From e4556021dbcfb11834b8281677e9437a110844bf Mon Sep 17 00:00:00 2001
From: Aaron Voisine <voisine@gmail.com>
Date: Sat, 12 Apr 2014 00:07:46 -0700
Subject: Update bip-0038.mediawiki

fixed some typos that made the spec inconsistent and confusing to implement
---
 bip-0038.mediawiki | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bip-0038.mediawiki b/bip-0038.mediawiki
index c4d062e..6a81be3 100644
--- a/bip-0038.mediawiki
+++ b/bip-0038.mediawiki
@@ -139,9 +139,9 @@ Steps to create new encrypted private keys given ''intermediate_passphrase_strin
 # Take the first four bytes of SHA256(SHA256(''generatedaddress'')) and call it ''addresshash''.
 # Now we will encrypt ''seedb''.  Derive a second key from ''passpoint'' using scrypt
 #*Parameters: ''passphrase'' is ''passpoint'' provided from the first party (expressed in binary as 33 bytes).  ''salt'' is ''addresshash'' + ''ownerentropy'', n=1024, r=1, p=1, length=64.  The "+" operator is concatenation.
-#*Split the result into two 16-byte halves and call them ''derivedhalf1'' and ''derivedhalf2''.
-# Do AES256Encrypt(seedb[0...15]] xor derivedhalf1[0...15], derivedhalf2), call the 16-byte result ''encryptedpart1''
-# Do AES256Encrypt((encryptedpart1[8...15] + seedb[16...23]) xor derivedhalf1[16...31], derivedhalf2), call the 16-byte result ''encryptedseedb''.  The "+" operator is concatenation.
+#*Split the result into two 32-byte halves and call them ''derivedhalf1'' and ''derivedhalf2''.
+# Do AES256Encrypt(seedb[0...15] xor derivedhalf1[0...15], derivedhalf2), call the 16-byte result ''encryptedpart1''
+# Do AES256Encrypt((encryptedpart1[8...15] + seedb[16...23]) xor derivedhalf1[16...31], derivedhalf2), call the 16-byte result ''encryptedpart2''.  The "+" operator is concatenation.
 
 The encrypted private key is the Base58Check-encoded concatenation of the following, which totals 39 bytes without Base58 checksum:
 * 0x01 0x43 + ''flagbyte'' + ''addresshash'' + ''ownerentropy'' + ''encryptedpart1''[0...7] + ''encryptedpart2''
@@ -163,7 +163,7 @@ A confirmation tool, given a passphrase and a confirmation code, can recalculate
 
 =====Decryption=====
 # Collect encrypted private key and passphrase from user.
-# Derive ''passfactor'' using scrypt with ''ownersalt'' and the user's passphrase and use it to recompute ''passpoint''
+# Derive ''passfactor'' using scrypt with ''ownerentropy'' and the user's passphrase and use it to recompute ''passpoint''
 # Derive decryption key for ''seedb'' using scrypt with ''passpoint'', ''addresshash'', and ''ownersalt''
 # Decrypt ''encryptedpart2'' using AES256Decrypt to yield the last 8 bytes of ''seedb'' and the last 8 bytes of ''encryptedpart1''.
 # Decrypt ''encryptedpart1'' to yield the remainder of ''seedb''.
-- 
cgit v1.2.3