0 sats \ 5 replies \ @025738dda8 18 May \ on: [TECHNICAL] Initial draft of my [personal] summary on part #2 of HD-wallets /ECC bitcoin_beginners
Interesting reading. Well, it's difficult to follow because the natural language is often very inaccurate and it is not always clear what you refer to. But, it looks like a transcript of your mind. And in this sense, good job...
If you don't mind, here are few exercises that might help you in your way:
-
if you know someone's master chain code, is it sufficient to compute any related addresses or private keys?
-
given an xpub and an indexed utxo set, how reasonable is to find all related funds (compute total balance)?
-
which of the following derivation paths do not make sense? xpub/1/0/2, xpub/1/2h/0, xpriv/1h/2h/3, xpriv/4/1/0h, xpub/0h/1h, xpriv/1/2/3
-
what inputs (components) do you need to compute a subkey for a given hardened derivation path (e.g. /0h/2h/1h/0h)?
-
if I give you (any) 2 private keys and a chain code, under what circumstances can you tell me whether are those two private keys related?
-
if I give you my xpub and a related private key (for a public key at derivation path xpub/1/0/2), which funds could you steal from me?
-
if I give you my xpub and a related private key at derivation path xpriv/1h/0/1, where xpriv is unknown to you, what can you steal and/or discover? (xpub is counterpart of the unknown xpriv)
-
is it safe (or how much safe is) to give your xpub to anybody?
"But, it looks like a transcript of your mind. And in this sense, good job..." Spot on!
Man... You're clearly way way ahead of me... I can't answer any of those except maybe:
"if I give you my xpub and a related private key (for a public key at derivation path xpub/1/0/2), which funds could you steal from me?"
I think a malicious actor can acquire the xpriv by working backwards from the xpub + a related private key, potentially stealing all the funds.
"if I give you my xpub and a related private key at derivation path xpriv/1h/0/1, where xpriv is unknown to you, what can you steal and/or discover? (xpub is counterpart of the unknown xpriv)"
Only the "local" funds of that respective key pair?
"is it safe (or how much safe is) to give your xpub to anybody?"
Generally, yes, as long as there are no related private keys leaked.
I'm absolutely at the beginning of this topic, but man!
Could I sway you to help me improve on this part? You seem like a treasure trove. š¤ š„
reply
Man... You're clearly way way ahead of me... I can't answer any of those except maybe:
Yes, you can. At least according to your answers below...
"if I give you my xpub and a related private key (for a public key at derivation path xpub/1/0/2), which funds could you steal from me?"I think a malicious actor can acquire the xpriv by working backwards from the xpub + a related private key, potentially stealing all the funds.
Explain why or show how to do it š.
"if I give you my xpub and a related private key at derivation path xpriv/1h/0/1, where xpriv is unknown to you, what can you steal and/or discover? (xpub is counterpart of the unknown xpriv)"Only the "local" funds of that respective key pair?
š
"is it safe (or how much safe is) to give your xpub to anybody?"Generally, yes,
Well, depends, publishing xpub generally breaks privacy.
as long as there are no related private keys leaked.
...and assuming that no related private key would leak in the future.
I'm absolutely at the beginning of this topic, but man! Could I sway you to help me improve on this part? You seem like a treasure trove. š¤ š„
I believe that these exercises cover the most important parts of bip39 well. If you can answer them with confidence, you understood it enough. If you have a question, just ask...
reply
reply
Hm, alrighty! Besides: how did you manage to quote like that?
This way?
Select text and click reply. It uses '>' character like in emails.