Account (re)generation from a mnemonic (proposal #2)
On the first proposal we used a way to store the keytypes on the mnemonic and therefore create a new mnemonic each time a new key type is generated:
+-------------+---------------------------------------+----------+----------+ +----------+
| ver (4bits) | Entropy (192bits) | Keytype1 | KeyType2 | ... | KeyTypeN |
+-------------+---------------------------------------+----------+----------+ +----------+
however, now that we store previous public key fingerprints on the keyresolver, we could also store the keytype along with those fingerprints. That way we can use the original mnemonic and the information from the keyresolver to regenerate all our private keys.
The first time you create an account you can select the keytype. In the current implementation add that keytype to the mnemonic as a first word, that way we will know what key we need to generate if we restore the account. However this is no longer necessary.
Let say we're creating the account test! and we select the keytype ed25519
1.- Tell bm-client to create a new account "test!"
2.- The account "test!" does not exist so we create it
3.- Generate a mnemonic seed and do a KDF to it
4.- Generate the public/private keypair from the result
5.- Upload the public key to the keyresolver
Now the keyresolver will have both the public key AND the keytype so we only need our mnemonic and account name to regenerate the private key:
Now let's say that we are importing our account to a new device or that we are regenerating it and we only have the mnemonic (without the keytype)
1.- Tell bm-client to create a new account "test!"
2.- The account "test!" exists so it asks for the mnemonic
3.- We enter the mnemonic and bm-client will KDF it
4.- Since the keyresolver tell us that the public key is "ed25519" type we generate that type of key from the generated seed
5.- Profit
Now we assume that our key has been compromised or that we want to improve security or something. So we create a new key
1.- We do a KDF to the current seed
2.- Generate a new key from that new seed
3.- Upload the public key to the keyresolver
So the key generation chain will be
master mnemonic seed --> KDF() --> first key
|
+--> KDF() --> second key
|
+--> KDF() --> third key
When, in the future we need to regenerate our new current key we will do as follow:
1.- Generate first key using the first keytype supported
2.- Check if the public key is the current public key, if so go to finish
3.- Check if the public key exists on the keyresolver
4.- If it does not exist, generate the key using the next keytype supported and go to 2
5.- Generate the next key using the first keytype supported
6.- Go to 2
