Pieter Wuille [ARCHIVE] on Nostr: 📅 Original date posted:2014-04-08 📝 Original message:I see the cause of our ...
📅 Original date posted:2014-04-08
📝 Original message:I see the cause of our disagreement now.
You actually want to share a single BIP32 tree across different
currency types, but do it in a way that guarantees that they never use
the same keys.
I would have expected that different chains would use independent
chains, and have serializations encode which chain they belong to.
Let me offer an alternative suggestion, which is compatible with the
original default BIP32 structure:
* You can use one seed across different chains, but the master nodes
are separate.
* To derive the master node from the seed, the key string "Bitcoin
seed" is replaced by something chain-specific.
* Every encoded node (including master nodes) has a chain-specific
serialization magic.
This is in practice almost the same as your suggestion, except that
the m/cointype' in m/cointype'/account'/change/n is replaced by
different masters. The only disadvantage I see is that you do not have
a way to encode the "super master" that is the parent of all
chain-specific masters. You can - and with the same security
properties - encode the seed, though.
--
Pieter
On Tue, Apr 8, 2014 at 3:43 PM, slush <slush at centrum.cz> wrote:
> tl;dr;
>
> It is dangerous to expect that other seed than "xprv" does not contain
> bitcoins or that "xprv" contains only bitcoins, because technically are both
> situations possible. It is still safer to do the lookup; the magic itself is
> ambiguous.
>
> Marek
>
> On Tue, Apr 8, 2014 at 3:40 PM, slush <slush at centrum.cz> wrote:
>>
>>
>> Serialization magic of bip32 seed is in my opinion completely unnecessary.
>> Most of software does not care about it anyway; You can use xprv/xpub pair
>> for main net, testnet, litecoin, dogecoin, whatevercoin.
>>
>> Instead using the same seed (xprv) and then separate the chains *inside*
>> the bip32 path seems more useful to me.
>>
>> Marek
>
>
Published at
2023-06-07 15:17:50Event JSON
{
"id": "b7c952f9bf67fe5aa3411a635d174bbc097dd3d0673adb67ed4da88c5ff3ff3c",
"pubkey": "5cb21bf5d7f25a9d46879713cbd32433bbc10e40ef813a3c28fe7355f49854d6",
"created_at": 1686151070,
"kind": 1,
"tags": [
[
"e",
"3d6a81230db6ab232d8356d3ea7e609f18aff1b8f11502ea70755e81b0de88f9",
"",
"root"
],
[
"e",
"9c89d81cfdba379ef3917155d52c8aeb1569822af63d509f346403acf69f4420",
"",
"reply"
],
[
"p",
"eb7ca795057ca7cabde6f541c741e661d013414934e5934c2e04c6677625c99a"
]
],
"content": "📅 Original date posted:2014-04-08\n📝 Original message:I see the cause of our disagreement now.\n\nYou actually want to share a single BIP32 tree across different\ncurrency types, but do it in a way that guarantees that they never use\nthe same keys.\n\nI would have expected that different chains would use independent\nchains, and have serializations encode which chain they belong to.\n\nLet me offer an alternative suggestion, which is compatible with the\noriginal default BIP32 structure:\n* You can use one seed across different chains, but the master nodes\nare separate.\n* To derive the master node from the seed, the key string \"Bitcoin\nseed\" is replaced by something chain-specific.\n* Every encoded node (including master nodes) has a chain-specific\nserialization magic.\n\nThis is in practice almost the same as your suggestion, except that\nthe m/cointype' in m/cointype'/account'/change/n is replaced by\ndifferent masters. The only disadvantage I see is that you do not have\na way to encode the \"super master\" that is the parent of all\nchain-specific masters. You can - and with the same security\nproperties - encode the seed, though.\n\n-- \nPieter\n\n\nOn Tue, Apr 8, 2014 at 3:43 PM, slush \u003cslush at centrum.cz\u003e wrote:\n\u003e tl;dr;\n\u003e\n\u003e It is dangerous to expect that other seed than \"xprv\" does not contain\n\u003e bitcoins or that \"xprv\" contains only bitcoins, because technically are both\n\u003e situations possible. It is still safer to do the lookup; the magic itself is\n\u003e ambiguous.\n\u003e\n\u003e Marek\n\u003e\n\u003e On Tue, Apr 8, 2014 at 3:40 PM, slush \u003cslush at centrum.cz\u003e wrote:\n\u003e\u003e\n\u003e\u003e\n\u003e\u003e Serialization magic of bip32 seed is in my opinion completely unnecessary.\n\u003e\u003e Most of software does not care about it anyway; You can use xprv/xpub pair\n\u003e\u003e for main net, testnet, litecoin, dogecoin, whatevercoin.\n\u003e\u003e\n\u003e\u003e Instead using the same seed (xprv) and then separate the chains *inside*\n\u003e\u003e the bip32 path seems more useful to me.\n\u003e\u003e\n\u003e\u003e Marek\n\u003e\n\u003e",
"sig": "2f2d3b33b431e78b5507c722c38ef25f0fdeed68b29ecaf31c437739d39d3692282d36714229c844024f1ebc254f2e80aabd72c743e927694179f88c8c45c305"
}