[bitcoin-dev] BIP39 (mnemonic seeds) Unicode normalization compatibility issue

Zach Lym zachlym at indolering.com
Wed May 17 17:01:04 UTC 2017


I am working on a replacement for BIP39 and noticed that the password
section mandates a Unicode normalization pass but does not prohibit
unassigned character points.

I believe that this is problematic as newer drafts of Unicode alter the
output of normalization passes.  So if a user assigned a password using a
wallet that linked to Unicode 9 but input a code point reserved in Unicode
10, updating the wallet to Unicode 10 could incorrectly remap that code
point [0].

Thank you,
-Zach Lym

P.S. The relevant RFC on this subject specifies a different normalization
procedure [1]

[BIP39]: https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki
[0]: http://unicode.org/reports/tr15/#Stabilized_Strings
[1]: https://tools.ietf.org/html/rfc7564
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170517/93410416/attachment.html>


More information about the bitcoin-dev mailing list