I hate being stuck on newbie board 
Don't we all.
Topic: Deterministic wallets (Read 430 times)
ok so i found the way to do it:
when deriving key Ki from (Kpar,cpar) you actually calculate IL and since ki=IL+kpar then you can easily get kpar=ki-IL
I hate being stuck on newbie board
when deriving key Ki from (Kpar,cpar) you actually calculate IL and since ki=IL+kpar then you can easily get kpar=ki-IL
I hate being stuck on newbie board
In BIP 0032 two key derivation functions are introduced. These functions can be used to derive deterministically private keys ki knowing an extended private key denoted (kpar, cpar) and correspondingly public keys Ki from extended public key (Kpar, cpar).
Knowing extended public key it is not possible to generate private keys however this BIP briefly mentions that knowing extended public key (Kpar, cpar) and a derived private key ki (could be at any depth since public keys can be derived to any depth but let's say it's at depth 1) allows recovering private key kpar which is terrible (security-wise).
I tried analyzing how is that possible and i can't see how (isn't the HMAC-SHA512 function supposed to make it impossible to go 'back the chain')?
On a side note how can we teach a random newbie (apart from posting on newbie board) about that security risk before they start using deterministic wallets? (or should we even care?)
Knowing extended public key it is not possible to generate private keys however this BIP briefly mentions that knowing extended public key (Kpar, cpar) and a derived private key ki (could be at any depth since public keys can be derived to any depth but let's say it's at depth 1) allows recovering private key kpar which is terrible (security-wise).
I tried analyzing how is that possible and i can't see how (isn't the HMAC-SHA512 function supposed to make it impossible to go 'back the chain')?
On a side note how can we teach a random newbie (apart from posting on newbie board) about that security risk before they start using deterministic wallets? (or should we even care?)
Jump to: