet is sold.  Why sell a wallet (address) rather than just move the XRP?  One reason might be if the 1 billion XRP are locked in escrow.  :) 

Another reason is to allow multiple authorised persons.  Each responsible for their own key.  Needing say at least three to actually fully authorise a payment.  Lots of reasons.

Share this post


Link to post
Share on other sites
6 hours ago, SimpleXRPTools said:

I hereby suggest that from now on, in all contexts, the value should be known exclusively as Secret Seed.

I disagree. This is not a common technical term. Not to turn all newbie-unfriendly, but someone who self-describes as "just a hack and new to programming the XRP Ledger" can have great input about inconsistencies, but to suggest system-wide technical descriptions might be a bit above your expertise.

13 minutes ago, PunishmentOfLuxury said:

Someone please clarify the difference. :help:

A "Seed" is an input to an algorithm that creates one or several private keys. It already is kinda in the name: An apple seed is not an apple, it is something that eventually creates apples.

Share this post


Link to post
Share on other sites

It's like a cascade starting from the seed.

Seed -> Private Key -> Public Key

In reverse order, the Public Key is derived from the Private Key which is derived from the Seed.

Example from here https://xrpl.org/cryptographic-keys.html#ed25519-key-derivation:

key-derivation-ed25519.png.d7ee8bccc979c449993668b5f834f2f8.png

I thinks it's important to note that the Seed can be expressed in multiple formats. (See https://xrpl.org/cryptographic-keys.html) In the above diagram the seed would actually be expressed in the hexadecimal format and look like 559EDD35041D3C11F9BBCED912F4DE6A. However, it's still the same seed as the more recognisable sstV9YX8k7yTRzxkRFAHmX7EVqMfX.

I think anyone using the term Secret Key to refer to a seed in sXXXXXXXXXX format should be encouraged to use Secret Seed. Even just using the word Secret would probably be better.

Edited by SimpleXRPTools
Bad Grammar.

Share this post


Link to post
Share on other sites
1 minute ago, Sukrim said:

A "Seed" is an input to an algorithm that creates one or several private keys. It already is kinda in the name: An apple seed is not an apple, it is something that eventually creates apples.

So my follow-up question is: why would a noob user ever need to know about this seed or have access to it? 

Share this post


Link to post
Share on other sites
5 minutes ago, Sukrim said:

Not to turn all newbie-unfriendly, but someone who self-describes as "just a hack and new to programming the XRP Ledger" can have great input about inconsistencies, but to suggest system-wide technical descriptions might be a bit above your expertise.

Yes, that's absolutely right, but this is just a conversation forum, I don't actually have a seat at the table. It'd be nice if there was less confusion around nomenclature.

Share this post


Link to post
Share on other sites
18 minutes ago, PunishmentOfLuxury said:

So my follow-up question is: why would a noob user ever need to know about this seed or have access to it? 

Because that's what you get when you back-up a "wallet" in most clients, except some hardware wallets who use a different key derivation scheme (a different algorithm to get to a private key from some random data) - for example the Ledger hardware wallet with their 12/24(?) random words encoding.

Share this post


Link to post
Share on other sites
21 minutes ago, SimpleXRPTools said:

I think anyone using the term Secret Key to refer to a seed in sXXXXXXXXXX format

Anyone doing this is simply wrong. A Seed is not a "Secret Key". On the other hand, they are not totally wrong, since a "Secret" is not necessarily a "Private Key", only something that you're supposed to keep secret. A user won't know or care if that is an actual private key or if the actual private key gets automatically derived from the Secret within fractions of a second. To them the Seed is indistinguishable from an actual Private Key that is used to sign transactions.

I think the documentation on xrpl.org in the paragraph you quoted (and actually on that whole page) should be changed from "secret key" to "private key", where applicable. "Private key" is the actual technical term, "secret key" isn't.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...