Cosmos-sdk: Support for different mnemonic phrase lengths implementation

I would not recommend reducing the number of words (bits of entropy) in Gaia just to simplify Ledger testing.

Now, a suggestion to speed up Ledger testing (related to your rationale):
Please don't do this unless it is for testing/development purposes:

To speed up ledger device configuration for test purposes, I would recommend:

python -m ledgerblue.hostOnboard --apdu --id 0 --prefix "" --passphrase "" --pin 5555 --words "equip will roof matter pink blind book anxiety banner elbow sun young"

For example, this is the mnemonic we use in our integration test.
To enable this command, you need to enter recovery mode by keeping the right button pressed as you plug the device. The command will take a bit of time to run and it will configure the PIN and Mnemonic.

@jleni I see your point, and is very well put. It makes a lot of sense when speaking strictly for the Ledger case.

However, I don't see how this might come in handy if I need to test something that is not ledger related, and I still need to refer to what Cosmos outputs.

Let's say, for example, that we have a side chain that allows users to create accounts, using its wallet, by entering 12 seed phrases because they think that it's faster for the users to type them on a mobile phone or on a desktop environment, and it's harder for them to type the wrong word or misspell one.
How can they test that their wallet is indeed producing the correct addresses if the CLI does not allow for such use cases?

I am surely missing something out from what you are saying, and that's why I don't see how this could be tested without an official reference such the one that the CLI might provide.

Ok, your initial explanation was related to testing Ledger devices, so in that particular case I don't see a reason for a change because it is quite simple to initialize hardware wallets for testing purposes.

With respect to other use cases, I think other people in the team might be able to assess the situation better. Still, in my personal opinion, I prefer to avoid relaxing any security assumptions unless really necessary.

Let's say, for example, that we have a side chain that allows users to create accounts, using its wallet, by entering 12 seed phrases because they think that it's faster for the users to type them on a mobile phone or on a desktop environment, and it's harder for them to type the wrong word or misspell one.

In such case, I'd expect the side chain tooling to provide a specific tool for the task at hand.
I don't think we should loose our security without a sound rationale.

I understood your point of view, and thus I'm closing this issue and the related PR

I'd like to open this issue again as I think that there are legitimate use cases of mnemonic phrases with fewer words.

At a high level I think it should be up to the user to decide their own security requirements with regard to the level of entropy needed to produce the mnemonic phrase.

But in a more practical way I think the SDK would benefit from the ability to share existing wallet infrastructure that uses 12 word mnemonic phrases. This is especially relevant with the updates from Ethermint which now combines the usage of keys from the EVM and the SDK. Since the goal of Ethermint is to enable Ethereum developers access to application specific blockchains it was mandated to support things like metamask, a browser wallet with over 1MM installations. Metamask limits mnemonic phrases to 12 words and therefor it's already difficult to work with an ethermint deployment and metamask out of the box. In order to do so a user has to generate their phrase outside of gaia and then add it with the key recovery command.

Since we're using the bip39 library the mnemonic length is directly related to the length of entropy (link) and the keys client hard codes this at 256 (link). If there were the option to change the length of the entropy it would enable the ability to change the length of the mnemonic phrases with a simple flag in the keys command.

If you decide this can be useful, I can create a PR to implement this

I believe we will have to do this in order for ethermint to use metamask, correct @okwme?

@austinabell thoughts?

Depends how Cosmos' bip44 format aligns with Metamask's (Metamask only allows 12 word mnemonics so can't test quickly if it does). I believe this should allow accounts to be imported more cleanly into metamask to be able to interact with Ethermint.

Right now a key can be imported into Metamask, but it has to be done manually by the actual private key unencrypted and in a hacky way (I could just create a cli command to do this easier, just hasn't been a priority).

So yes, this does add value to Ethermint if the base Cosmos key bip44 path matches the base Metamask key path.

So yes, this does add value to Ethermint if the base Cosmos key bip44 path matches the base Metamask key path.

I am a bit confused. Mnemonics are actually part of BIP39 and derivation paths are BIP32/44 so the number of words should not affect what we are doing wrt BIP44,

I dont see why BIP44 paths would be affected. For completeness, CosmosSDK/Hub is currently using a standard BIP44 path starting with 44'/118'/x'/x/x Does that work for you?

btw, the SDK already allows changing the BIP44 values. The only thing that would be affected in that case would be compatibility with hardware wallets because once reviewed by Ledger, their path is restricted to 44'/118'/... I don't think they would allow a second app using ethereum's path 44'/60'/....

I am a bit confused. Mnemonics are actually part of BIP39 and derivation paths are BIP32/44 so the number of words should not affect what we are doing wrt BIP44,

The issue is that Metamask does not allow 24 word mnemonics

Edit: and I can't check compatibility with this, even if I change the bip44 path

btw, the SDK already allows changing the BIP44 values. The only thing that would be affected in that case would be compatibility with hardware wallets because once reviewed by Ledger, their path is restricted to 44'/118'/... I don't think they would allow a second app using ethereum's path 44'/60'/....

Yeah if this is the case then it can be modified to have the paths match. I was just assuming when a Cosmos key is generated that is the master key, which has a set path. If this path can be configured then compatibility can be assured and in Ethermint I can just set the flag(?) used in the key generation to match Metamask's

IOV's multichain wallet will support Cosmoshub soon and generate BIP39 compatible 12 word mnemonics by default. Externally created longer mnemonics work as well but for the default we don't see a reason to use more than 128 bit of entropy at the cost of convenience.

By the way, when generating a simple list of accounts, would you use m/44'/118'/x'/0/0 or m/44'/118'/0'/0/x? The later is what Metamask does (iterating over the address index).

Normally is the second: m/44'/118'/0'/0/x

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

bump for myself

@okwme I've added the label pinned. You should not need to bump this ever again :+1: