I’ve experimented with Monero’s V0313experimental firmware that is installed on a traditionally hierarchical deterministic Trezor hardware device, which is also immune to key loggers and the CSRF vulnerability.
For future proof contingency planning purposes, if I could reconstitute traditional *.keys files outside the Trezor, I could sleep a little better. (When a Trezor device is not used, *.keys files exist for each Monero wallet. When a Trezor device is used, private spend keys are vaulted inside Trezor, and thus there is no need for *.keys files.) I’ve already successfully tested recovering a Trezor from BIP 39 seed words using this procedure. But with experimental firmware, that is not enough assurance to satisfy me.
If I knew how V0313 Monero firmware creates a private spend key inside a Trezor device from the 24 BIP 39 seed words provided to a end user during the configuration of a Trezor, I will be able to reconstitute a Monero wallet using traditional Monero key recovery mechanism that uses Electrum seed words, i.e. --restore-determinstic-wallet.
It is also unclear what branch/tag configuration was used to compile the V0313 Monero firmware, evidence from mytrezor is pointing towards a fork of trezor-mcu v1.3.4.
From experimentation, I’m 100% certain that the integer argument supplied to a forked V0313 simple wallet code via the --hardware-wallet argument changes the private spend key. Similarly, providing an arbitrary password beyond a numerical PIN to establish a Trezor session also changes the effective spend key. Hence, the 24 BIP 39 seed words, the --hardware-wallet integer, and the unlocking wallet password all impact the binary representation of a private Monero spend key supported by V0313 Trezor firmware.
The question posed in the title up top is also very important for multi-cryptocurrency wallet developers to know how to develop wallets supporting BIP 39 seed word portability across different implementations. Also, requiring end users to record Electrum seed words for Cryptonote currencies, and a separate BIP 39 word for other altcoins is very undesirable. If multi-currency wallets only have end users record BIP 39 words, it simplifies life for those end users.
There needs to be a Monero Improvement Proposal (MIP) documenting the degree of private key interoperability Monero has with BIP 32/39/44 technologies. Granted, from a HD m/44/128/0 private key, the means to establish a corresponding Monero M/44/128/0 public address key is quite a different beast and BIP 32 technology that can't be applied to derive M/44/128/0. Additionally, associated view keys that can be made deterministic.
Can anyone knowledgeable answer the question posed in the title up top? It is a first step towards developing a MIP and extending BIP 44 to calculate private spend keys.
The answer to this question will require a Monero subject matter expert. If someone tells me that Monero Trezor functionality does not use BIP 39 words, I will puke all over their ignorance!
Harmonization of Electrum seed words and BIP 39 seed words is possible with the application of socialized best practices if one opens their mind a bit... No changes are required on the behalf of how Monero uses Electrum words and no changes are required Bitcoin, and numerous other altcoins.
