"Best Practices" when using BIP 32 master public keys

Envrin

sr. member

Activity: 318

Merit: 251

Quote from: NRF on March 11, 2015, 03:37:58 PM

One last question, and this is more about client/wallet behavior than anything else and I am probably pushing s*@t up hill. Given the master private or master public key can you do something like a Peter Todd proof-of-solvency to gain the value or is it a "loop through keys" job?

Public -> Private is basically impossible, so nothing to worry about there, if someone gets your public key.

Private -> Private is obviously possible though. More than likely they would just loop through the keys.

As a side note, make sure whatever you're using to sign transactions is legit. If you sign your transactions using malicious code that specifies the nonce to use for signing, then yeah, they'll be able to obtain your private key after gathering some signatures from the blockchain.

NRF

sr. member

Activity: 279

Merit: 250

Quote from: dabura667 on March 11, 2015, 07:21:20 AM

NEVER GIVE OUT A SINGLE PRIVATE KEY TO ANY OF THOSE ADDRESSES. (Remember: 1 MPK + 1 private key of an address generated from it = the Master Private Key for that MPK can be calculated.)

Noted, I had been aware but it is good to reiterate.

One last question, and this is more about client/wallet behavior than anything else and I am probably pushing s*@t up hill. Given the master private or master public key can you do something like a Peter Todd proof-of-solvency to gain the value or is it a "loop through keys" job?

dabura667

sr. member

Activity: 475

Merit: 252

Quote from: NRF on March 10, 2015, 07:54:46 PM

1. Assuming I keep control of the master private key and start giving out those addresses have I shot myself in the foot?

2. How many public keys can I generate like this? it seems I can use -s999999999

3. Is there a better way?

1. Assuming you keep a record of which index you gave to whom, I see no problem.

2. 2,147,483,648 keys per MPK (remember, in HD wallets, any pubkey can be turned into an MPK... so basically limitless... but for 1 single MPK, you're limited to a little over 2 billion keys.

3. Depends on exactly what you want to do with the addresses. Giving out for simple payments, fine... just NEVER GIVE OUT A SINGLE PRIVATE KEY TO ANY OF THOSE ADDRESSES. (Remember: 1 MPK + 1 private key of an address generated from it = the Master Private Key for that MPK can be calculated.)

NRF

sr. member

Activity: 279

Merit: 250

I apologize because this question has been asked before quite a few time all over the internet (here too) and there have been a lot of answers. I just want to be sure that I don't shoot myself in the foot.

So, for arguments say lets say I am using pycoin's (https://github.com/richardkiss/pycoin) ky tool and I generate a mpk with "ku create" and get the mpk value. I can the grab 10 keys using like this.

Code:

ku xpub661MyMwAqRbcEp8XttK9d2edcSGdtgB5Jjti3upwRiwGYPMFRBJHLe994uMuyLubJWbhzqUtBtYmGfpjHxVbDCjGPboCg3b5wWNGkxavC3B -a -s0-9
1PN6bChSyBmogR264VxWavnhL7sTE39N4i
1GV7T2qyhTDNq7vWo8vSk5nVj1feSHyUMU
1FG5CaEPPDn29vVpuRUWaFyqSdjVZjyo2t
1CnZXqhYSXXv4wFdj3Ss6YjWAMqDtPFokh
16CthYE7THTWAE5hb7MruRLacMviiA9Ah3
1H8EzkbpD1n5TXqZRSrwVzsnXTckxjyCdh
1J5nceBipnQrK1TzwfqcaEoJ8f2MhAKDA
16c6ZJjQw22QCQeJty8UZZEacWqkpqcp4U
1CXdrSPQK1gq25o7Waohp3dQEwGXTHf4R4
13ts9DzMBDms2A4R2SK7xCcWRFwepf5w7d

I have 3 questions.

1. Assuming I keep control of the master private key and start giving out those addresses have I shot myself in the foot?

2. How many public keys can I generate like this? it seems I can use -s999999999

3. Is there a better way?

Topic: "Best Practices" when using BIP 32 master public keys (Read 1340 times)