๐
Original date posted:2015-03-13
๐ Original message:Hello everyone,
We are working on bitcore-wallet-server (BWS), a HD multisig wallet
'facilitator'. We have a couple of questions regarding BIP32 path usage,
and we would love to have feedback from you before moving forward.
Currently the BWS instances hold the set of extended public keys of the
wallet's peers to be able to derive addresses.
Since this is a problem from the privacy point of view, we thought using
pseudo-random BIP32 paths, with a seed only known be the peers, so the
server will be able to verify that addresses submitted by peers belong to
the wallet, but will not be able to derive future wallet addresses.
The workflow would be something like:
```
Peer > getCurrentIndex
< Server [index]
Peer:
pathSeed = PRNG(seed, index);
Peer > createAddress(index, pathSeed);
Server:
derives the address and add it to the wallet.
< Server new address
Peer: Verifies the address and inform it the user.
```
This way, accessing server data won't reveal future wallet addresses. The
seed (only known by the peers) could
be derived from hashes of their xprivs, so wallet funds can still be
recover with:
1) The complete set of xprivs
2) The quorum of xprivs + the complete set of xpubs + the address seed.
Thanks a lot in advance for any comment on this schema.
matรญas
--
BitPay.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150313/af2f95d0/attachment.html>;
Matias Alejo Garcia [ARCHIVE] /
npub1p6โฆ8etde
2023-06-07 15:31:49
in reply to nevent1qโฆt8xf
Author Public Key
npub1p6uknnmm7wknvg9cq5wqsf7ulpsrdzd6zt6qw707y5t05fuzvfdsx8etdePublished at
2023-06-07 15:31:49Event JSON
{
"id": "d32d503b76b320f6c382294d30bc5c0060a1272c35ff268b70b9f8b0106d969e",
"pubkey": "0eb969cf7bf3ad3620b8051c0827dcf8603689ba12f40779fe2516fa2782625b",
"created_at": 1686151909,
"kind": 1,
"tags": [
[
"e",
"7921da7531460fce56aea5525b2be052cbeea37d43cb58a7b96a9c2f8e13b4bb",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "๐
Original date posted:2015-03-13\n๐ Original message:Hello everyone,\n\nWe are working on bitcore-wallet-server (BWS), a HD multisig wallet\n'facilitator'. We have a couple of questions regarding BIP32 path usage,\nand we would love to have feedback from you before moving forward.\n\nCurrently the BWS instances hold the set of extended public keys of the\nwallet's peers to be able to derive addresses.\n\nSince this is a problem from the privacy point of view, we thought using\npseudo-random BIP32 paths, with a seed only known be the peers, so the\nserver will be able to verify that addresses submitted by peers belong to\nthe wallet, but will not be able to derive future wallet addresses.\n\nThe workflow would be something like:\n\n```\nPeer \u003e getCurrentIndex\n\n\u003c Server [index]\n\nPeer:\n pathSeed = PRNG(seed, index);\n\nPeer \u003e createAddress(index, pathSeed);\n\nServer:\n derives the address and add it to the wallet.\n\n\u003c Server new address\n\nPeer: Verifies the address and inform it the user.\n```\n\nThis way, accessing server data won't reveal future wallet addresses. The\nseed (only known by the peers) could\nbe derived from hashes of their xprivs, so wallet funds can still be\nrecover with:\n 1) The complete set of xprivs\n 2) The quorum of xprivs + the complete set of xpubs + the address seed.\n\nThanks a lot in advance for any comment on this schema.\n\nmatรญas\n\n-- \nBitPay.com\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150313/af2f95d0/attachment.html\u003e",
"sig": "095b34737023b17b9d3fd11cb333dd53a171cffe80b51df378bca5fbef1d9c0616b0700d47b48be8e180bc92b475829122148e630f3b29a70a6864132ab3ed75"
}