Author

Topic: Deterministic wallet as hash(seed+index) is that OK? (Read 1449 times)

sr. member
Activity: 475
Merit: 252
You just explained how hardened keys work in BIP32.

Yes, you can do this.
legendary
Activity: 1176
Merit: 1011
Would it be OK from a technical and security point of view, to have deterministic wallet like this:

1. Randomly generate one initial secret seed. For argument's sake let's say this has 'enough' entropy.

2. Generate private keys as hashes from this seed + a counter. 'Hash' could be SHA256 or SHA3-256 or a HMAC or preferably some 256-bit KDF.

Other than the disadvantage of not having type 2 determinism (ability to generate subsequent addresses without having to generate their corresponding private keys first), is there anything bad, wrong, or flawed with this approach?
Jump to: