Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CIP1852 - HD Wallets for Cardano #33

Merged
merged 5 commits into from
Dec 10, 2020
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 63 additions & 0 deletions CIP-1852/CIP-1852.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
---
CIP: 1852
Title: HD (Hierarchy for Deterministic) Wallets for Cardano
Authors: Sebastien Guillemot <sebastien@emurgo.io>, Matthias Benkort <matthias.benkort@iohk.io>
Comments-URI: https://forum.cardano.org/t/cip1852-hd-wallets-for-cardano/41740
Status: Draft
Type: Standards
Created: 2019-10-28
License: CC-BY-4.0
---

## Abstract

Cardano extends the [BIP44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki) by adding new chains used for different purposes. This document outlines how key derivation is done and acts as a registry for different chains used by Cardano wallets.

## Terminology

### Derivation style

Cardano does not use [BIP32](https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki) but actually uses [BIP32-Ed25519](https://cardanolaunch.com/assets/Ed25519_BIP.pdf). The `-Ed25519` suffix is often dropped in practice (ex: we say the Byron release of Cardano supports [BIP44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki) but in reality this is BIP44-Ed25519).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://cardanolaunch.com/assets/Ed25519_BIP.pdf is a lost page - do we have a different link we can use?
Should we use https://ieeexplore.ieee.org/document/7966967 ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't know if there's anywhere to get the PDF without having to pay or creating an account. The old website was hosted by the CF I think, so maybe they have the PDF hosted on a different URL now? Maybe it can be uploaded as part of the IOHK library instead?


The Byron implementation of Cardano uses `purpose = 44'` (note: this was already a slight abuse of notation because Cardano implements BIP44-Ed25519 and not standard BIP44).

There are two (incompatible) implementations of BIP32-Ed25519 in Cardano:

1) HD Random (notably used initially in Daedalus)
2) HD Sequential (notably used initially in Icarus)

The difference is explained in more detail in [CIP3](../CIP-0003)

## Motivation

For Cardano, we use a new purpose field `1852'` instead of `44'` like in BIP44. There are three main reasons for this:

1) During the Byron-era, `44'` was used. Since Byron wallets use a different algorithm for generating addresses from public keys, using a different purpose type allows software to easily know which address generation algorithm given just the derivation path (ex: given `m / 44' / 1815' / 0' / 0 / 0`, wallet software would know to handle this as a Byron-era wallet and not a Shelley-era wallet).
2) Using a new purpose helps bring attention to the fact Cardano is using `BIP32-Ed25519` and not standard `BIP32`.
3) Using a new purpose allows us to extend this registry to include more Cardano-specific functionality in the future

`1852` was chosen as it is the year of death of Ada Lovelace (following the fact that the `coin_type` value for Cardano is `1815` for her year of birth)

## Specification

Using `1852'` as the purpose field, we defined the following derivation path

```
m / purpose' / coin_type' / account' / chain / address_index
```

SebastienGllmt marked this conversation as resolved.
Show resolved Hide resolved
Example: `m / 1852' / 1815' / 0' / 0 / 0`

Here, `chain` can be the following

| Name | Value | Description
|----------------|-------|-------------
| External chain | `0` | Same as defined in [BIP44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki)
| Internal chain | `1` | Same as defined in [BIP44](https://github.com/bitcoin/bips/blob/master/bip-0044.mediawiki)
| Staking Key | `2` | See [CIP11](../CIP-0011)

Wallets **MUST** implement this new scheme using the master node derivation algorithm from Icarus with sequential addressing (see [CIP3](../CIP-0003) for more information)

## Copyright

This CIP is licensed under [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode)