Ardor Passphrases and Addresses

Clarification about the relation between them

One of our users was puzzled when seeing this dialog after mistyping his passphrase:

Mistyped Passphrase Warning

“What’s going on?” he asked. I simply mistyped my passphrase, how is it possible that it belongs to an existing account ARDOR-8MWY-GDVZ-8566–59G38?

Where did this account come from? What if this account belongs to another user? Can I just steal the funds in this account?

Tomi, our chief architect, explains what happens:

“This must be something we should better explain in the UI or documentation, but unlike a website login where you need BOTH the username and passphrase to login, (i.e. a passphrase by itself is not very useful unless you know which username it belongs to), in our wallet, the passphrase by itself is already sufficient to login.

In Ardor, the “username”, i.e. the account address, can be calculated in a trivial way from the passphrase. You can even login with the passphrase only, select the key icon from the login page, enter your passphrase instead of account, and that’s it.

So there is no security at all to gain by hiding the Ardor address separately from the passphrase. If anyone has the passphrase, the address to which it belongs can be discovered immediately. Even if we don’t provide a way to do it in the UI, it is a matter of a few simple cryptographic operations that can be run quickly by a standalone program.

This is how most cryptos already work anyway. In Bitcoin and others who
use wallet files, you have a password that unlocks this file, and the
private keys are in it, but the BTC addresses by themselves can be calculated from these private keys (i.e. passphrases). There is no security to gain by storing the BTC or Ardor addresses separately.”

In my words, the message “Incorrect passphrase (belongs to account ARDOR-8MWY-GDVZ-8566–59G38)” really means, “look pal you are asking for trouble, you opened the wallet with one account but the passphrase you provided when submitting the transaction belongs to another account that may not exist. Please check your records and provide the passphrase that matches the logged in account.”

Assuming all Ardor accounts use a passphrase with 128 bit of security or more like the passphrases generated by the wallet, the chance of mistyping a passphrase and hitting an existing account is practically zero (1/2¹²⁸ to be precise which is around one in 3.4 * 10³⁸ attempts)