1

I am looking at Luigi's code here. When it comes to encrypting the seed, field 9 on xmr.llcoins.net, there is a comment about various ways that have been implemented for doing this. It mentions the use of Keccak at some point, and then 'CN XOR' and 'CN add'. Which one is the method currently being used in the reference wallet?

Also, contrary to the functions used to deriving the seed and checksum, the code for the slow-hash and slow-hash-worker are quite undecipherable to me (assuming I am looking at the right code).

Could someone help me to understand what is going on and to translate that into python code?

jtgrassie
  • 19,601
  • 4
  • 17
  • 54
user141
  • 3,337
  • 14
  • 34

1 Answers1

1

Which one is the method currently being used in the reference wallet?

The current reference is as follows (and what is commented as the "CN Add" method).

Once you have the seed bytes from the seed words, encryption (encrypt_key) is done by simply adding (scalar addition, sc_add) the hash of the offest passphrase, to the unencrypted seed bytes.

The hash function used is the original CryptoNight slow-hash function (variant 0, height 0).

Decryption (decrypt_key) is simply the reverse, i.e. subtraction (sc_sub) of the hash of the offset passprase from the encrypted seed bytes.

jtgrassie
  • 19,601
  • 4
  • 17
  • 54