BIP32 and BIP39 - limitations | Bitcointalksearch.org

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: studyroom1 on April 08, 2023, 04:55:47 AM

1 - Can BIP32 drive every private key of 256 range?

Technically BIP32 can act as a KDF without limit and you can derive as many keys from it as you want but if we are strictly sticking to the standard then there is kind of a hidden limit on the number of keys you can derive using this algorithm which comes from the fact that extended key encoding using Base58 (creating xprv, etc. for main master and child master keys) encodes the key depth as a single byte so it is limited to 256. Each depth uses an index which derives a different key and is a 32-bit unsigned integer ergo it can derive 4,294,967,295 keys. With 256 depth we can only derive a total of 1,099,511,627,520 keys using a single master key. This is far smaller from the number of possible private keys.

Of course we can ignore this limit easily but then it is breaking the standard and the child master keys can not be encoded/decoded using the standard.

odolvlobo

legendary

Activity: 4508

Merit: 3425

Quote from: studyroom1 on April 08, 2023, 04:55:47 AM

1 - Can BIP32 drive every private key of 256 range?

As far as I know, t is assumed that it can, but it has not been proven. And as far as I know, whether it can or not doesn't really matter as long as the number of unique keys generated from a seed is greater than the number of keys being used. (I am not an expert)

Quote from: studyroom1 on April 08, 2023, 04:55:47 AM

what i was getting idea that bip32 is 128 bit and in 256 range this cannot simply drive every address as master or first address of HD wallet. Roll Eyes

BIP-32 generates a sequence of 256-bit numbers. The BIP-39 128-bit entropy value simply defines the starting point of the sequence. Obviously, with a 128-bit source of entropy, not every private key can be the first key in the sequence, but is that important?

Saint-loup

legendary

Activity: 2604

Merit: 2353

Quote from: studyroom1 on April 08, 2023, 04:55:47 AM

I always tried to find this question but was not able to find.

assume total key space in Bitcoin is 2~256

1 - Can BIP32 drive every private key of 256 range?

let say i want to generate address in 248 bit range with BIP32 mnemonic as master address or first address in HD wallet. or in other word can Bip32 drive any address of whole 256 range as a master or first address in HD wallet or not?

what i was getting idea that bip32 is 128 bit and in 256 range this cannot simply drive every address as master or first address of HD wallet. Roll Eyes

and if BIP32 cannot drive such than is bip39 can drive such?

There are more private keys than addresses that can be generated because in order to create an address from a key you need to use RIPEMD-160 which only produces 160bits hash. So finally even if you are only able to generate 2¹⁶⁰ keys, it would be enough if there is no collision in their linked addresses.
https://en.bitcoin.it/wiki/RIPEMD-160
In addition, you can theoretically create any private key from the 2^256 range by flipping a coin 256 times in a row.

studyroom1

jr. member

Activity: 40

Merit: 7

I always tried to find this question but was not able to find.

assume total key space in Bitcoin is 2~256

1 - Can BIP32 drive every private key of 256 range?

let say i want to generate address in 248 bit range with BIP32 mnemonic as master address or first address in HD wallet. or in other word can Bip32 drive any address of whole 256 range as a master or first address in HD wallet or not?

what i was getting idea that bip32 is 128 bit and in 256 range this cannot simply drive every address as master or first address of HD wallet. Roll Eyes

and if BIP32 cannot drive such than is bip39 can drive such?

Topic: BIP32 and BIP39 - limitations (Read 128 times)